When an AI model can autonomously find a bug that humans missed for 27 years, banks tend to pay attention. BNP Paribas, Europe’s largest bank by assets, is now working with French AI company Mistral AI to prepare for a new generation of cybersecurity threats driven by increasingly capable AI systems.

The partnership is a direct response to the alarming capabilities demonstrated by Anthropic’s Mythos model, which achieved a 72% exploit success rate during testing and managed to identify a flaw in OpenBSD that had gone undetected for over 27 years.

From experimentation to enterprise defense

This isn’t a cold-call partnership. BNP Paribas and Mistral AI have been working together since September 2023, when the bank started experimenting with Mistral’s models in its Global Markets division. That initial pilot expanded into a bank-wide engagement, culminating in a multi-year agreement signed in July 2024 that gave BNP Paribas access to all of Mistral’s models.

The latest phase of the collaboration, announced on May 26, shifts the focus squarely to cybersecurity. BNP Paribas CIO Marc Camus emphasized during a press conference that the effort isn’t narrowly focused on defending against Mythos alone. The goal is to anticipate and counter threats from any advanced AI model that could be weaponized against financial infrastructure.

Mistral AI is developing a dedicated cybersecurity-focused AI model specifically designed for European banks. The company has been in discussions with several financial institutions beyond BNP Paribas about deploying this technology.

Why Europe is building its own AI moat

The European Central Bank has already convened discussions with banks across the continent to address AI-driven cyber risks, specifically those tied to models like Mythos.

The choice of Mistral AI as a partner reflects a growing preference among European institutions for working with regional AI developers rather than relying exclusively on American tech giants, reducing regulatory and data compliance risk by keeping AI infrastructure within European jurisdiction.

What this means for investors

The threat vector has changed. Traditional hacking relies on human ingenuity and patience. AI-powered exploitation operates at machine speed and scale. A 72% exploit success rate from an AI model means that defenses built for human-speed attacks are likely insufficient.

Mistral AI is carving out a niche as the European alternative for banks that want sophisticated AI without the regulatory complications of working with US-based providers. If multiple European banks adopt Mistral’s cybersecurity model, that creates a network effect where shared threat intelligence makes every participant’s defenses stronger.