UK banks still locked out of Anthropic’s Mythos model
TL;DR:
- Bank of England Governor Andrew Bailey says UK banks have still not gained access to Anthropic’s Mythos AI model to check their systems against cyber threats, six weeks after the issue first raised concern.
- Bailey says Anthropic is willing to share the model on a trial basis, but the process appears caught up in friction with the US administration over AI guardrails.
- As chair of the Financial Stability Board, Bailey argues the interconnected nature of banking means cyber risk needs a coordinated global response, not national fixes.
Speaking to Bloomberg TV on the sidelines of a central banking conference in Reykjavik, Bailey said the trial access UK banks need to stress-test their defences “hasn’t happened yet”, a delay he linked to the broader stand-off between Anthropic and Washington over how advanced AI tools can be used.
Why Mythos matters
Mythos is designed to find flaws in computer code, a capability that cuts both ways: it can harden bank systems or, in the wrong hands, accelerate attacks against them. Last month Bailey said Anthropic “may have found a way to crack the whole cyber risk world open”, though some cybersecurity experts have since told Reuters that fears of unfettered hacking are overstated. The hold-up coincides with President Trump postponing an executive order that would have created a voluntary framework for AI developers to engage with government before releasing advanced models.
The episode underlines a growing dependency: UK financial stability now hinges partly on commercial decisions and political negotiations taking place in the United States. It echoes recent moves by other regulators — the Bank of Italy has confirmed it is engaging directly with AI firms including Anthropic over the same banking-security concerns — suggesting European supervisors increasingly see frontier-model access as a systemic issue.
Looking forward
Bailey’s warning that “we can’t just have a single sort of national approach” frames the access question as one of coordination rather than capability. For UK banks, the practical worry is timing — defenders cannot rehearse against a tool attackers may eventually obtain. Expect continued pressure on both Anthropic and policymakers to resolve the impasse, and for AI model access to feature more prominently in operational-resilience supervision.