A powerful new artificial intelligence model from Anthropic has set off a coordinated response among top global financial regulators, with authorities in the US, Canada and the UK moving within days to assess risks and shore up bank defences against a new class of cyber threats.
The urgency was underscored in Washington this week, where US Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell summoned Wall Street chiefs for a hastily arranged meeting, warning that Anthropic’s latest model, known as Mythos, could usher in an era of more sophisticated cyberattacks.
Banks were encouraged to take the unusual step of deploying the same technology internally to identify vulnerabilities in their own systems, according to people familiar with the discussions.
Firms including JPMorgan Chase, Goldman Sachs and Citigroup are among those testing the model or preparing to do so.
The US warning quickly reverberated across jurisdictions.
In Canada, the Bank of Canada convened major lenders and financial authorities under its Financial Sector Resiliency Group to discuss the cyber security implications of advanced AI models. Officials emphasised information-sharing and preparedness, even as they said there was no immediate or active threat to the financial system.
The Bank of England is preparing to take up the issue in upcoming meetings with banks, regulators and cyber agencies, placing Anthropic’s model on the agenda of key resilience and AI taskforce discussions.
The near-simultaneous moves point to a growing consensus among policymakers that advances in artificial intelligence could enable a new breed of cyber attacks capable of exploiting multiple vulnerabilities at once — a task that has traditionally challenged even sophisticated human hackers.
Anthropic has said its Mythos model is capable of identifying and exploiting weaknesses across major operating systems and web browsers, prompting the company to restrict its release to a small group of firms under a controlled testing programme.
The initiative, which includes select technology companies and at least one major bank, is aimed at identifying flaws and building safeguards before wider deployment.
Regulators are increasingly treating such capabilities as a potential systemic risk.
Many of the banks involved in the US discussions are designated as systemically important institutions, meaning disruptions to their operations could have broader consequences for the global financial system.
The episode also marks a shift in regulatory strategy — from focusing primarily on governing AI use to actively encouraging financial institutions to adopt cutting-edge tools to defend against emerging threats.
While officials across jurisdictions stressed that the discussions were precautionary, the speed and coordination of the response highlight how seriously authorities are taking the potential for AI to reshape the cyber risk landscape.
(with inputs from Bloomberg)
