clauding.de
DE
2 min read AI-generated

Mythos Reaches Europe: ECB Calls Bankers to Discuss AI Cyber Risks

Copy article as Markdown

The European Central Bank is reaching out to risk chiefs at eurozone banks. The topic: Anthropic's Mythos model and its ability to find vulnerabilities in financial systems.

Anthropic Mythos ECB Cybersecurity Europe Regulation
Featured image for "Mythos Reaches Europe: ECB Calls Bankers to Discuss AI Cyber Risks"

The Mythos shockwave has hit Frankfurt. The European Central Bank (ECB) is convening a call with chief risk officers at major eurozone banks to discuss one question: what does Anthropic’s Mythos model mean for the security of European financial systems?

What happened

Bloomberg reports that ECB banking supervisors are contacting the risk chiefs of supervised institutions to evaluate their preparedness for this new source of threat. Unlike the US, where Treasury Secretary Bessent and Fed Chair Powell summoned bank CEOs to a crisis meeting weeks ago, Europe is handling it through regular supervisory dialogue — less dramatic, but no less serious.

In parallel, German banks are internally assessing what risks the Mythos model poses to their systems. The concern is concrete: in Anthropic’s tests, Mythos found thousands of zero-day vulnerabilities across every major operating system and browser. The question isn’t if these capabilities will fall into the wrong hands, but when.

The pattern is global

The speed of the regulatory response around the globe is remarkable. First the US (Treasury, Fed), then the UK (Bank of England, NCSC), now the EU. Within two weeks, every major financial center has reacted.

Anthropic hasn’t released Mythos publicly. Instead, through Project Glasswing, the model has been distributed in a controlled manner to security firms and tech giants. Over 50 partners — including AWS, Apple, Google, Microsoft, Nvidia, and JPMorgan Chase — get access to find and patch vulnerabilities before attackers get their hands on the model.

Why Europe’s response is different

The ECB is being more measured than US regulators. No emergency meeting with C-suite executives, no public alarm bells. Instead, supervisors are gathering information first: how prepared are the banks? Which systems are most exposed? What countermeasures are already in place?

It sounds like less drama, but it’s typically European — and possibly more effective. While the US dominates the headlines, Frankfurt is quietly figuring out what actually needs to be done.

What this means

Mythos is no longer just a security problem for tech companies. It’s become a systemic risk for the global financial system — at least in regulators’ eyes. And they’re taking it seriously enough to put their supervisory machinery in motion.

For Anthropic, this is a double-edged sword. On one hand, it validates the decision not to release Mythos publicly. On the other, regulatory pressure is growing — globally. Right at the moment when the company is preparing its IPO.

Sources: