Anthropic to present AI model Mythos to G20 financial regulators

Anthropic received an unusual invitation: to present the AI model Mythos before the financial regulators of the G20. The Governor of the Bank of England Andrew Bailey, who heads the Financial Stability Board (FSB), invited the company to present before finance ministers and heads of central banks an overview of vulnerabilities identified by the model.

Why financial cybersecurity is in focus

The banking sector is critical infrastructure of the global economy. Any vulnerability in the payment system, trade finance, or settlements could trigger a systemic crisis. SWIFT, which processes trillions of dollars daily, has already suffered serious attacks — in 2016, $81 million was stolen through its system.

Cyberthreats this year have become so dangerous that the FSB included them in the list of priority financial risks alongside climate change and inflation. In this context, the emergence of an AI tool that can automatically identify vulnerabilities in payment infrastructure has become interesting not only to technologists but to policymakers as well. Banks traditionally lag in updating security due to costs and reluctance to disrupt system stability.

Regulators, in turn, are looking for ways to accelerate the process without overwhelming IT teams. Andrew Bailey directly pointed out that Mythos has already identified serious security issues in financial systems — and this is significant enough to discuss at the G20 level.

How Mythos finds vulnerabilities

Anthropics model analyzes financial infrastructure systematically, running various security tests:

• scans banks' APIs for authentication and authorization vulnerabilities
• tests the resilience of payment gateways to denial-of-service attacks
• analyzes security logs for signs of compromise and suspicious activity
• identifies misconfigured cloud systems and data storage facilities
• verifies data compliance with regulatory standards, including PCI-DSS and GDPR

In practice, Mythos has already identified vulnerabilities that could have led to unauthorized access to customer accounts and compromise of payment terminals. Some of these issues involved improper implementation of authentication protocols that bank specialists failed to detect during standard audits. Importantly, Mythos works with real financial systems, but under the control and permission of banks.

This is an unprecedented step

For the first time, an AI company has been invited to present findings about identified vulnerabilities in the financial sector before the FSB. Usually, such data remains confidential — discussed only between bank CISOs, their technical teams, and national regulators. Andrew Bailey's decision to raise this issue before the G20 suggests that the problem runs deeper than isolated bugs in individual banks. It may be about systemic vulnerabilities in the architecture of international payments or about new classes of attacks that traditional security tools miss. It is also a signal that AI is beginning to play a role not simply as a technological tool, but as a strategic asset in protecting financial stability.

"We are needed not to replace people, but to amplify their ability to

identify risks that are critical to financial stability."

What this means

This is the first signal that regulators are beginning to view AI not as a threat, but as a tool for protecting the financial system. If the FSB approves Anthropic's approach, we can expect that similar AI systems will either be recommended or mandatory for all major financial institutions in G20 countries. Other regulators — the SEC in the US, the FCA in the UK, the EBA in Europe — will likely begin to require banks to implement similar vulnerability detection systems. For AI companies, this opens a new market: instead of B2C or B2B SaaS, they can work directly with government regulators on critical infrastructure.