Regulators across Asia are stepping up scrutiny of cybersecurity risks in their financial systems, as concerns over Anthropic’s latest AI model Mythos spread.

Singapore’s financial regulator is urging banks to plug holes, while South Korea’s government agencies have met to review and discuss how to respond to the risks.

In Australia, authorities expect lenders to be vigilant to ensure clients are not put at risk by inadequate controls.

The actions around the region reflect rising global concern over Mythos as regulators discuss with financial firms how they are handling the cybersecurity risks raised by the model, which has so far been given only a limited release.

Anthropic held back a wider release after finding the model was capable of discovering security holes that had gone undetected for years, fuelling alarm about a potential new era of cybersecurity attacks.

In South Korea, the financial regulator last week convened an emergency meeting with relevant industry organisations to discuss issues related to Mythos, according to people familiar with the matter.

The talks focused on exchanging current knowledge on security levels related to Mythos and how to respond to such circumstances to ensure system stability, the people said, asking not to be identified discussing confidential matters.

As there was still a lot of uncertainty, the discussion focused on understanding the current situation, they said.

A special committee on security and relevant authorities in South Korea also met last week to take stock of the rapid changes that are fundamentally transforming the cybersecurity landscape, with suggestions including setting up an AI-based real-time defence system.

We have entered an era where AI, not humans, holds the initiative in hacking

Lee Won-tae, Special Committee on Security chairman

“We have entered an era where AI, not humans, holds the initiative in hacking,” said Lee Won-tae, Chairman of the Special Committee on Security in the country.

“It is clear that if we fail to adapt all our existing security policies to the pace of technological evolution, security will ultimately become an obstacle to the AI transformation and our leap towards becoming an AI powerhouse.”

Meanwhile, the Australian Securities & Investments Commission said that while new technologies could have benefits, they had also led to cyber risks escalating in both scale and sophistication. It expects financial services licensees to be “on the front foot every day” on having sufficient safeguards.

The securities watchdog said it was engaging closely with other regulators, government agencies and the financial sector to understand and respond to changing technologies, similar to the approach being taken by the country’s prudential regulator.

Elsewhere, the Monetary Authority of Singapore is coordinating with the country’s cybersecurity agency to strengthen defences at critical infrastructure operators, including banks.

“Financial institutions need to redouble efforts to strengthen their security defences, proactively identify and close vulnerabilities, and raise vigilance on cyber hygiene, including timely security patching,” it said, adding that advances in artificial intelligence would “accelerate the discovery and exploitation of software vulnerabilities in IT systems”.

The country’s Cyber Security Agency published an advisory on Wednesday warning of similar risks, without naming Mythos directly.

US Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened an urgent meeting with Wall Street bank leaders this month to discuss the risks and precautions the firms are taking to defend their systems.

JPMorgan Chase Chief Executive Officer Jamie Dimon, whose firm is testing Mythos, said on a recent earnings call that AI had made cyber risks worse, though it also offered better ways to boost defences.