Why Fed and Treasury leaders Powell, Bessent just rushed into a critical cyber-risk meeting
Treasury Secretary Scott Bessent and Fed Chair Jerome Powell convened an pressing meeting with Wall Street leaders this week, bypassing the routine briefing cadence and pulling financial institution CEOs into a direct dialog about AI-driven cyber danger.
Reports famous that the meeting aimed to make sure banks understood the dangers posed by Mythos and related fashions and had been already taking defensive steps.
When the Treasury secretary and the Fed chair collectively pull financial institution chiefs into an pressing room, they’re speaking that the danger is systemic.
The irony operating by way of this episode is sharp.
On Mar. 2, the Treasury, State, and HHS moved to stop utilizing Anthropic merchandise, performing on a presidential directive, with Bessent publicly stating that Treasury was terminating all use.
On Mar. 9, the General Services Administration terminated Anthropic’s government-wide contract. On Apr. 8, a federal appeals courtroom declined to block the Pentagon’s blocklisting of Anthropic whereas litigation continues.
So, in the identical week, officers had been managing an lively procurement and nationwide safety dispute with Anthropic, whereas additionally warning the nation’s largest banks to organize for the danger posed by Anthropic-class capabilities.
What Mythos really modified
The evidentiary foundation for the official alarm rests on Anthropic’s personal supplies, that are extra particular than typical mannequin launch claims.
Anthropic says Mythos has discovered hundreds of high-severity vulnerabilities, together with flaws in each main working system and each main internet browser, and that greater than 99% of them are nonetheless unpatched.
The firm’s system card describes the mannequin as able to figuring out and exploiting zero-days throughout these platforms. This is the sort of functionality that, within the fallacious palms or launched with out coordination, compresses the timeline between vulnerability discovery and weaponized assault.
Anthropic’s response to its personal findings was to limit entry underneath a construction it calls Project Glasswing, limiting launch to launch companions together with Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks, plus greater than 40 extra organizations that construct or keep critical software program infrastructure.
Anthropic dedicated as much as $100 million in utilization credit and $4 million in donations to open-source safety organizations as a part of the trouble.
The firm additionally says it briefed US officers and key stakeholders earlier than launch, which suggests the Treasury meeting mirrored an knowledgeable official judgment grounded prematurely disclosure.
| Anthropic declare / truth | Why it issues to banks and regulators |
|---|---|
| Thousands of high-severity vulnerabilities discovered | Suggests functionality shouldn’t be theoretical or slender |
| Flaws present in each main working system | Implies broad assault floor throughout shared infrastructure |
| Flaws present in each main internet browser | Expands publicity past one vendor or one stack |
| More than 99% nonetheless unpatched | Raises urgency round protection timelines |
| Model can establish and exploit zero-days | Compresses the hole between discovery and weaponization |
| Access restricted underneath Project Glasswing | Signals even Anthropic seen launch as high danger |
| 40+ extra infrastructure organizations concerned | Shows concern extends past one firm to core software program ecosystems |
| Advance briefings to U.S. officers | Suggests the Treasury/Fed response was knowledgeable, not reactive theater |
Banks are on the middle of this concern as a result of they rely on the broader software program stack.
Treasury’s January 2025 Financial Services Sector Risk Management Plan identifies cloud focus, software program provide chains, and rising technologies, together with AI, as top sector risks, warning that reliance on frequent distributors and software program creates situations for cascading failures.
Banks share cloud suppliers, software program distributors, cost rails, and clearing techniques throughout the sector. A cyber functionality that may effectively discover and exploit unpatched zero-days throughout each main working system can hit an interconnected monetary system with compounding pressure.
In this panorama, shared infrastructure means a single class of vulnerability can attain each node concurrently.
The coverage monitor making this an inevitability
On Feb. 18, Treasury introduced a public-private initiative explicitly designed to develop practical tools for monetary establishments to handle AI-specific cybersecurity risks.
On Mar. 23, Treasury and the Financial Stability Oversight Council launched an AI Innovation Series, stating that insights from it will inform Treasury and FSOC work on reinforcing resilience and monetary stability as AI embeds itself throughout core monetary capabilities.
The Federal Reserve’s July 2025 cybersecurity report listed assessing AI risks, bolstering cloud resilience, and exercising cyber-incident response plans amongst its joint FBIIC/FSSCC priorities.
Washington had additionally been constructing the conceptual framework for longer than that.
In June 2024, Treasury and FSOC hosted a conference on AI and monetary stability. At it, then-Secretary Yellen recognized opacity, insufficient danger administration, and focus amongst mannequin distributors, knowledge suppliers, and cloud suppliers as channels by way of which AI might create systemic vulnerabilities.
The FSB’s November 2024 AI report then codified four main systemic-vulnerability channels: third-party dependencies and service-provider focus, market correlations, cyber dangers, and mannequin, knowledge, and governance failures.
