The global financial sector faces an escalating technological arms race. As artificial intelligence amplifies both offensive and defensive capabilities in cybersecurity, banking regulators and financial institutions are under mounting pressure to accelerate their adoption of sophisticated monitoring and protection tools. Marlene Amstad, president of Switzerland's Financial Market Supervisory Authority (FINMA) and chair of an international supervisory technology forum, has underscored the urgency of this transition, warning that traditional defences are rapidly becoming obsolete in the face of AI-powered threats.
The fundamental challenge confronting the industry is asymmetrical: malicious actors equipped with advanced AI can identify and exploit system vulnerabilities at speeds that conventional patching protocols cannot match. Traditional cybersecurity responses, once adequate, now lag dangerously behind the velocity of AI-assisted attacks. Amstad articulated this dynamic plainly, noting that as adversaries accelerate their offensive capabilities, financial institutions must fundamentally restructure how they identify and remediate vulnerabilities. This is not merely an incremental improvement to existing systems but rather a categorical shift in operational methodology.
Recent experiences with sophisticated AI models have crystallised the scale of the problem. Vulnerabilities uncovered through advanced machine learning systems have exposed operational risks within financial institutions that were previously undetected through conventional security audits. These discoveries have raised profound questions about accountability and safety protocols when AI systems themselves become central to institutional defence mechanisms. The paradox is stark: the very tools being deployed to secure financial systems introduce their own vectors of risk if inadequately governed.
Recognising the global scope of the challenge, FINMA has been instrumental in establishing a dedicated forum within the International Organization of Securities Commissions, the influential standard-setting body whose member jurisdictions oversee approximately 95 per cent of global financial market activity. This institutional architecture positions the initiative to influence regulatory practice across developed and emerging markets alike. The collaborative framework creates a pathway for coordinated adoption of supervisory technology among regulators spanning multiple continents and legal traditions.
Concrete progress emerged this week when roughly 100 policy specialists and technology experts convened for a collaborative hackathon designed to develop practical tools for supervising cryptocurrency markets. These intensive working sessions represent a departure from conventional regulatory development cycles, embracing agile methodologies and rapid prototyping to generate immediately deployable solutions. The specific focus on digital asset supervision reflects regulators' acknowledgment that crypto markets, characterised by technological sophistication and speed of transactions, cannot be adequately monitored through legacy regulatory infrastructure.
Beyond immediate supervisory tools, regulators are exploring more systemic approaches to embedding security directly into the architecture of digital financial systems. Rather than attempting to monitor and respond to threats after they emerge, this preventive approach would hardcode safeguards into the fundamental design of blockchain and digital asset platforms. Such integration could represent a fundamental reimagining of how financial markets incorporate security as a foundational principle rather than a reactive layer.
The international policy environment has introduced additional complexity into this technological transition. The United States government recently restricted exports of advanced AI models from Anthropic, citing national security concerns as justification for limiting access to its latest generation systems. These geopolitical restrictions create friction for regulatory initiatives dependent on cutting-edge AI capabilities. Simultaneously, Chinese firms are developing domestic alternatives, signalling that technological constraints will spur competing ecosystems rather than harmonised global standards.
For Switzerland specifically, maintaining access to the most advanced AI models has become a strategic priority for regulatory effectiveness. Amstad has been explicit that Switzerland's position as a global financial centre depends on regulators possessing equivalent technological capabilities to those available to the financial institutions they oversee. The risk profile shifts dramatically if supervisory agencies operate with inferior tools relative to the entities being supervised. This logic applies equally to Malaysia and other Southeast Asian financial hubs competing for regional leadership in fintech and digital asset markets.
The imperative for Southeast Asian regulators mirrors those driving Swiss action. Regional financial centres including Malaysia, Singapore, and Hong Kong are simultaneously strengthening digital finance infrastructure while confronting transnational cybersecurity threats. The collaborative international framework emerging from FINMA's initiatives offers a template for how smaller economies can participate in cutting-edge regulatory innovation without bearing prohibitive development costs independently. Participation in shared tools and coordinated standards allows smaller jurisdictions to punch above their weight technologically.
The deployment of AI for regulatory supervision also introduces governance questions that extend beyond technical implementation. How should regulators establish accountability when AI systems themselves make material supervisory decisions? What transparency obligations apply to algorithmic enforcement? These institutional design questions remain contested, yet their resolution will shape how financial supervision functions in the coming decade. Early movers like Switzerland are essentially writing the governance playbook that other jurisdictions will inevitably reference.
For Malaysian policymakers and financial institutions, the strategic lesson is clear: participation in international regulatory initiatives and investment in AI-capable supervisory infrastructure are no longer optional enhancements but rather competitive necessities. The financial sector's resilience increasingly depends not on traditional regulations applied more rigorously, but rather on the sophistication of technological systems deployed for both offensive risk management and regulatory oversight. As the global financial system becomes further embedded within AI-dependent infrastructure, the capacity to govern that infrastructure becomes the paramount regulatory challenge.
