Bank of England Warns of Escalating AI, Cyber & Market Risk

Financial institutions have long weighed technological innovation against operational risk.
The tension between adoption and security has become more pronounced as artificial intelligence systems expand across trading floors and payment networks.
The Bank of England (BoE) has flagged AI as a threat to financial stability in its latest assessment.
According to the central bank, heavy investment in AI technology has created new attack surfaces for cyber threats.
The warning comes as banks integrate machine learning models into critical infrastructure.
The BoE's half-yearly review identifies multiple risk factors beyond cybersecurity. These include elevated share valuations, sovereign debt levels and lending practices in private credit markets.
However, the report notes that cyber vulnerabilities linked to AI deployment have intensified since the previous assessment.
The central bank warns that the probability of simultaneous exploitation across multiple vulnerabilities has risen.
According to the report, these converging pressures could amplify their collective impact on system stability.
AI investment creates exposure
The current market capitalisation of AI companies rests on earnings projections that carry substantial uncertainty.
Companies such as NVIDIA have experienced rapid share price appreciation as demand for AI infrastructure has grown. This concentration in technology stocks has altered risk profiles across major indices.
The velocity of capital deployment into AI infrastructure has reached levels without historical precedent.
A shift in investor confidence could trigger price corrections across these holdings.
"A reassessment of these prospects could trigger a fall in equity prices that might be amplified by high concentration, correlated momentum-driven positions that can exacerbate volatility as markets fall, and increased leverage," the BoE says.
Debt opacity complicates risk assessment
Corporate borrowing by technology infrastructure providers has accelerated as companies race to build AI capabilities.
The BoE highlights risks from complex debt arrangements that lack transparency.
Hedge funds and other investors have borrowed to finance equity purchases in AI firms while the companies themselves have taken on debt to fund expansion.
This layered leverage creates what the report describes as "increasing complexity and opacity in debt structures".
A lack of visibility into these obligations could worsen financial instability during a crisis.
"Considerations around the future earnings potential for AI-related companies will also be relevant to the sustainability of these companies' debt," the BoE adds.
If revenue projections fail to materialise, debt servicing could become unsustainable.
The Financial Policy Committee (FPC) concluded that the UK financial system has maintained resilience. However, the committee noted that new vulnerabilities require continuous assessment of defensive posture.
Advanced models enable attack scale
Regulatory bodies have intensified scrutiny of operational risks from advanced AI systems. These range from frontier models such as Anthropic's Mythos to autonomous agent architectures that operate with minimal human oversight.
Advanced AI models are 'increasingly capable' of conducting cyberattacks at scale, according to the BoE. The report attributes this to 'rapid progress' in AI capabilities since December.
This represents what the central bank terms a 'significant increase' in risks to financial stability.
The development requires firms and regulators to reassess whether existing defences at critical technology providers remain adequate. The BoE notes uncertainty over whether AI capabilities favour attackers or defenders.
However, the technology will likely necessitate more frequent software updates, which themselves introduce operational disruption risks.
Autonomous systems can identify vulnerabilities and execute exploits faster than human-operated attacks. The speed advantage compresses incident response windows for security teams. Detection systems built on traditional behaviour baselines may struggle to identify AI-generated attack patterns.
The report questions whether current resilience frameworks account for threats from systems that learn and adapt during operations. Financial institutions must defend against adversaries that can refine tactics in real time based on defensive responses.
Regulatory frameworks face adaptation pressure
The emergence of autonomous technologies has prompted calls for new regulatory structures from central bank leadership.
Sarah Breeden, BoE Deputy Governor, has signalled the need for AI-specific regulation to address risks from agentic systems.
"Our frameworks were not built to contemplate autonomous agents and relying on a human in the loop for all agent actions is unlikely to be realistic," Sarah says.
The FPC questioned assumptions about AI's economic benefits, noting uncertainty over productivity gains.
It remains unclear whether organisations can generate sustainable returns from AI applications.
However, the committee acknowledges that AI could support productivity growth across multiple sectors.
The technology has already contributed to economic expansion in some regions. The challenge for cybersecurity teams lies in securing systems whose business value remains unproven while threat actors actively exploit their vulnerabilities.
- IBM & Red Hat: How Lightwell Can Lock Up AI-Era Open SourceTechnology & AI
- Cisco Research Stresses AI's Enterprise Networking ChallengeNetwork Security
- AI Skill Gaps: Palo Alto Networks CEO Warns of ShortageCyber Security
- Bear Necessities: Google on The Russian Sphere of InfluenceCyber Security