The IMF had individually discovered that cyberattacks on monetary corporations account for nearly 20% of all incidents it studied, and that the dimensions of utmost losses had grown to $2.5 billion.
Mythos compelled officers to operationalize a danger framework they’d spent practically two years establishing.
| Date | Institution | Event | Why it issues |
|---|---|---|---|
| Jun. 2024 | Treasury / FSOC | Conference on AI and monetary stability | Established early systemic-risk framing |
| Jun. 2024 | Yellen | Warned about opacity, weak danger administration, and focus | Identified core vulnerability channels |
| Nov. 2024 | FSB | AI report on systemic-vulnerability channels | International coverage codification |
| Jan. 2025 | Treasury | Financial Services Sector Risk Management Plan | Named cloud, provide chain, and AI as prime dangers |
| Jul. 2025 | Federal Reserve | Cybersecurity report | Included AI danger, cloud resilience, and incident workout routines |
| Feb. 18, 2026 | Treasury | Public-private AI cyber initiative | Shift from concept to instruments |
| Mar. 23, 2026 | Treasury / FSOC | AI Innovation Series launched | Linked AI adoption to resilience and stability |
| Apr. 2026 | Treasury / Fed | Urgent financial institution CEO meeting | Operationalized the framework |
The contradiction between Washington’s procurement retreat and its monetary stability warning was, by design, run by way of two separate resolution tracks.
Cutting authorities contracts with a vendor on supply-chain or national-security grounds is a procurement and coverage resolution that flows by way of a single set of channels. Assessing whether or not a frontier mannequin’s cyber capabilities create new systemic danger for the monetary sector runs by way of a totally different set solely.
The meeting makes clear that these channels reached the identical conclusion about functionality from reverse instructions, and that procurement officers moved to restrict the federal government’s publicity to Anthropic as a vendor.
Financial stability officers moved to warn banks that what Anthropic had built posed a class of danger that warranted pressing consideration.
Both reactions presuppose the identical underlying judgment: that Mythos-class functionality carries real operational consequence.
The decision is that Washington’s concern about what Anthropic constructed survived Washington’s break with Anthropic as a vendor.
What might observe
In the bull case, Project Glasswing performs as designed.
Anthropic and its companions establish and patch materials vulnerabilities earlier than copycat capabilities attain open entry, banks soak up the expertise as a structured resilience train, and the episode turns into the primary demonstration that frontier AI can deliver a internet constructive to cyber protection by discovering flaws sooner than adversaries can exploit them.
Anthropic’s restricted rollout, its companion set, and its useful resource commitments help this risk, as does the truth that officers obtained an advance briefing, getting into the dialog forward of public disclosure.
In the bear case, extra frontier fashions arrive with comparable or better offensive capabilities, or disclosures round Mythos reveal a extra compressed assault timeline than the present managed framing publicly acknowledges.
Treasury, the Fed, and monetary regulators then transfer from non-public warnings to stricter supervisory expectations: stricter software program provenance necessities, obligatory vendor focus opinions, tighter incident reporting timelines, and extra rigorous operational resilience requirements for banks sharing frequent cloud or software program dependencies.
The FSB and Treasury supplies already provide the conceptual and regulatory foundation for that escalation. The IMF’s extreme-loss estimates and the FSB’s warnings about disruption to critical monetary infrastructure clarify why officers moved to lively preparation with out ready for a demonstrable incident.
How shortly the offense-defense steadiness shifts as extra labs strategy related functionality ranges is the open variable in each situations.
Glasswing assumes that coordinated, managed entry can maintain the benefit lengthy sufficient for patches to shut the gaps Mythos discovered. That assumption holds solely so long as the hole between frontier entry and open entry stays vast sufficient to present the trouble actual buy.
| Scenario | Trigger | Policy response | Impact on banks |
|---|---|---|---|
| Bull case | Glasswing works, vulnerabilities get patched, entry stays managed | Continued closed-door coordination, restricted new guidelines | Banks deal with this as a resilience drill |
| Base case | More concern, however no seen incident | More steering, extra exams, extra vendor opinions | Higher compliance and patch-management stress |
| Bear case | More fashions present related offensive functionality | Tighter supervisory expectations, software program provenance guidelines, incident reporting stress | Greater operational burden and sooner management modifications |
| Tail danger | Material disruption tied to shared software program/cloud publicity | Crisis-style coordination throughout Treasury, Fed, regulators | Market confidence and operational continuity turn into key issues |
Powell and Bessent’s resolution to convene financial institution CEOs on an pressing foundation is the clearest official acknowledgment that US officers consider that distance is narrowing sooner than the monetary system’s current cyber posture can soak up.
The submit Why Fed and Treasury leaders Powell, Bessent just rushed into a critical cyber-risk meeting appeared first on CryptoSlate.
