Bank CEOs warned on Anthropic

Scott Bessent and Jerome Powell did not call bank chiefs to talk about interest rates this week. They called them to talk about one artificial intelligence model from Anthropic and what it could do to bank computer systems. (reuters.com) The meeting happened Tuesday in Washington, and Bloomberg reported it was pulled together on short notice at the Treasury Department. The banks in the room were the giant firms regulators label systemically important, which means their failure could ripple through the global financial system. (bloomberg.com) The trigger was Anthropic’s new model, Mythos Preview, which the company says is unusually strong at computer security work. Anthropic wrote on April 7 that the model can identify and exploit previously unknown software flaws in every major operating system and every major web browser. (anthropic.com) A previously unknown software flaw is like a hidden side door in a building that even the owner has not noticed yet. If a model can find that door faster than defenders can lock it, a bank has a problem before a human security team even knows where to look. (anthropic.com) Anthropic says more than 99% of the vulnerabilities Mythos found were still unpatched when it wrote up the results. The company also said the model could turn known but not yet widely fixed bugs into working exploits, which is the step that turns a weakness into a usable break-in tool. (anthropic.com) That helps explain why this reached the Treasury secretary and the chair of the Federal Reserve instead of staying inside bank technology teams. Bloomberg reported Powell’s presence signaled a systemwide stability concern, not just a narrow product or vendor issue. (bloomberg.com) Banks already run on dense webs of machine-to-machine connections: payment rails, trading systems, identity tools, cloud services, and internal automation. A model that can inspect code, chain steps together, and operate across software starts to look less like a chatbot and more like a very fast junior operator with perfect patience. (anthropic.com 1) (anthropic.com 2) Anthropic’s own product documents make that shift plain. Its computer-use tool is designed to take screenshots, move a mouse, type on a keyboard, and complete multi-step actions on a desktop, and the company warns customers to isolate the system, restrict internet access, and keep it away from sensitive credentials. (anthropic.com) Anthropic is not treating Mythos like a normal launch either. CNBC reported on April 7 that the company limited rollout and set up Project Glasswing with firms including Microsoft, Amazon, Apple, CrowdStrike, and Palo Alto Networks to use the model for defense instead of broad public access. (cnbc.com) The company has also spent the past two years building a ladder of internal safety rules called Artificial Intelligence Safety Levels. In its February 24 policy update, Anthropic said stronger model capabilities are supposed to trigger stronger deployment and security controls, including protections against misuse and theft of model weights, which are the files that make the model work. (anthropic.com) What changed this week is who got the warning. When the Treasury Department and the Federal Reserve bring in the chiefs of Bank of America, Citigroup, Wells Fargo, Goldman Sachs, and Morgan Stanley over one model, they are saying artificial intelligence now belongs on the same risk map as payments outages, cloud concentration, and cyberattacks. (kval.com) (reuters.com)