Why do banks avoid dealing with "lobsters"?

As “Lobster” gains popularity online, the banking industry collectively hits the “pause” button. Currently, no bank has deployed this tool across the entire organization, and many institutions have issued internal risk alerts and conducted special self-inspections, clearly marking it as off-limits for internal network access and business scenarios.

The banking industry’s collective rejection of “Lobster” is not due to a rejection of technological innovation but is based on the unique attributes of the financial sector, making cautious decisions between security and efficiency. The prudence of the banking industry reflects its extreme requirements for security and compliance. The financial industry deals with risks, manages credit, and bears the safety of funds and personal privacy for millions of households. The inherent “physique” of “Lobster” conflicts with the security red lines of banks: its default high system permissions mean that once connected to the internal network, it could serve as a backdoor for attackers to access banking systems.

From the perspective of financial innovation risk data, recent years have seen a continuous surge in cyberattacks and data breaches in the financial sector. Global banking institutions have experienced a significant increase in ransomware attacks, with single incidents causing direct losses of millions of dollars. Domestic financial institutions frequently face regulatory penalties due to system vulnerabilities and poor data governance, and issues like information leaks and illegal data calls directly threaten financial security. Vulnerabilities caused by weak security configurations can be exploited to steal sensitive data or illegally manipulate transactions, which is an unacceptable risk for banks striving to establish a rigorous risk control system. Relevant authorities have explicitly warned that using this AI agent in financial transaction scenarios could lead to serious consequences such as erroneous transactions or account hijacking.

Beyond obvious security vulnerabilities, the deeper reasons why banks hesitate to touch “Lobster” include blurred responsibility boundaries and a lack of compliance standards. The application of AI is not just a technical issue but also a compliance and governance challenge. “Lobster” has autonomous execution capabilities, so if misjudgments, deviations, or even illegal operations occur in business processes, how should responsibility be defined? Currently, there are no unified standards for AI applications in finance, and guidelines for model management, data usage, and risk accountability are lacking. Data on risks shows that issues like AI-driven financial scams and algorithm errors leading to business mistakes are increasingly prominent, and reputation and compliance risks caused by improper use of new technologies continue to rise.

Refusing “Lobster” does not mean rejecting artificial intelligence. The banking industry’s exploration of digital and intelligent transformation has never stopped. Currently, AI agents are already being applied in low-risk, non-core scenarios such as intelligent customer service, policy document retrieval, and meeting minutes generation, effectively improving operational efficiency and service quality. Financial regulators have previously emphasized the need to promote AI applications in finance in a steady, safe, and orderly manner, releasing the momentum of digital development. This clearly signals that banks are not opposed to technology but are rejecting reckless risks and the placement of core business in danger.

A consensus has already formed: the implementation of AI in finance must be cautious. Banks need to deeply transform models, establish comprehensive data security systems, and use techniques like data masking and encryption to define boundaries for data use, while improving AI governance frameworks. Only through these measures can data security be ensured from the source, responsibilities clarified, and technological innovation truly serve business development.

The development of financial technology must not come at the expense of financial security. In facing new technologies like “Lobster,” the banking industry should not blindly follow trends or rush into deployment. Maintaining a cautious attitude to safeguard security and adhere to compliance is responsible not only to financial consumers but also to the long-term stable development of the industry. (Source: Economic Daily, Author: Lu Min)