Inside Europe’s AI Banking Crisis: Soaring Costs and a Push for Sovereignty

Why regulators are sounding the alarm

The model at the center of this diplomatic standoff is Anthropic’s Claude Mythos Preview, an AI system designed to push the boundaries of software engineering and navigate vast, complex codebases. Those same capabilities, however, are precisely why European regulators view it as a serious cybersecurity threat, fearing it could supercharge automated hacking and fraud attacks .

The regulatory response has been swift and severe. In May 2026, the European Central Bank (ECB) summoned major lenders to a targeted meeting to address cybersecurity risks exposed by the latest AI models, stressing the seriousness of the threat while urging US banks that have access to Mythos to share information with their locked-out European counterparts . The European Systemic Risk Board (ESRB) has flagged supplier concentration, model opacity, herding behavior, and cyber risk as systemic threats to financial stability . Adding to the pressure, the European Banking Authority (EBA) has identified fraud risk amplified by AI as now the second most significant operational risk facing the sector .

The sovereignty scramble: building a European alternative

Faced with a reliance that is at once too expensive, too restricted, and too risky, European banks and policymakers are writing a new playbook. The goal is no longer just to use AI but to own the stack under European jurisdiction.

• Mistral AI takes center stage. The French startup has emerged as the anchor of the continent's AI sovereignty thesis, growing its revenue approximately 20x year-over-year to roughly $1 billion in annual recurring revenue by May 2026. Mistral is currently in active talks with European banks to develop a dedicated cybersecurity-focused large language model (LLM), explicitly designed as a sovereign alternative to Anthropic’s Mythos . To build the infrastructure for this ambition, Mistral secured $830 million in debt financing from a consortium of seven banks to deploy 13,800 Nvidia GPUs .

• A new non-US powerhouse emerges. In a landmark consolidation move, Canada's Cohere acquired Germany's Aleph Alpha in a $20 billion deal in April 2026, creating the most credible non-US, non-Chinese enterprise-AI stack. The combined entity runs on STACKIT, an EU-compliant cloud infrastructure owned by the Schwarz Group, offering banks a fully sovereign deployment surface where data never leaves European jurisdiction .

• The rise of open-source and smaller models. Not every solution needs to be a frontier model. Many European fintechs are deliberately adopting small language models (SLMs) to avoid vendor lock-in. These simpler models, such as Aleph Alpha's open-source T-Free or Poland's Bielik, can run on-premise, produce fewer hallucinations, and are completely insulated from the US CLOUD Act .

• A return to in-house development. ECB workshops have confirmed that a majority of European banks already develop AI models internally for critical use cases like credit scoring and fraud detection, even if they are hosted on external cloud platforms . The EBA explicitly backs this strategy, recommending that banks develop AI in-house or retain control over key components to reduce business and technical dependency on third-party providers .