Treasury, Fed Urge Major Banks to Test Anthropic’s Mythos AI Vulnerability Tool
Key Points
- Treasury Secretary Scott Bessent and Fed Chair Jerome Powell urged top banks to test Anthropic's Mythos AI model.
- JPMorgan Chase receives first access; Goldman Sachs, Citigroup, Bank of America, and Morgan Stanley are also testing.
- Anthropic says Mythos is not a dedicated cybersecurity tool but can uncover hidden vulnerabilities.
- Company limits model access, citing concerns over exposing its architecture.
- Anthropic is contesting a Trump administration lawsuit over a DoD supply‑chain risk designation.
- UK regulators are examining Mythos for potential security and data‑privacy risks.
- Bank executives stress the need for rigorous vetting and transparency before wider adoption.
- Regulators will compile a report on Mythos's effectiveness and any emerging concerns.
Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell called senior executives from the nation’s largest banks to a closed‑door meeting this week, urging them to pilot Anthropic’s newly unveiled Mythos model for spotting security flaws. JPMorgan Chase is the first bank granted access, while Goldman Sachs, Citigroup, Bank of America and Morgan Stanley are already testing the system. Anthropic says the model is not a dedicated cybersecurity tool but its ability to uncover vulnerabilities has drawn both interest and skepticism, especially as the company fights a Trump administration lawsuit over a DoD supply‑chain risk designation.
Washington’s top financial regulators gathered the CEOs and chief risk officers of the United States’ biggest banks for a rare, off‑record briefing on Thursday. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell used the session to promote Anthropic’s freshly announced Mythos model, a generative‑AI system that, according to the company, excels at identifying hidden security weaknesses.
JPMorgan Chase was named the first institution to receive direct access to Mythos. Within hours, representatives from Goldman Sachs, Citigroup, Bank of America and Morgan Stanley confirmed they were also evaluating the tool. The banks, still reeling from recent cyber‑attacks on the financial sector, welcomed the prospect of an additional layer of defense.
Anthropic, a fast‑growing AI startup, described Mythos as a “general‑purpose” model that was not trained specifically for cybersecurity. Yet early tests showed the system could flag code flaws, misconfigurations and other exposures that traditional scanners miss. The company has limited distribution for now, citing concerns that unrestricted use could reveal sensitive information about its underlying architecture.
Industry observers are split. Some view the push from Treasury and the Fed as a pragmatic step toward bolstering the nation’s financial cyber‑resilience. Others suspect the move is a savvy sales tactic designed to lock in high‑value enterprise contracts before competitors catch up.
The meeting comes amid a broader legal battle between Anthropic and the Trump administration. The Department of Defense recently labeled the firm a “supply‑chain risk,” a designation the company is challenging in court. The DoD’s move followed a breakdown in talks over Anthropic’s insistence on restricting how government agencies could deploy its models.
Across the Atlantic, the United Kingdom’s financial regulators are also weighing the risks posed by Mythos. The Financial Times reported that officials at the Bank of England and the Financial Conduct Authority are examining whether the model’s capability to uncover vulnerabilities could be weaponized or inadvertently expose proprietary data.
Bank executives who attended the briefing emphasized that any new technology must be vetted rigorously. “We’re interested in tools that can give us an edge against sophisticated threats,” said a senior risk officer at a major bank, who asked to remain anonymous. “But we also need to understand the trade‑offs, especially around data privacy and model transparency.”
Anthropic’s CEO, Dario Amodei, defended the model’s potential, noting that Mythos was designed to complement existing security stacks, not replace them. “Our goal is to empower organizations to find hidden issues faster,” he told reporters after the announcement. “We’re working closely with partners to ensure responsible deployment.”
Critics warned that relying on a proprietary AI system could create a new concentration of risk. If multiple banks depend on the same model, a flaw or backdoor in Mythos could cascade across the financial system. Regulators appear aware of that possibility, prompting the high‑level meeting to discuss oversight mechanisms.
As the pilot phase expands, the participating banks will share findings with Treasury and the Fed, which plan to compile a report on the model’s effectiveness and any emerging concerns. The agencies have not committed to mandating the use of Mythos, but the endorsement signals a willingness to explore cutting‑edge tools in the fight against cyber‑threats.
The outcome of Anthropic’s lawsuit could shape the future of AI deployment in critical infrastructure. A favorable ruling might open the door for broader government adoption, while a setback could reinforce the company’s stance on limiting access. Either way, the conversation sparked in Washington this week underscores the growing intersection of AI innovation, national security and financial stability.