Technology

Canadian regulator warns banks of cyber threats, citing Anthropic's Claude Mythos

The warning highlights growing concerns over artificial intelligence and its potential role in financial sector cyber risks

Published July 14, 2026
Canadian regulator warns banks of cyber threats, citing Anthropics Claude Mythos
Canadian regulator warns banks of cyber threats, citing Anthropic's Claude Mythos 

Canada's federal banking regulator warned the country's largest financial institutions about the risks of advanced AI models, saying the new technology could increase cyber threats and reduce the time institutions have to identify and fix vulnerabilities.

As reported by Reuters the regulator, the Office of the Superintendent of Financial Institutions OSFI, sent the email to chief technology officers, chief information security officers, and chief risk officers across the financial industry, including the big banks and insurers.

Advertisement

Canada's OSFI, alongside the Bank of Canada, sent direct warnings to the executives of the country's largest financial institutions including Royal Bank of Canada, TD Bank, and BMO.

The urgent briefing focused on the emergence of frontier-class AI models, specifically naming Anthropic's Claude Mythos—a powerful model designed for advanced software security that Anthropic has purposefully withheld from the general public due to its extreme capabilities.

Security concerns:

Claude Mythos was developed to help organizations scan code and patch software flaws.

However, security evaluations including testing by the UK AI Safety Institute revealed it can autonomously chain together multiple complex steps to execute a complete network takeover.

Moreover, if accessed by bad actors, it acts as a hyper-efficient hacking tool.

OSFI explicitly warned banks that such advanced AI models drastically shrink the window of defense.

Historically, when a system flaw is found, cybersecurity teams have days or weeks to deploy a fix while Mythos-class tools allow threat actors to find and weaponize those flaws instantly at a massive scale.

Threat to major infrastructure:

While Canada has gained limited defensive access to the platform via its Communications Security Establishment (CSE) under Anthropic’s "Project Glasswing," regulators are terrified that financial systems are not moving fast enough to update their defensive perimeters against an AI that has already mapped thousands of critical flaws across every major operating system and browser.

Regulators globally are also trying to assess cybersecurity risks from Anthropic’s frontier AI model Mythos. 

Cybersecurity experts say Mythos, an AI model described as extremely capable at finding and exploiting cybersecurity vulnerabilities, poses significant challenges to the banking industry and its legacy technology systems.

OSFI said ⁠in the email, "Advanced artificial intelligence models, such as Anthropic Claude Mythos, significantly compress the timeframe for effective risk mitigation."

"Accordingly, this bulletin is grounded in our existing guidance and outlines sound practices that institutions can adopt to enhance the speed and effectiveness of risk identification, mitigation and response."

"OSFI takes a technology‑neutral, risk‑focused approach to emerging technologies, including advanced artificial intelligence models. Our focus is not the technology itself, but how federally regulated financial institutions govern and manage the risks associated with its use," the regulator  added.

Hafsa Naeem Baig
Hafsa Naeem is an entertainment reporter specialising in K-dramas, films, and celebrity-driven stories. She explores global content trends and audience engagement, delivering accessible coverage that captures the emotional and cultural impact of entertainment across diverse viewership.