Share this
by Jed Taylor, guest contributor
Cybercriminals are already using AI to target financial institutions. Learn why delaying AI adoption no longer eliminates risk and how banks and credit unions can use AI-driven security tools to strengthen their defenses.
You thought you made a rational decision to delay AI deployments at your bank or credit union. AI is moving too fast, the vendors are ever-changing, the regulation is thin, and the use cases are still murky for an institution your size. So you slowed down and decided to wait for things to settle before making any real AI moves.
Delaying AI seemed like a sensible decision. Unfortunately, your decision to delay AI didn't stop cyber criminals from using AI to target your consumers and attack your institution's cybersecurity.
That means, even if you decided to delay your AI adoption, you're still facing AI threats.
This creates an unexpected dilemma. The institutions likely to get hit by AI-fueled attacks in the next 18 months aren't the ones moving fastest on AI. They may actually be the ones moving slowest on AI deployments for cyber defense. The question isn't whether to get into AI. It's whether sitting out while the criminals run an AI-powered offense is a safer bet, or just a slower way to lose.
Why Waiting Made Sense
Delaying AI adoption was a reasonable call. AI data security is genuinely difficult to manage. There's no PCI-DSS equivalent for AI yet. Governance standards are inconsistent across vendors. A vendor that claims to use AI responsibly may be logging your queries, feeding your institution's activity into their training models, or sending sensitive data to a publicly hosted model in ways their contract language doesn't clearly disclose.
Waiting to see how things settled wasn't irrational. The problem is that waiting isn't neutral, it's more like standing still on an escalator: you're not taking a single step, but you're still being carried somewhere, and in this case the direction isn't your choice. While you held firm to avoid AI, the escalator kept climbing and the AI threats kept growing.
While You Were Waiting, the Threat Upgraded
In early 2026, Anthropic released Mythos and the cyber security community went crazy. Anthropic explained that the model could identify Linux kernel vulnerabilities and drive offensive security attacks. It could identify a combination of issues that when combined created a new vulnerability when each issue wasn't a concern on its own [11]. The UK AI Security Institute said that Mythos could autonomously attack weak systems when given network access [8]. To help the cyber community prepare, Anthropic restricted access and rolled it out through a controlled consortium rather than a public release [7].
Reuters noted that the initial alarm was overstated, but the fact remains that Mythos and other future AI models will compress the time between when a vulnerability exists and when it can be weaponized [9][10].
AI-discovered vulnerabilities aren't the only security risk. The Federal Reserve has warned banks that deepfakes are a growing threat [3], and the CSI survey of community bank leaders ranked AI-driven social engineering the top cyber threat for 2026 [1]. AI-powered social engineering means phishing emails personalized at scale with messages that reference a member's recent transaction, their loan officer's name, or the branch they use. It also means voice cloning to impersonate a CFO to authorize a wire transfer. A single bad actor with an AI-powered process can now inflict the damage that used to take an entire criminal organization [4][18].
Your institution and your members are already the target. That's true whether or not you've made any AI decisions at all.
Your Vendors Already Made the AI Decision For You
Here's the part you haven't fully accounted for. The AI risk isn't only in the tools you chose to adopt. It's already embedded in the tools your vendors chose.
Most core banking platforms, fraud detection systems, and customer-facing products now have AI somewhere in the stack. Some of those vendors are sending data to publicly hosted language models. Some are logging your queries. Some are using your institution's activity to refine their models. You didn't opt into those decisions. Your vendors made them. And every cyber risk that comes with AI-connected systems, including data exposure and third-party model access, now applies to your institution automatically through those relationships [2].
The operative question isn't 'should we adopt AI.' It's 'what have we already unknowingly adopted, and what's exposed?'
Fighting Back: Using AI to Defend Against AI
The good news is that the same AI capabilities being turned against community financial institutions can also be deployed in their defense. AI is already proving effective at fraud prevention, anomaly detection, identity verification, and real-time threat monitoring, giving banks and credit unions a way to spot suspicious activity faster than traditional tools alone [13][14].
