Oakes: AI accelerates cyber threats to financial resilience

Liz Oakes, a member of the Bank of England's Financial Policy Committee (FPC), addressed the growing threat of operational incidents and cyberattacks to vital financial services.

She noted that the National Cyber Security Centre reported over 200 nationally significant cyber incidents in 2025, a substantial increase from 89 in 2024.

Oakes highlighted that AI could accelerate these trends, both positively by helping identify weaknesses and negatively by enhancing malicious actors' capabilities.

Recent advancements in frontier AI models, such as Mythos and GPT-5.5, illustrate this duality, potentially reducing the cost and increasing the speed of cyberattacks.

Oakes stated that "what was judged to be resilient today might not be resilient tomorrow," emphasizing the need for continuous improvement and testing of resilience.

The FPC is closely monitoring these profound technological transformations and their impact on the UK financial system.

Oakes outlined the FPC's evolving approach to financial stability, initially focusing on banking system capital resilience after the Global Financial Crisis.

The variety of shocks the system needs to withstand has broadened, particularly with the increased importance of non-bank financial institutions (NBFIs), leading to actions like the System-Wide Exploratory Scenario (SWES).

The focus has now significantly expanded to operational resilience, driven by the increasing frequency and systemic implications of operational incidents.

These can transmit risks through operational and financial contagion, and loss of confidence, potentially impacting systemically important institutions and causing liquidity stress.