Jump to main content Go to search page

The European Systemic Risk Board (ESRB) warns against frontier AI models

News

The ESRB warns that frontier AI models have increased systemic risks and challenge the resilience of the financial system. Norges Bank and Finanstilsynet support the warning.

Advanced language models increase the risk of cyberattacks

New advanced AI models, often referred to as Frontier AI Models (FAIMs), have a significant capacity to identify and exploit weaknesses in operating systems and software, which are central to the current ICT infrastructure and financial systems.  

In a press release, the ESRB states: 

  • Frontier AI models are changing the cyber threat landscape for the EU financial system.
  • The models may increase speed, scale and sophistication of cyberattacks.
  • Relevant authorities should reflect these risks in supervisory and oversight work. 

The ESRB highlights that the frontier AI models are likely to strengthen cyber resilience in the long term. In the short term, however, they may provide an advantage to threat actors, enabling them to discover vulnerabilities with increased speed.

The threat landscape also affects the Norwegian financial system

Norges Bank and Finanstilsynet support the warning from the ESRB. New technology and artificial intelligence-based solutions can be used in institutions' defence against cyber threats but also in malicious attacks. 

Rapid technological developments place high demands on institutions' digital defences, requiring them to maintain up-to-date systems and sufficient capacity to develop and implement a large number of patches and security updates. Norwegian financial institutions must closely monitor developments in the cyber threat landscape and ensure effective governance and control of both their own solutions and ICT operations that are fully or partly outsourced to third parties.

Norges Bank and Finanstilsynet follow up institutions' preparedness against malicious cyberattacks in their ongoing oversight and supervisory work within their respective areas of responsibility.

ESRB's press release

  • Frontier AI models could strain cyber resilience in the financial system

Other relevant information

  • Earlier this year, the Norwegian National Security Authority (NSM) provided guidance on how institutions need to be proactive in their efforts to reduce the risk of cyber operations.
    • News item from NSM 12 May 2026  (in Norwegian only)
  • Finanstilsynet has addressed this risk in:
    • The Risk and Vulnerability Analysis for 2026, published on 4 May 2026  and in
    • Risk Outlook, published on 12 June 2026
  • Norges Bank has addressed this risk in the Financial Infrastructure Report 2026, published on 10 June 2026

  • Finance Norway has issued advice to the industry on how to address new AI developments, published on 24 April 2026 - Finance Norway offers advice on how to address new AI developments (in Norwegian only)

About the ESRB

The ESRB is responsible for the macro-prudential oversight of the European financial system to contribute to the prevention and mitigation of systemic risk.  Both Norges Bank and Finanstilsynet are Norwegian ESRB participants. 

To the top of the page expand_less
To the top of the page expand_less