Behavioral detection platforms can flag credential abuse, unusual login patterns, suspicious transactions, and unauthorized access across networks, cloud environments, and endpoints before a human analyst would likely notice the pattern in logs [15][16][17]. This shift matters because AI-enabled attacks can adapt quickly, which means legacy signature-based security tools may miss tactics that don't yet match a known threat pattern. But you can't turn security over to AI tools entirely.
IBM's banking framework recommends using AI in banking fraud detection to surface what appears to be suspicious events, but keep the final decision with a human [12]. The focus is to create strong processes with technology and humans that keep the speed advantage of AI without removing the judgment layer your regulators expect to see.
AI-powered defense isn't only a network and data play. Physical security is part of the equation too.
AI-enabled video monitoring brings these same capabilities to the branch floor. Computer vision systems can detect physical tampering, card skimmer installation, or unusual behavior at a branch in real time [6]. These systems are increasingly capable and can add meaningfully to your overall security posture. Before you deploy, make sure you understand what data they collect and who has access to it.
The best AI security solutions make your people faster at protecting your financial institution, without replacing their judgment.
Hardening the Branch Floor
AI detection tools help you see threats faster. But your branch devices also need to be hardened so attackers can't compromise them in the first place. ATMs, ITMs, kiosks, and branch endpoints are physical targets, and if not protected, they become the weakest link in your security.
The fundamentals still matter, and in branch security, they're often still missing.
Application whitelisting is one of the most effective controls available for banking machines. It's not a complicated concept, but it requires discipline and consistent enforcement across every device in your network. Pair whitelisting with hard disk encryption, BIOS lockdown, and network segmentation between branch devices and core systems, and you've closed the most common physical attack vectors [5].
If you don't know the whitelisting and encryption status of every branch terminal, ATM and ITM in your network right now, work with your trusted partner to get it resolved.
The Question You Can't Afford to Skip
You don't have to be an AI-first institution to defend against AI-powered threats. But you do have to stop treating AI as optional to your security posture. The threat environment has already made that decision for you.
Look at your current technology stack and ask one question: if an adversary used AI to probe every integration point you have right now, which one would fail first?
If you know the answer, go fix it. If you don't know the answer, that's where you start.
The institutions that come out of the next three years strongest won't be the ones with the most AI. They'll be the ones who used it to protect themselves.
About the Author: Jed Taylor
FTSI invited Jed Taylor to guest write this blog. Jed has spent his career bringing innovative solutions to banks and credit unions. He is the former President of uGenius (creator of the ITM) and former CEO of POPio (mobile video lending), and served as NCR's Global Head of Branch Solutions. He has been a friend and collaborator with FTSI for many years. Jed has been a featured speaker at industry conferences and a regular voice on financial services podcasts.
References
[1] CSI 2026 Banking Priorities Survey -- CSI / ABA Banking Journal
[2] Financial Services Under Threat by Adversarial AI -- ISACA
[3] Deepfakes and Banking Identity Controls -- Federal Reserve Speech, April 2025
[4] How Cybercriminals Are Exploiting AI in Financial Services -- Citrin Cooperman
[5] Future-Proofing ATM Security -- Brink's AMS
[6] AI-Powered Video Analytics in Bank Branches -- Moniteye
[7] Mythos Preview: Red Team Capability Assessment -- Anthropic, 2026
[8] Our Evaluation of Mythos Preview's Cyber Capabilities -- UK AI Security Institute, 2026
[9] Fears of Unfettered Hacking Spurred by Anthropic's Mythos AI Model Overstated -- Reuters, May 2026
[10] How to Defend When the Exploit Window Collapses -- Corelight, 2026
[11] AI Vulnerability Discovery and Containment Failures -- Cloud Security Alliance, 2026
[12] AI in Banking Fraud Detection -- IBM
[13] AI-Driven Detection for Financial Services -- Vectra AI
[14] Finance and Cyber Security Use Cases -- Alberta Machine Intelligence Institute (AMII)
[15] AI Threat Detection -- Proofpoint
[16] Fraud Detection Using AI in Banking -- UDT Online
[17] AI Governance, Threat Intelligence, and Anomaly Detection -- Snowflake
[18] Credit Unions Confront AI Fraud, Deepfakes, and Voice Clone Scams -- America's Credit Unions