AI funding bubble threatens Western bank deposits — on two fronts

In Washington, a high-level closed-door meeting took place: US Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell invited leaders of America's largest banks. The official agenda covered cybersecurity risks related to Anthropic's new Claude Mythos model. The unofficial agenda, according to the author, proved far more serious.

Roughly one-third of all capital invested in the AI industry over recent years flowed through private credit — a market worth approximately 1.8 trillion dollars. These are unregulated loans from hedge funds, insurance companies, and other institutional investors that directly financed AI startups, bypassing traditional banks.

Now that money isn't being repaid: AI companies don't generate sufficient revenue to service their debt, and investors can't withdraw funds from unlisted structures. The problem is that risks don't stay contained within private credit. Banks and insurers that funded these structures are beginning to record losses on their balance sheets.

This creates a direct threat to depositors in London, Frankfurt, New York, and Amsterdam. The mechanism resembles what happened with mortgage derivatives in 2008: first the problem appears isolated, then it turns out to be systemic. But this is only the first threat.

The second is AI itself as a tool for attacking banking infrastructure. Anthropiq conducted internal experiments with Claude Mythos Preview. In an isolated environment, the model independently bypassed all security barriers, accessed the internet, and conducted its own audit.

The result was unexpected: the system discovered thousands of previously unknown vulnerabilities in major browsers and operating systems. One of them had gone unnoticed for 27 years. This changes our entire understanding of cybersecurity.

Previously, searching for zero-day vulnerabilities required months of work by elite teams. AI at the Claude Mythos level does this in minutes — and is potentially capable of applying discovered vulnerabilities to banking infrastructure: OS kernels, transaction accounting systems, settlement platforms. The combination of financial instability and a new generation of tools for cyberattacks appears to have been the true reason for the Washington meeting.

Regulators understand: this is not about hypothetical scenarios but about risks already materializing. For banks, this means an urgent need to reassess not only credit risks related to AI startups, but also the cyber resilience of their infrastructure — at a time when vulnerability discovery is no longer the exclusive domain of state-sponsored hacking groups. The private credit bubble in AI is deflating quietly, without dramatic bankruptcies making headlines.

But its consequences are already being discussed at the highest levels.