Top regulators press Wall Street on Anthropic risk

The people who normally worry about bank runs and inflation just called Wall Street into Washington to talk about one artificial intelligence model. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell held the meeting after Anthropic released Claude Mythos Preview, a system they were told could sharply raise cyber risk for banks. (bloomberg.com) (reuters.com) This was not a public conference or a routine policy roundtable. Bloomberg, Reuters, CNBC, and CBS all reported that top bank chiefs were summoned on short notice for a closed-door discussion focused on cyber threats tied to Anthropic’s newest model. (bloomberg.com) (reuters.com) (cnbc.com) (cbsnews.com) The model at the center of it is not a chatbot built to write emails faster. Anthropic says Claude Mythos Preview is unusually strong at finding software weaknesses, understanding attack chains, and helping security teams scan critical code before criminals do. (anthropic.com) (red.anthropic.com) That is useful if you are a defender looking for a broken lock before a burglar finds it. It is dangerous if the same tool can help an attacker test doors, map alarms, and move through a network at machine speed. (red.anthropic.com) (federalreserve.gov) Anthropic itself did not put Mythos on a normal mass rollout. The company said it was limiting access to a small research group and a defensive program called Project Glasswing because the model was especially capable at cybersecurity tasks. (anthropic.com 1) (anthropic.com 2) (cnbc.com) Project Glasswing shows why banks were in the room. Anthropic launched it on April 7 with partners including JPMorganChase, Amazon Web Services, Apple, Cisco, CrowdStrike, Google, Microsoft, NVIDIA, Palo Alto Networks, and the Linux Foundation to use Mythos on defensive security work. (anthropic.com 1) (anthropic.com 2) Banks sit on payment rails, trading systems, custody platforms, and identity data that connect to the rest of the economy like a central fuse box. A cyberattack that hits one giant bank can spread through vendors, market plumbing, and customer accounts faster than a traditional software outage. (federalreserve.gov) (reuters.com) Regulators have been talking about artificial intelligence in finance for years, but mostly in the language of bias, compliance, and model risk. This meeting was about something blunter: a frontier model that may help discover unknown vulnerabilities and compress the time between a flaw existing and a flaw being exploited. (federalreserve.gov) (red.anthropic.com) Reuters reported that Anthropic launched Mythos earlier in the week but stopped short of a broad release because of concern it could expose previously unknown cybersecurity vulnerabilities. That helps explain why Bessent and Powell treated the issue less like a product launch and more like a financial stability drill. (reuters.com) (bloomberg.com) The immediate question for banks is not whether to use artificial intelligence. It is whether their patching, vendor oversight, identity controls, and incident response are fast enough for tools that can hunt for weaknesses far faster than a human red team. (anthropic.com) (federalreserve.gov) The bigger shift is who now owns the problem. Once the Treasury secretary and the chair of the central bank are personally calling chief executives about one model, artificial-intelligence-driven cyber risk is no longer just an information-technology issue inside banks or a safety issue inside labs. It has moved onto the same table as systemic risk. (bloomberg.com) (cnbc.com)