1 hour ago
1
The UK’s biggest banks have a cybersecurity AI problem, and OpenAI is trying to be the solution. The company has offered nine UK financial institutions access to its GPT-5.5-Cyber model, a move that comes while those same banks remain locked out of Anthropic’s Claude Mythos Preview, the model widely considered the most capable cyber-offense simulator on the market.
Bank of England Governor Andrew Bailey confirmed that as of May 29, 2026, UK banks still lack access to Anthropic’s Mythos AI model. That’s nearly two months after Mythos Preview launched in early April, and the delay has created what amounts to a defensive blind spot for institutions managing trillions in assets.
The cyber arms race between OpenAI and Anthropic
Anthropic’s Claude Mythos Preview, released around early April 2026, demonstrated remarkable efficiency in executing complex cyber-attack simulations. It became the first model to successfully complete what’s described as a comprehensive corporate network attack simulation, essentially threading through layered defenses the way a sophisticated threat actor would.
OpenAI’s GPT-5.5-Cyber entered the picture on May 7, 2026, when the company rolled out access to verified defenders in critical infrastructure sectors through its Trusted Access for Cyber program, or TAC. The UK’s AI Security Institute evaluated GPT-5.5 and found it to be one of the strongest models available for cyber-related tasks. In AISI’s assessment, GPT-5.5 became the second model to successfully navigate a corporate network attack simulation, trailing only Mythos Preview.
Why UK banks are stuck in limbo
The situation with Mythos access appears to stem from ongoing negotiations and access restrictions between Anthropic and UK institutions. Bailey’s public comments suggest this isn’t a technical limitation but rather a policy and licensing bottleneck that hasn’t been resolved despite weeks of discussions.
OpenAI has been expanding access to GPT-5.5 and GPT-5.5-Cyber beyond the US, extending its TAC program to EU institutions, Deutsche Telekom, BBVA, Telefonica, and Japan’s top three banks. The UK banking offer fits neatly into this broader international push.
What this means for investors
For the broader cybersecurity sector, the emergence of AI models that can convincingly simulate advanced persistent threats changes the economics of penetration testing and red-teaming. Traditional cybersecurity firms that rely on human-led offensive simulations may find themselves competing against tools that can run similar exercises faster and at a fraction of the cost.
The risk to watch is regulatory fragmentation. If different jurisdictions end up with access to different AI cybersecurity tools based on which company successfully navigates local licensing requirements first, it could create an uneven global defensive landscape. UK banks testing their defenses against GPT-5.5-Cyber simulations while their continental European counterparts eventually gain Mythos access would mean institutions are preparing for subtly different threat profiles.
Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.
English (US) · 