IMF: Anthropic-style AI Could Spark Global Finance Cyber Risk

The International Monetary Fund warned in a May blog post that advanced AI models such as Anthropic’s Mythos could enable cyberattacks that disrupt payments, create solvency and liquidity strains at firms, and threaten global financial stability.

The fund described how AI that finds and exploits software vulnerabilities at scale raises the risk that an attack could spread rapidly across banks and other firms that share cloud infrastructure. A single exploited weakness in payment systems could cause firms to miss obligations and put pressure on market liquidity.

Anthropic released Mythos with restricted access under Project Glasswing, giving the model to about 40 organizations it identified as critical, including technology and cloud providers such as Nvidia, Apple, Amazon Web Services and Microsoft. Researchers found Mythos can identify vulnerabilities even when used by non-experts. Anthropic’s CEO Dario Amodei wrote the company planned to work with government officials to help defend the United States and its allies from AI-related threats.

Central bankers and regulators moved quickly after Anthropic provided banks access to the model at the end of April. Bank of England Governor Andrew Bailey warned in a Columbia University speech that Mythos-style models might “crack the whole cyber risk world open.” The IMF noted that financial services share digital foundations with energy, telecommunications and public-sector systems, increasing the chance that a single exploit could affect multiple industries.

The fund highlighted cross-border risks and said emerging economies are particularly exposed because they depend on international services and often have fewer cyber resources. The IMF called for stronger international cooperation and harmonized regulatory standards to manage threats that cross national borders.

An independent security institute found Mythos to be a powerful tool for detecting cyber risks but warned that more models with similar or greater capabilities will appear. The institute urged immediate investment in cyber defense to keep pace with future models.

The IMF said institutions must pair advanced models with clear governance, human oversight, business continuity and disaster recovery plans, and strong cyber hygiene for the tools to improve security. The fund recommended enhanced monitoring, cyber stress tests and coordination with national authorities and international partners to limit contagion in a major breach.

Industry experts called for faster upgrades to defenses. “Without robust cyber resilience strategies and real-time visibility, the finance sector risks sleepwalking into deeper vulnerabilities,” Andy Ward, international senior vice-president at Absolute Security, warned. He added that attackers are already using AI to accelerate and scale threats and that cyber defenses must evolve with similar speed.

Anthropic introduced Mythos to support both offensive and defensive cybersecurity uses, and the limited distribution under Project Glasswing reflects an effort to balance capability development with safety. Governments, central banks and industry groups are assessing how access to powerful models should be governed and how regulations should be updated. The IMF’s warning increases pressure for coordinated policy responses and investment in cyber resilience across advanced and emerging economies.