UK banking regulators have moved cyber security to the very top of the risk agenda, warning that vulnerabilities in lenders’ IT systems are no longer a background operational issue but a strategic threat—one that is increasingly amplified by the way attackers now use artificial intelligence.
In remarks attributed to Sam Woods, the outgoing chief of the Prudential Regulation Authority (PRA), the regulator said it is “very concerned” about weaknesses across banks’ technology stacks. The message is striking not only because of its clarity, but because it explicitly connects traditional cyber risk—patching gaps, misconfigurations, legacy systems, and fragile controls—to a broader threat environment in which AI-enabled techniques are changing the speed, scale, and sophistication of attacks.
For banks, the implication is that cyber resilience can’t be treated as a compliance checkbox or a narrow IT function. It has to be treated like capital and liquidity: something that must be continuously managed, stress-tested, and governed at senior levels. And for supervisors, it signals that cyber will increasingly be assessed through the lens of prudential impact—how a breach could disrupt critical services, damage customer trust, undermine financial stability, or force costly remediation under time pressure.
A regulator’s concern is rarely abstract. When a senior PRA figure highlights vulnerabilities in lenders’ IT systems, it typically reflects patterns the regulator has observed across firms: uneven maturity in security engineering, inconsistent vulnerability management, gaps in third-party risk controls, and the persistent challenge of maintaining secure operations across complex hybrid environments. Banks are not just defending networks; they are operating ecosystems—cloud platforms, vendor-managed services, internal developer tooling, identity systems, payment rails, data pipelines, and increasingly, AI-driven workflows. Each layer expands the attack surface.
What makes this warning feel different is the explicit reference to AI-enabled cyber risk. Attackers have long used automation, but AI changes the economics. It can reduce the cost of reconnaissance, improve the quality of phishing and social engineering, accelerate malware development and adaptation, and help adversaries find the most effective path into an organization. Even when the underlying vulnerabilities are familiar, the route to exploitation can become more efficient—and therefore more dangerous.
Consider what “AI-enabled” means in practice. It doesn’t necessarily imply a Hollywood-style autonomous hacker. More often, it means attackers can generate convincing language at scale, tailor messages to specific roles, and rapidly iterate on payloads based on feedback. It can also mean better targeting: identifying which employees are likely to respond, which systems are likely to be exposed, and which business processes are most valuable to disrupt. In a banking context, that translates into higher probability of successful intrusion attempts and faster escalation from initial access to meaningful impact.
The PRA’s framing suggests that regulators see this as a compounding factor. A bank with strong baseline controls may still face novel threats, but a bank with known vulnerabilities—unpatched software, weak segmentation, insufficient monitoring, or brittle identity controls—faces a much steeper risk curve when attackers can probe and exploit more effectively. In other words, AI doesn’t replace cyber fundamentals; it intensifies the consequences of failing to keep fundamentals current.
Why “top of the list” matters for banks
Cyber security has been a priority for years, but “top of the list” is a signal about supervisory intensity. When regulators elevate a theme to the highest tier, it tends to change how firms allocate resources and how supervisors evaluate progress. It can mean more scrutiny of governance arrangements, more targeted questions during supervisory engagement, and potentially more formal expectations around remediation timelines and control effectiveness.
Banks should also read this as a reminder that cyber risk is not static. Threat actors evolve, technology changes, and business models shift. A lender that modernizes its digital channels, adopts new cloud services, integrates third-party fintech capabilities, or deploys AI tools internally may inadvertently introduce new pathways for compromise. Even if the bank’s core infrastructure remains stable, the surrounding ecosystem can create new vulnerabilities—especially where security testing and monitoring lag behind product delivery.
This is where the PRA’s emphasis on IT vulnerabilities becomes important. Vulnerabilities are not just technical flaws; they are indicators of process health. How quickly a firm identifies issues, prioritizes them, validates fixes, and verifies that controls work in production is often more telling than the existence of any single vulnerability. A mature program treats vulnerability management as a continuous pipeline rather than a periodic project.
The unique challenge for banks: complexity as a security multiplier
Banking IT environments are notoriously complex. They combine legacy systems with modern platforms, integrate multiple vendors, and operate under strict availability requirements. That complexity creates friction for security teams: patching can be slower, testing windows are constrained, and changes can have downstream effects on payments, customer onboarding, risk engines, and reporting.
At the same time, attackers don’t need to break everything. They only need one foothold. Once inside, they can move laterally, escalate privileges, exfiltrate data, or disrupt services. Complexity increases the number of places where an attacker can hide and the number of dependencies that can fail silently.
This is why the PRA’s concern about vulnerabilities should be understood as a concern about systemic exposure. If a bank’s IT estate contains unaddressed weaknesses across multiple layers—endpoints, servers, identity systems, application interfaces, network paths, and third-party integrations—then the probability of compromise rises. And if the threat landscape is becoming more AI-assisted, that probability rises further.
AI-enabled threats also change the defender’s workload. Security teams must sift through more alerts, distinguish genuine incidents from noise, and respond to threats that adapt quickly. Traditional detection approaches can struggle when attackers vary tactics, techniques, and procedures. That doesn’t mean defenders should abandon conventional controls; it means they need stronger visibility, better telemetry, and more disciplined incident response.
The governance gap: who owns cyber risk?
One of the most persistent problems in cyber programs is unclear ownership. Many banks have security teams with deep technical expertise, but cyber risk ultimately affects the entire organization. If governance is fragmented—if business units treat security as an obstacle, if IT treats it as a separate function, if procurement treats it as a vendor requirement rather than an ongoing obligation—then vulnerabilities accumulate.
Regulators tend to focus on whether cyber risk is integrated into enterprise risk management. That includes board-level oversight, clear accountability for remediation, and the ability to demonstrate that controls are effective—not just that policies exist.
The PRA’s statement, by linking cyber vulnerabilities to the wider threat environment, implicitly raises the question of whether banks are managing cyber risk as a living risk profile. Are they updating their risk assessments as threats evolve? Are they stress-testing their defenses against plausible scenarios? Are they measuring whether controls reduce real-world risk, or merely whether they meet internal checklists?
A unique angle here is the “prudential” framing. Cyber incidents can trigger financial and operational consequences: fraud losses, regulatory reporting impacts, customer compensation costs, downtime, reputational damage, and expensive remediation. In severe cases, cyber events can affect capital planning and liquidity management. Regulators therefore have a reason to treat cyber as a prudential concern, not just an IT concern.
Third parties and supply chain: the hidden vulnerability surface
Even when a bank’s internal systems are well managed, third parties can introduce risk. Cloud service providers, managed security vendors, software suppliers, and outsourced operations all become part of the bank’s threat model. Vulnerabilities in third-party components can propagate into the bank’s environment, sometimes without the bank having full visibility into patching schedules or configuration details.
AI-enabled threats can exploit this too. Attackers can target weaker links in the supply chain, use stolen credentials, or compromise vendor systems to reach multiple customers. For banks, this means that vulnerability management can’t stop at the perimeter. It must extend to dependencies, integrations, and contractual obligations.
The PRA’s emphasis on IT vulnerabilities suggests that regulators expect banks to understand their technology inventory and dependency graph well enough to assess exposure. That includes knowing what runs where, which systems are critical, which vendors provide which capabilities, and how quickly the bank can respond when a vulnerability is discovered.
Resilience over perfection: what “good” looks like
It’s tempting to interpret a regulator’s warning as a demand for perfect security. But in reality, no organization can eliminate all vulnerabilities. The more realistic standard is resilience: the ability to prevent compromise where possible, detect it quickly, contain it effectively, and recover with minimal harm.
Resilience requires several capabilities working together:
1) Strong identity and access management, including multi-factor authentication and least-privilege controls.
2) Continuous vulnerability discovery and prioritization, tied to asset criticality.
3) Secure configuration management and hardening practices that reduce the likelihood of exploitation.
4) Monitoring and detection with sufficient telemetry to identify suspicious behavior early.
5) Incident response readiness, including rehearsed playbooks and clear decision-making authority.
6) Recovery planning that ensures critical services can be restored quickly, with integrity preserved.
When regulators highlight vulnerabilities, they are often pointing to weaknesses in one or more of these areas. For example, a bank might have good detection but poor patching discipline. Or it might patch quickly but lack segmentation, allowing lateral movement. Or it might have strong endpoint security but weak identity controls, enabling credential-based attacks.
AI-enabled threats raise the bar for each of these capabilities. Detection must handle more sophisticated social engineering and faster attacker iteration. Response must be faster because attackers can adapt quickly. Recovery must be robust because ransomware and data theft campaigns can be timed to maximize disruption.
The human factor: AI makes social engineering scalable
One of the most immediate ways AI affects cyber risk is through social engineering. Phishing emails, voice scams, and impersonation attempts can be generated and tailored at scale. That means banks face a higher volume of convincing attempts, and employees may be targeted with messages that appear more relevant than ever.
This doesn’t mean training alone is enough. Training helps, but it can’t compensate for weak controls. The best defense combines user awareness with technical safeguards: email security filtering, domain protection, strict verification processes for sensitive actions, and strong authentication. Regulators are likely