Reading time ~4 mins

Unpatched MCP protocol flaw puts banking AI agents at risk. Banks scramble for Mythos access while EU institutions remain excluded. AFM flags AI explainability gap as supervisory priority. BBVA publishes shadow AI playbook. ASML faces 150-day US export control ultimatum. Google Cloud launches enterprise agent platform with named bank deployments.

Top signal

Unpatched MCP flaw exposes banking AI agents to arbitrary code execution; Anthropic declines to fix. Media

Signal: Anthropic's Model Context Protocol contains an architectural vulnerability allowing attackers to execute arbitrary code through malicious commands passed to AI agents, with up to 200,000 vulnerable instances estimated; Anthropic stated that securing input is the developer's responsibility and declined to patch.

Relevance: Banks including JPMorgan Chase, Citi, and BNY Mellon are building agentic AI on MCP, and Anthropic's refusal to patch shifts residual risk entirely onto financial institutions as the protocol becomes enterprise infrastructure under DORA operational resilience obligations.

Consider: Verify whether any internal or vendor-deployed agentic AI tools use MCP and what compensating controls are in place until upstream patches ship.

American Banker

Security

Global banks race for Mythos access while no European financial institution is confirmed for Project Glasswing. Media

Signal: JPMorgan, Goldman Sachs, Deutsche Bank, Barclays, and Citigroup are assessing Anthropic's Claude Mythos Preview while regulators including the ECB conduct parallel reviews; no European financial institution has confirmed Glasswing access.

Relevance: US banks gaining early defensive AI cyber capability while European institutions remain excluded creates a transatlantic resilience asymmetry that ECB supervisors will need to address.

Consider: Verify that defensive AI deployment plans include containment protocols for Mythos-class threats before Glasswing access reaches European institutions.

BusinessWorld Online

Regulatory

AFM Annual Report 2025: AI decision volume rising while explainability declining. Authority

Signal: The AFM published its 2025 Annual Report on 13 April, identifying the growing gap between AI decision volume and explainability as a core supervisory concern, calling for human oversight and clear accountability lines.

Relevance: The AFM elevating explainability to annual-report prominence signals where examination questions will focus in the next supervisory cycle; AI-driven advisory, trading, and fraud systems face direct scrutiny on this axis.

Consider: Map the AFM's explainability and accountability language onto current AI system documentation before supervisory self-assessment requests arrive in Q3.

AFM

Perspectives

BBVA's head of AI adoption documents shadow AI as unmet demand, not compliance failure. CxO voice

Signal: In HBR, BBVA researchers reported that employees across organisations routinely use consumer LLMs on personal devices alongside secure systems, and BBVA's response was to follow employee lead rather than enforce centralised mandates.

Relevance: The peer-bank playbook reframes shadow AI from a security problem to a demand signal, giving European banking executives a published reference for shifting adoption strategy from policing to enabling.

Consider: Assess whether internal shadow AI detection is structured as a compliance exercise or a demand measurement tool, and evaluate the BBVA approach as a benchmark.

Harvard Business Review

Netherlands & Sovereignty

US MATCH Act gives the Netherlands 150 days to match China export controls or face ASML equipment restrictions. Media

Signal: The US House introduced H.R. 8170 on 2 April, imposing a DUV lithography export ban to China and granting the Netherlands 150 days to demonstrate equivalent controls before the Foreign Direct Product Rule expands to cover virtually all ASML machines.

Relevance: ASML drew ~30% of 2025 revenue (~EUR 5.7B) from China; restrictions would reshape semiconductor supply chains underpinning EU AI compute, with downstream pricing impact on cloud and hardware procurement for financial institutions.

Consider: Scenario-plan for ASML export restriction outcomes within the 150-day window, assessing how constrained chip supply would affect cloud infrastructure costs.

Tom's Hardware

Dutch Works Councils gain AI oversight leverage as 43% of workers use AI but 39% of employers provide no guidance. Media

Signal: AIInsider.nl reported on 22 April that AI deployment in Dutch workplaces triggers Works Council statutory approval rights over AI-driven monitoring, while the EU AI Act classifies HR-related AI as high-risk requiring risk assessments and human oversight.

Relevance: The statutory Works Council approval requirement applies directly to the bank's AI-driven HR and productivity tools; deploying without consultation creates procedural legal exposure independent of the tool's impact.

Consider: Confirm that all internally deployed AI-driven productivity and monitoring tools have Works Council approval.

AIInsider.nl

Innovation

Google Cloud launches Gemini Enterprise Agent Platform with A2A v1.2 in production at 150 organisations including named banks. Vendor

Signal: Google Cloud announced the Gemini Enterprise Agent Platform as GA on 22 April, with the Agent2Agent protocol at v1.2 running in production at 150 organisations including DBS, Revolut, Starling Bank, Citadel Securities, and CME Group.

Relevance: Named FSI peers in production deployment establish this as a candidate agentic infrastructure standard; the procurement decision for agentic infrastructure is live for banks that have not yet evaluated competing hyperscaler stacks.

Consider: Ask whether enterprise architecture has evaluated the Gemini Enterprise Agent Platform against competing stacks, given that peer banks are already in production.

Google Cloud

On the radar

• Prompt injection in Google Antigravity's findbyname tool fully bypassed Secure Mode sandbox protections, enabling arbitrary code execution; patched 28 February, disclosed in April. CyberScoop

• Citi Wealth unveiled Citi Sky, an AI wealth advisor built on Gemini and DeepMind avatar technology, rolling out to Citigold clients from summer 2026. Google Cloud Press Corner

• McKinsey's AI Transformation Manifesto found that while 79% of organisations experiment with generative AI, fewer than 10% have scaled AI agents. McKinsey