Something odd just happened in the halls of American finance. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell called a meeting with bank executives this week, and according to Bloomberg reporting, they came with a specific ask: use Anthropic’s new Mythos model to find security holes in your systems.
On the surface, that sounds reasonable. Banks leak money and data like sieves, so having better cybersecurity tools seems like an easy win. But here’s where it gets strange. Anthropic itself has decided to severely limit access to Mythos because the model is apparently too good at finding vulnerabilities. The company didn’t train it specifically for cybersecurity, yet it can identify security gaps at a scale that made executives nervous enough to pump the brakes on rollout.
Whether that caution is genuine concern or savvy enterprise sales strategy remains up for debate. Some observers have suggested the scarcity framing is pure hype. Either way, the optics of government officials pushing a product their own agency is simultaneously treating as a supply-chain risk is hard to ignore.
The Timing Problem Nobody’s Talking About
Here’s the kicker: Anthropic is currently in a courtroom fight with the Trump administration over a Defense Department designation that labels the company as a supply-chain risk. According to the source reporting, that designation came after negotiations broke down over how Anthropic wants to control how its AI models can be used by government entities. In other words, the company said no, and the government said we’ll see about that.
Now Treasury and the Fed are championing the very same company’s technology to the financial sector. It’s the kind of contradiction that makes you wonder who’s actually in charge of tech policy, or if anyone is.
The Financial Times is also reporting that U.K. financial regulators are eyeing Mythos with concern, which suggests this isn’t just an American paranoia play.
The Real Question
None of this means Mythos is a bad tool. An AI model that can sniff out security vulnerabilities could genuinely help banks defend themselves better. The question isn’t whether it works. It’s why government officials are publicly endorsing a product from a company they’re simultaneously suing, and why that company is confident enough to position scarcity as a feature rather than a limitation.
Maybe the answer is simple: different parts of government want different things, and nobody coordinated. Or maybe there’s a play here we’re not seeing yet. Either way, it’s worth watching whether JPMorgan Chase’s early partner status evolves into something broader, and whether Goldman Sachs, Citigroup, Bank of America, and Morgan Stanley (all reportedly testing the model) become case studies in how government and business align around new tech regardless of the legal friction.
The real test will be whether banks adopt the tool because it works, or because saying no to a Treasury and Fed recommendation comes with its own quiet costs.
