ECB’s AI Cyber Letter Lands on German Banks
The next AI compliance question for German banks may arrive less as a model-risk form and more as a cyber-resilience demand from Frankfurt.
In a 3 June speech, ECB Executive Board member and Supervisory Board vice-chair Frank Elderson said European banking supervision will send a “dear CEO letter” asking banks to take proactive measures against the security implications of frontier AI models. The signal is not framed as future technology policy. It is framed as operational resilience now: banks must act before attackers can use more capable models at scale.
That matters directly for Germany. The largest German lenders sit under the ECB’s Single Supervisory Mechanism, while BaFin and the Bundesbank remain central to national supervision and DORA implementation. A letter addressed to supervised banks will therefore land in a market where Deutsche Bank, Commerzbank, Landesbanken, savings-bank groups, cooperative institutions and fintechs already face a German supervisory agenda built around cyber risk, outsourced technology and digital operational resilience.
Elderson’s core point is blunt: capital and liquidity are not enough if a bank cannot keep operating. He cited cyber incidents, technology failures and third-party dependencies as the type of shock that can interrupt critical services even when a bank is financially strong. The ECB also put numbers around the supervisory baseline. Its 2024 cyber resilience stress test covered 109 banks, with 28 receiving a deeper assessment of their ability to respond to and recover from a severe but plausible cyber incident. Since then, the ECB said almost three-quarters of the findings from that test have been addressed.
The AI element changes the tempo. The ECB said more than 85% of banks under European banking supervision use artificial intelligence. Used responsibly, AI can help with operations, risk management and IT security. Used by attackers, more capable models can reduce the cost of reconnaissance, vulnerability discovery, patch reverse-engineering and exploitation. The practical result is not that every bank suddenly faces a science-fiction threat. It is that attack chains that once required scarce expertise can become faster, cheaper and easier to scale.
For German banks, this puts AI inside the DORA file. BaFin’s DORA information page describes the regulation as the EU’s financial-sector framework for cybersecurity, ICT risk and digital operational resilience. In Germany, BaFin acts as the national reporting hub for ICT incidents in the financial sector and receives notifications connected to ICT third-party risk management. That makes AI-enabled cyber risk a supervisory issue even when the AI tool itself is not a customer-facing credit model or chatbot.
The Bundesbank has been moving in the same direction from the institutional side. In an April speech on cloud, AI, strategy and governance, Executive Board member Fritzi Koehler-Geib described the Bundesbank’s own secure AI assistant platform and the need to manage cloud and AI through governance, sovereignty and innovation together. In a March summary on digitalisation and growth, the Bundesbank said more firms are using AI and that average working hours involving AI are rising. It also said Europe imports more than 80% of digital infrastructure and technologies, a dependency that sits close to the operational-resilience debate.
That is the German angle: this is not only about adopting AI safely. It is about knowing whether critical banking processes depend on tools, vendors and infrastructures that could become attack paths or single points of failure. A bank can have an AI policy, a DORA project plan and a cloud register and still fall short if those artefacts do not describe the same operational reality.
The ECB’s forthcoming letter is likely to sharpen several board-level questions.
First, can the bank map where AI touches critical operations, including internal developer tools, fraud systems, customer-service workflows, security monitoring and vendor platforms? Second, can it show how frontier-model threats change patch management, phishing controls, supplier monitoring and incident response? Third, does management understand which cloud, telecoms, payments and software dependencies could transmit disruption across the institution? Fourth, has the bank tested scenarios in which AI improves the attacker’s speed rather than simply adding another control checklist?
Smaller German institutions will watch the proportionality language closely. Elderson acknowledged that larger banks have an IT-budget advantage and that resilience capability is unevenly distributed. But he also warned that proportionality cannot come at the cost of prudent risk management. For Germany’s fragmented banking system, that is a pointed message. Savings banks, cooperative banks and specialist lenders may not be expected to run the same technical programmes as global institutions, but they still need credible answers for critical services, outsourced providers and response plans.
The BaFin-Bundesbank domestic narrative already supports that reading. At their February supervisory briefing, Bundesbank Executive Board member Michael Theurer said the German banking sector was stable overall, with sound capital and liquidity buffers, while also pointing to geopolitical uncertainty and an increased number of cyberattacks. The ECB’s June message adds a more specific warning: AI can compress the time banks have to defend themselves.
This makes 2026 a governance year, not only a technology year. A German bank’s answer cannot sit solely with the chief information security officer. DORA reporting, third-party registers, AI inventories, model-risk controls, outsourcing committees, business-continuity testing and board risk appetite all need to connect. Supervisors are effectively asking whether senior management owns the whole system, not whether individual teams have each produced a policy.
The public story will be the “dear CEO letter” when it arrives. The real test begins before then. German banks now have a clear supervisory warning that AI cyber risk belongs in the operational-resilience core. The institutions that treat it as another compliance appendix will be behind the question the ECB is already asking.
Discussion
Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.