A senior European Central Bank policymaker has called for a fresh look at the resilience of Europe's financial plumbing, arguing that the latest wave of artificial intelligence has changed the threat model supervisors must defend against.
Speaking at an event in Tarragona on Saturday, ECB Governing Council member José Luis Escrivá — who also serves as governor of the Bank of Spain — said that "recent developments in artificial intelligence force us to reassess the robustness of our financial infrastructure and our cybersecurity," according to Bloomberg.
A direct response to a faster threat curve
Escrivá's remarks landed at a sensitive moment. The ECB has spent much of the past year sketching out how it intends to supervise generative AI in banking. Within its 2026–28 supervisory priorities, operational resilience and ICT capabilities sit at the heart of the agenda, with a sharper focus on generative AI applications. What Escrivá added on Saturday was urgency: the question is no longer whether banks should map AI risk, but whether the underlying market infrastructure can absorb a step-change in adversarial capability.
Regulators have been particularly rattled by powerful frontier models that have not been broadly released. Anthropic's Mythos model — which the company has described as far ahead of peers on cybersecurity — has been distributed only to a tightly approved set of organizations. That restriction has done little to calm European supervisors, who reportedly worry that defenders on the continent could be operating with materially less capable tools than the attackers they anticipate.
Sovereignty, stablecoins, and the central bank's role
Escrivá used the speech to draw a second line in the sand: against private stablecoins. Their reliability, he argued, rests on confidence in the assets behind them, and central banks alone carry the institutional credibility to anchor a payments system. That message echoes ECB President Christine Lagarde's recent warnings that dollar-pegged stablecoins risk eroding monetary sovereignty in the euro area and pulling cross-border flows outside the regulated banking perimeter.
The two concerns are connected. AI-driven fraud and intrusion raise the bar for any payments rail, but particularly for instruments that lack a lender of last resort. If models can probe and impersonate at machine speed, the cost of weak operational backstops compounds quickly.
What European banks should expect
The practical takeaway for supervised institutions is a tighter loop on AI risk. Expect more pointed stress testing of incident response, greater scrutiny of third-party AI tools embedded in core processes, and continued pressure to demonstrate that critical financial infrastructure can withstand attacks generated or accelerated by frontier models. European policymakers also remain sensitive to the access gap with the United States, where supervisors have built early relationships with leading AI labs through programs such as CAISI.
Escrivá did not announce a specific new regime. But the message — delivered against the backdrop of Mythos and a busy stablecoin debate — is that the speed of AI progress is now an explicit input into how the ECB thinks about systemic resilience.
