The regulator said the quiet part. The machine writes its own code now.

The letter from the regulator landed in inboxes on a Thursday morning in Sydney. By lunch, somebody on the twelfth floor of a bank tower on George Street had printed it out and put it in front of a board member who had not opened a piece of paper in a month.

The board member read the first page. The first page said the banks were not keeping up.

The second page named the thing they were not keeping up with. A class of artificial intelligence the regulator called frontier. Models with high-level coding ability. Models that could read a stretch of software the way a locksmith reads a door, and find the place where the lock was thin.

The third page named one of the models by its product name. Claude Mythos. Built by a company called Anthropic. Sitting inside a restricted access program called Project Glasswing, which the major banks had been invited into.

The board member did not finish the third page.

This is how it usually goes. I have sat in rooms where the document on the table was the document that explained what was about to happen, and the people at the table did not read past the summary because the summary was comforting and the body was not.

The regulator is the Australian Prudential Regulation Authority. APRA. They oversee the banks the way the FDIC and the Federal Reserve oversee American banks, with a mandate to keep the system from falling over. On April 30, 2026, APRA member Therese McCarthy Hockey said in plain language that the banks needed a step change in how they thought about cyber. She did not say the banks were doing nothing. She said they were doing the wrong amount of the right thing, and the wrong thing was the speed.

Speed is the whole story.

I.

Picture a retiree in Adelaide. Call her Margaret. She is seventy-one. She banks with one of the four big ones. She has banked with them since 1974. She gets an email on a Tuesday afternoon that uses her daughter's name in the second line and references a transfer she made last month to her grandson's account. The email asks her to verify a security setting. The link in the email goes to a page that looks like her bank's login page in every measurable way, because the page was generated by a model that was trained on her bank's login page and a thousand others.

She enters her credentials. The page accepts them. The page tells her thank you. She closes the browser.

Eleven seconds later, on the other side of the world, a script reads her credentials, opens a real session with the real bank, and moves money to an account that will be empty by Wednesday morning.

Nobody touched a keyboard during the eleven seconds. The script wrote itself. The phishing page wrote itself. The email that knew her daughter's name was assembled from a data broker file and a model that knows how to write like a thirty-two-year-old Australian woman who works in marketing.

Margaret will call the bank on Wednesday. The bank will be sympathetic. The bank will also be telling APRA, in a separate document with a different letterhead, that it has strong defenses and invests billions annually.

Both things are true. That is the part that should make your stomach tighten.

II.

The Australian Securities and Investments Commission, the country's other big financial regulator, put out a number on April 8, 2026. Between January 1 and December 31 of 2025, ASIC coordinated the takedown of 11,964 phishing and investment scam websites. That was a 90 percent increase over the year before.

Read that twice. Not a 9 percent increase. A 90 percent increase.

Australians lost $2.18 billion AUD (about $1.4B USD) to scams in 2025. Investment scams alone took $837.7 million AUD (about $550M USD).

The takedown number is the one I keep coming back to. Eleven thousand nine hundred and sixty-four. That is one website every forty-four minutes for a year. Each one had to be built. Each one had to be hosted. Each one had to be pointed at somebody. The economics of that used to require a small team. Now it requires a prompt.

That is the part the regulator was trying to say without saying.

III.

Two months before the APRA letter, on February 27, 2026, the Commonwealth Bank of Australia disclosed that it was investigating up to $1 billion AUD (about $660M USD) in potentially fraudulent home loans. The forgeries in the loan files were AI-generated. Payslips. Bank statements. Identity documents. Pixel-perfect, internally consistent, generated faster than a human underwriter could read them.

A home loan officer used to be able to spot a fake payslip the way a butcher spots a bad cut. The font would be slightly wrong. The numbers would not add up against the tax line. The employer's address would not exist.

Now the font is right. The numbers add up. The employer exists, has a website, has a LinkedIn page with employees, and the employees have profile photos that are not anyone.

The loan officer signs the file. The loan goes on the books. The bank reports earnings. Some quarters later, somebody in the fraud department runs a query and finds a cluster.

A billion dollars is the cluster.

