TL;DR:
- The European Commission has confirmed Anthropic is in active discussion on its models, including cyber security ones not yet available in the EU — most notably Claude Mythos.
- Anthropic has already committed to the EU’s general purpose AI (GPAI) code of practice, which requires providers to assess and mitigate risks from services regardless of whether they are offered in the bloc.
- The disclosure places the EU’s regulatory conversation with Anthropic ahead of the UK’s in visibility terms, even as Anthropic plans to extend Mythos access to UK banks within the week.
Commission spokesman Thomas Regnier told reporters in Brussels that the discussions span Anthropic’s different models. The key line — that the GPAI framework obliges assessment and mitigation of risks “from a service that may or may not be offered in Europe” — signals the Commission intends to exert extraterritorial influence over Mythos even while Anthropic keeps it out of EU markets.
Why this matters for UK observers
For UK policymakers, the framing is instructive. The EU is using the GPAI code — a voluntary instrument that Anthropic has chosen to honour — to widen oversight beyond the narrow question of market availability. It is an approach that contrasts with the UK’s “context-specific regulator” model, under which the FCA, the Bank of England and the Information Commissioner’s Office each deal with AI risks within their own remits rather than through a central framework.
Reuters’ separate reporting on German Chancellor Friedrich Merz pushing for industrial-AI exemptions from the EU AI Act highlights the political pressure the Commission is under to ease the regime. The Anthropic dialogue suggests the Commission is responding by demonstrating what constructive engagement — rather than blanket restriction — looks like in practice.
Cross-source context
The Guardian reports Anthropic plans to extend Mythos access to UK financial institutions within the week, meaning the UK will likely become the first large non-US commercial market for the model. The Financial Times separately reports US Treasury secretary Scott Bessent and Fed chair Jay Powell have already convened major US banks on the topic. Each jurisdiction is running a parallel access-negotiation and risk-assessment conversation with Anthropic on different terms.
Looking forward
If the EU’s GPAI-led engagement produces a public risk assessment or voluntary deployment standard, that becomes the reference document competitors and regulators in the UK and US will benchmark against. Whether Anthropic publishes the output of its Commission dialogue will be a leading indicator of how much of the regulatory framework now actually sits with a single company’s voluntary disclosures.