European Central Bank Banking Supervision is conducting its Anthropic Mythos cyber-risk canvass through routine Joint Supervisory Team letters rather than the ad-hoc CEO meeting the U.S. Treasury and Federal Reserve convened April 7. [1] The paper's Monday feature on the ECB dialogue argued the supervisory track was a separate conversation from the rate-limit debate — today's confirmation is that the ECB has chosen the slowest possible route inside that track.

Reuters reported April 15 that ECB supervisors were gathering information about the model with a view to asking banks about their preparedness, and that unlike in the U.S. "this effort will be carried out via the ECB's regular dialogue with bank staff and no ad-hoc meetings with CEOs are planned." [1] Bloomberg followed April 16 with confirmation that chief risk officers — not CEOs — would join a group call later in the week. [2] ResultSense's aggregation placed the ECB alongside the Fed, Bank of England, NCSC, and Canadian finance ministry officials in the fastest cross-jurisdictional response to a foundation model in regulatory history. [3]

In Frankfurt, Reuters reported April 16, the German Banking Association is consulting Bundesbank and BaFin cyber experts. BaFin said in a statement: "Financial firms must be prepared for the possibility that vulnerabilities could be discovered in the near future, which would then need to be addressed promptly and quickly." [4]

The 2026-28 SSM supervisory priorities published in December already listed technology and generative-AI risk as a top concern. The Mythos letters attach to an existing workstream; no emergency standing committee was convened. The question this week is whether any eurozone lender publicly discloses receipt of a JST letter, or whether the channel stays quiet — as European supervisory channels usually do.

-- HENDRIK VAN DER BERG, Brussels