The Autorité desmarchés financiers has identified operational resilience and cyber risk as keypriorities in its 2026 action plan. It said financial firms must be betterprepared for rapidly evolving digital threats, particularly those linked toartificial intelligence.AMF Warns AI Accelerates Cyber ThreatsThe regulator warnedthat new AI models could accelerate the discovery of system vulnerabilities andmake cyberattacks more efficient. It added that AI tools may also contribute tothe “industrialisation of malicious campaigns”. At the same time, it noted AIcan improve detection and response capabilities, but stressed that firms mustadapt their risk management frameworks accordingly.The AMF said it willremain active in international coordination through IOSCO, the FinancialStability Board, the European Systemic Risk Board, and the G7 Cyber ExpertGroup. It also co-chairs IOSCO’s Financial Stability Engagement Group with theUK Financial Conduct Authority.On supervision, theAMF is enforcing the Digital Operational Resilience Act, in force since January2025. The regulation sets requirements for cyber risk management, incidentreporting, resilience testing, and third-party oversight.Firms Face Stricter AI Cyber ControlsThe AMF will laterpublish its own assessment focused on French supervised firms, highlighting keylessons and areas for improvement.In 2026, the regulatorwill expand outreach and monitoring, including a webinar on 1 July and a surveyon how firms are managing AI-related cyber risks. Results are expected in theautumn.It will also continuecybersecurity inspections covering data protection, incident response, andresilience controls, with a focus on AI-driven threats.The AMF urged seniormanagement to ensure cyber risks are properly identified, monitored, andtested. It recommended alignment with ANSSI best practices, DORA requirements,and European supervisory guidance. Key measures include maintaining inventoriesof critical systems, strengthening encryption, faster patching, regularbackups, staff training, incident testing, technical audits, crisissimulations, and integrating AI-related scenarios into cyber risk planning.EU Reports RisingCross-Border ICT RiskMeanwhile, theEuropean Supervisory Authorities published their firstannual overview of major ICT-related incidents under the DigitalOperational Resilience Act. Issued by the EBA, EIOPA, and ESMA, the reportrecorded 3,383 incidents, with around one third showing cross-border impact. It said ICT risks areincreasingly “borderless and interconnected” due to shared infrastructure andoutsourcing. Cybersecurity incidents accounted for about 10% of cases. Theauthorities also noted that AI-driven tools could increase future operational riskin financial systems.This article was written by Tareq Sikder at www.financemagnates.com.