On April 8, U.S. Treasury Secretary Yellen and Federal Reserve Chair Powell urgently convened the CEOs of six systemically important banks at the Treasury headquarters in Washington to discuss the cybersecurity risks potentially posed by Anthropic's new model, Mythos. According to Bloomberg, the attendees included Citigroup's Fraser, Morgan Stanley's Piek, Bank of America's Moynihan, Wells Fargo's Scharf, and Goldman Sachs' Solomon. Jamie Dimon of JPMorgan was "unable to attend due to reasons."
This was not a routine financial regulatory meeting. The last time the Treasury Secretary and Federal Reserve Chair jointly convened bank CEOs in the same conference room was on October 13, 2008. At that time, Paulson and Bernanke launched a $250 billion TARP capital injection plan to address an ongoing financial system collapse. This time, the trigger was not the market, but an AI model.
This meeting was merely the third wave of federal-level regulatory actions that Anthropic faced in 44 days.
The people in the lab and the people in the conference room overlap almost none
Mythos is not scattered around the world uncontrollably. On April 7, Anthropic officially released the Mythos Preview while announcing a defensive cybersecurity program called Project Glasswing, which limits access to the model to 12 partner organizations. These 12 include Amazon, Apple, Microsoft, Google, Nvidia, CrowdStrike, Palo Alto Networks, and a financial institution, JPMorgan.
The issue is that the people called in to discuss the risks and the ones given the defensive tools are almost two separate groups.
The five bank CEOs present manage a combined total of approximately $9 trillion in assets. None of them are on the Glasswing list, and none have access to Mythos. They were summoned, according to Bloomberg, to "ensure that banks understand the future risks that Mythos and similar models might pose and are taking defensive measures." However, the core tool for those defensive measures, Mythos itself, is unavailable to them.
And the only bank appearing on both lists, JPMorgan, happened to have its CEO Dimon absent.
According to Anthropic's official website, JPMorgan is the only financial institution among the 12 founding partners of Glasswing. The bank spends approximately $600 million annually on cybersecurity and reportedly has about 3,000 cybersecurity personnel according to SecurityWeek. On the same day, April 8, that Yellen and Powell held the emergency meeting, JPMorgan's analysts published a research report expressing a bullish outlook on CrowdStrike and Palo Alto Networks, citing the establishment of Glasswing as the reason.
On one side are the five banks called in to discuss threats, having no tools at their disposal. On the other side is the only bank equipped with tools, whose CEO did not attend the meeting, while analysts continued to issue bullish ratings to partners. Glasswing creates not only a technological barrier but also an information barrier.
What happened in 44 days
If you line up the federal-level regulatory actions Anthropic faced over the past six weeks, you’ll see an unprecedented chain reaction in both speed and direction.
On February 24, Secretary of Defense Austin issued an ultimatum to Anthropic CEO Amodei: accept the "any lawful use" clause by 5:01 PM on February 27, or face consequences. The core controversy of this clause is that Anthropic retained two usage restrictions in its contract with the Pentagon, prohibiting the use of Claude for mass surveillance and fully autonomous weapons systems. According to CBS News, Austin stated, "American warriors should never be captured by the ideology of big tech companies." The Pentagon's Chief Technology Officer Emil Michael expressed, "To some extent, you must trust your military to do the right thing."
Anthropic refused. On February 27, Trump ordered federal agencies to halt the use of Anthropic products. On the same day, Austin declared Anthropic as a "supply chain risk."
In the following 44 days, three federal levels almost simultaneously initiated contradictory actions against Anthropic.
On March 26, a judge in San Francisco federal court issued a 43-page preliminary injunction, determining that the Pentagon's actions were "troubling" and might constitute retaliatory punishment against Anthropic, temporarily halting the enforcement of the supply chain risk designation. According to CNN, the judge noted in the ruling that the government's actions "likely violated the law."
On April 8, the DC federal appeals court refused to suspend the Pentagon's designation, effectively overturning the San Francisco court's protection. On the same day, Yellen and Powell held that emergency meeting.
One court is protecting this company, another court is supporting sanctions against it, while the Treasury Department and the central bank are discussing it as a systemic risk from a financial stability perspective. The same entity, within the same federal framework, is simultaneously seen as a protected innovator and a threat to be guarded against.
Who was formerly labeled with "supply chain risk"?
"Supply chain risk" is not an ordinary administrative designation. It was originally designed as a tool by the Federal Communications Commission (FCC) to address security threats posed by foreign communication devices.
In 2019, Congress and the FCC initiated this designation process against Huawei and ZTE, citing their ties to the Chinese government, espionage obligations imposed by Chinese law, and known security vulnerabilities in their devices. In June 2020, the FCC issued an official designation order. In 2021, Hikvision, Dahua, and Hytera were added to the list. In 2022, Russia's Kaspersky was also included.
According to public records from the FCC, prior to Anthropic, all entities listed under this designation were foreign companies, and all were identified as having technological security risks.
On February 27, 2026, Anthropic became the first U.S. domestic company designated as a "supply chain risk." According to TechPolicy.Press, the reason for the designation was not technological security vulnerabilities, but a breakdown in contract negotiations, with Anthropic refusing to remove AI usage restrictions. According to a security policy researcher from Northeastern University, this precedent could have a chilling effect on the entire AI industry, as it means that refusing to comply with military usage conditions could lead to the highest level of supply chain sanctions.
A sanction tool designed for Huawei is being used for the first time to sanction a U.S. company that refused to allow its AI to be used for unrestricted military purposes. The tool remains the same but the logic of its use has completely changed. On May 19, the DC Appeals Court will hold oral arguments on this case.
When an AI model is both the best defensive tool and the largest systemic threat, the existing regulatory framework has not designed any response mechanisms for this duality of "capability equals risk," and the process of filling this framework gap is happening at a pace of federal-level events once a week.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
