Wall Street watchdogs pause some cyber exams after Mythos shock

U.S. regulators are pausing some cyber-related examinations of the largest banks, giving the lenders more breathing room as the firms dig into the risks exposed by Anthropic PBC's new Mythos AI model.

The Federal Reserve and Office of the Comptroller of the Currency want to give banks time to bolster their systems against cyber threats exposed by the latest AI models as both regulators and banks test the new technology, said people familiar with the matter, who asked not to be identified citing private information.

A representative for the OCC declined to comment, while the Fed had no immediate comment.

Anthropic said last month that it would limit access to Mythos, warning that it could potentially be used to power cyber attacks. As part of that, the tech company created an initiative called Project Glasswing with a select few companies, including Apple Inc. and JPMorgan Chase & Co., that would be allowed to use the technology to test their own cyber defenses first.

In April, Treasury Secretary Scott Bessent and then-Fed Chair Jerome Powell summoned Wall Street leaders to warn them of the cyber risks raised by AI models such as Mythos. Since then, banks and officials have been hashing out ways to methodically tackle the vulnerabilities that Mythos has exposed, according to people familiar with the matter.

Inside the big U.S. banks, some executives were immediately alarmed by Mythos's ability to move quickly through code and identify hacking weaknesses. But after several weeks of testing, some of the initial panic has given way to a long to-do list.

Delaying some cyber exam schedules will give banks more time to fully understand the power of the new technology and will help regulators with ongoing efforts to stress-test defenses for it. The OCC, for example, is undergoing its own trial run with Mythos, one of the people said. To be sure, examiners are still engaged with the firms on cyber issues, and a delay in exam schedules doesn't equal less oversight, the people said.

Fed Vice Chair for Supervision Michelle Bowman said earlier this month that the regulator would find effective ways to supervise banks for emerging technologies such as Mythos.

"Regulators will continue to focus on critical developments and communicating these risks to supervised institutions, as well as on refining our cybersecurity approach," Bowman said.

Many of the biggest U.S. banks that have access to Mythos - from JPMorgan, to Morgan Stanley and Goldman Sachs Group Inc. - have pulled together secretive teams to work with Mythos, according to some of the people. Many banks are dealing directly with the federal intelligence agencies to map out threats, some of the people said.

Digging into the technology has required collaboration between banks, regulators and companies that the lenders often tap for services. Goldman Chief Executive Officer David Solomon said in April that the bank was working with security vendors as well to help bolster its defenses.

JPMorgan CEO Jamie Dimon said the bank is working with its peers and vendors to make sure systems are prepared.

"It's serious work," Dimon said last week in a Bloomberg TV interview. "We have, I think, hundreds of people doing it full time now."

-With assistance from Katherine Doherty.

Copyright 2026 Tribune Content Agency. All Rights Reserved.

This story was originally published May 19, 2026 at 7:14 PM.