The week your regulators started talking about patching speed

Here's a small exercise. Think about the last time your bank patched a critical vulnerability — not a zero-day emergency, just a routine critical CVE. How long did it take from identification to remediation? Two weeks? Six weeks? If you're honest and you're running a mid-market estate with some legacy core systems, it might be closer to eight.

Now hold that number in your head while I tell you what happened this week.

On 15 May, the Bank of England, FCA and HM Treasury issued a joint statement telling all regulated firms to take "active steps" to mitigate cybersecurity risks from frontier AI models. It's an unusual tri-authority statement — I can't recall the three bodies co-signing on a single operational threat like this before. The language is worth reading carefully. It says that AI cyber capabilities are "already exceeding what a skilled practitioner could achieve." Not might. Not could. Already exceeding.

The statement names five domains where boards need to act: governance and strategy, vulnerability identification, third-party risk, protection, and response and recovery. It also says boards must have "sufficient understanding of frontier AI risks" — which is a higher bar than it sounds when the technology is moving this fast.

This is a regulatory statement, so the instinct is to file it under "compliance will handle it." I'd push back on that. The reason this matters to heads of credit and CFOs — not just CISOs — is that the operational response it demands is fundamentally a data and process problem.

Three days before the UK statement, Reuters reported that US banks with access to Anthropic's Mythos model had been discovering hundreds to thousands of vulnerabilities in their IT estates, and were patching "at speeds never previously contemplated." The next day, ECB Vice-Chair Elderson warned euro-area banks that "lack of access is not an excuse for inaction."

What makes Mythos different from a regular vulnerability scanner isn't that it finds more individual flaws. It's that it chains together low-severity vulnerabilities into high-severity exploit paths — the kind of thing a human penetration tester might find if they had six months and perfect memory, but which automated scanners typically miss because they assess each flaw in isolation.

If an attacker with access to a model like this can find chained exploit paths in hours, and your patching cycle runs in weeks, you have a timing problem that no amount of governance documentation fixes.

Large banks have dedicated vulnerability management teams, automated patching pipelines, and — in the US at least — access to frontier models for defensive scanning. Mid-market banks mostly don't. The typical setup I've seen is a quarterly vulnerability scan, a spreadsheet-based remediation tracker, and a patching process that depends on change-advisory-board meetings that happen twice a month.

That was adequate when the threat model was a human attacker working manually. It isn't adequate when the threat model is a model that can probe your entire external attack surface in an afternoon.

I'm not saying mid-market banks need to go buy a frontier AI model. That's not realistic and it's not what the regulators are asking for. What the joint statement actually asks for is that firms can identify vulnerabilities faster, prioritise them by exploitability rather than just CVSS score, and remediate the critical ones without waiting for the next scheduled change window.

That's not an AI problem. It's a plumbing problem. It's about whether your asset inventory is accurate enough to know what's exposed, and whether your vulnerability data feeds into a prioritisation model that accounts for chaining. It's also about whether your change process allows emergency patches outside the normal cycle.

In the environments I've worked in, the gap has been anywhere from 10% to 20% — shadow infrastructure, forgotten test environments, acquired-company systems that never got integrated. That gap is exactly where chained exploits live.

I keep coming back to this because it's the thread that connects everything I write about. The regulators are framing this as an AI risk issue. The CISOs are framing it as a security issue. But underneath, it's the same problem I've written about with counterparty hierarchies and loan-book classification: your downstream decisions are only as good as the data underneath them.

If your asset inventory is incomplete, your vulnerability scans miss things. If your vulnerability data isn't prioritised by exploitability, your patching team wastes cycles on low-risk items while high-risk chains sit open. If your change process can't move faster than fortnightly, it doesn't matter how good your scanning is.

I'll say something that might annoy a few infrastructure teams: most banks' asset inventories are a fiction maintained by convention. Everyone knows the spreadsheet doesn't match reality. Nobody wants to be the person who reconciles it, because reconciling it means admitting the number you've been reporting to the board was wrong. So the fiction persists — until something like this week's statement makes the cost of the fiction visible.

None of this requires frontier AI to fix. It requires the same unglamorous work that most data problems require: reconciling two lists that should match and don't, building a process to keep them aligned, and giving someone the authority to act on the output without waiting for a committee.

This week, ask your CISO or head of IT one question: how many externally-facing assets do we have, and when was the last time that number was reconciled against the actual estate? If the answer involves the word "approximately" or a reference to a spreadsheet last updated in 2024, you've found the gap that the joint statement is really about. It's not glamorous. It's the thing that matters.

— Aksel

The Analytical Banker is a weekly note on data, analytics, and AI inside corporate banking — written for finance leaders who actually have to make this stuff work. Reply to this email if something here resonates, or forward it to a colleague who'd benefit.