IV.

I want to be careful here, because I have been the guy on the phone, and I know what the room looks like when the script is taped to the desk.

The room has changed.

The script used to be a piece of paper with a pen line drawn next to the section where you went off-script if the customer pushed back. The script used to require a guy with a voice and a watch and a lunch break. The script used to cost money to produce and time to train.

The script now writes itself. The voice now clones itself. The customer's name, employer, recent transactions, and the name of their dog are now inputs.

I am not saying every scam call you get is from a frontier AI. Most are not. Most are still some guy in a room with a headset and a quota. What I am saying is that the floor is moving. The cost to produce a convincing pitch has fallen by an order of magnitude in two years. The number of people who can run a boiler room from a laptop has multiplied. The defenses on the other side, the bank's fraud team, the regulator's takedown unit, the call center that flags suspicious transfers, those have not multiplied at the same speed.

That gap is what APRA was naming.

V.

The Australian Banking Association responded the way trade associations always respond. The chief executive, Simon Birmingham, said Australian banks maintain strong cybersecurity defenses, invest billions annually, and are well-positioned to respond to emerging AI technologies.

I do not doubt that the banks invest billions. I have seen the budgets. The budgets are real.

But here is the ugly question. Not the exciting question. Not the television question. The ugly one.

If the banks are well-positioned, why did the regulator have to say they were not?

APRA does not write letters like the April 30 letter to banks that are keeping up. APRA writes letters like that to banks that have shown up to a targeted supervisory review with vendor slide decks instead of internal assessments. The review, conducted in late 2025, found that governance, risk management, assurance, and operational resilience practices were lagging behind the scale, speed, and complexity of AI deployment. The review found that bank boards lack the technical literacy required for effective oversight. The review found entities relying too heavily on vendor presentations and summaries.

That is the line that should chill anyone who has ever sat across from a salesman.

The bank boards are reading the deck. They are not reading the system.

That is the same posture the retiree had when she clicked the link. The deck looked right. The page looked right. The email looked right.

Everything looked right.

VI.

S&P Global, the ratings agency, put out a note the same day as the APRA letter. The note said AI would impact the credit standing of Asia Pacific financial institutions over the next one to five years. The note used the word "uneven."

Uneven means some banks will spend the money and adapt. Other banks will spend the money and not adapt. The difference will not be the budget. The difference will be whether the people in the boardroom understand what they bought.

I have been in rooms where a vendor sold a system to people who did not understand the system, and the system failed in the way the vendor's fine print said it could fail, and the people in the room blamed the vendor. The vendor had not lied. The vendor had explained, in language nobody read, exactly what the product would and would not do.

The fine print was always the body disposal plan.

VII.

Margaret in Adelaide is composite. I want to be honest about that. I built her from the shape of the cases ASIC reported and the shape of what APRA described. If we got a detail of her kitchen wrong, we got a detail wrong. The machinery is what we got right.

The machinery is this. A model with frontier-level coding ability can identify vulnerabilities faster than a human security team can patch them. A model with frontier-level language ability can write a phishing message that knows your relatives. A model with frontier-level voice synthesis can call your mother in your voice. A model with frontier-level image synthesis can produce a payslip your bank will accept.

Each of those is one tool. The fraud is the assembly.

The assembly used to require a team. It now requires an operator with a laptop and an API key.

VIII.

APRA did not introduce new requirements on April 30. They wrote a warning. They expect significant improvements. They will be back.

That is the part the banks' shareholders should read closely. The regulator has noticed. The regulator is on the record. The next document from APRA, when it comes, will not be a warning. It will be a rule.

In the meantime, the eleven-second window between Margaret's click and the cleared transfer will keep getting shorter.

The defenses will get smarter too. The same models that write the attacks can write the defenses, and the banks that hire the right people will close the gap.

But here is what I learned in forty years of sitting on the wrong side of these rooms.

The machine does not care which side hires it first. It runs for whoever pays. Right now, the people building the attacks are paying faster.

That is what the regulator was trying to say.

The board member on the twelfth floor of George Street did not finish the third page.

The third page is where the names are.