OpenAI offers UK banks cyber AI tool as Anthropic restricts Mythos access

OpenAI has moved to provide nine major UK banking groups with access to its GPT-5.5 Cyber security tool, stepping into an access gap left by rival Anthropic, which has blocked financial institutions from previewing its Claude Mythos model. The development follows a warning from Bank of England governor Andrew Bailey last week, who noted that UK banks remained unable to access Mythos to test the security of their own digital systems and applications. Finance ministers, central bankers and financiers have previously expressed serious concerns that the AI models could undermine the security of financial systems if deployed without oversight.

Former UK chancellor George Osborne, now a senior executive at OpenAI, told the BBC that Bailey had not contacted him directly about the access issue. Osborne said his company did not intend to “hide [5.5 Cyber] away or keep it to ourselves,” though he confirmed the tool would not be made universally available. “The key things with these tools is that they need to be in the hands of the right people,” Osborne said. “We want to make sure that the forces that are establishing order in our democracies have these tools, and the forces that want to disrupt us or commit crime, do not.”

The institutions receiving access offers include Lloyds Banking Group, HSBC and Nationwide. NatWest and Santander already operate under existing agreements with OpenAI. Anthropic initially opened Mythos previews to a collective of 42 companies, consisting primarily of other US technology firms. OpenAI has distributed access to GPT-5.5 Cyber more broadly across geographic regions, opening the tool to institutions in the European Union, Japan and Canada in addition to the UK banks. The BBC asked Anthropic whether it plans to grant UK financial institutions access to Mythos and has not yet received a response.

The AI Security Institute, which evaluated both Anthropic’s Mythos and OpenAI’s GPT-5.5 Cyber, concluded in a recent report that the tools reached “a similar level of performance” on assigned testing tasks. Mythos generated significant attention when it launched in April, after Anthropic claimed it successfully identified a weakness in a legacy system that had remained undetected for nearly 30 years. Both companies charge financial institutions for usage of their cybersecurity tools, though Anthropic committed $100 million toward the initial Mythos previews.

Professor Alan Woodward, a cybersecurity expert at Surrey University, said the models excel at processing volumes of code that would overwhelm human reviewers. “I don’t necessarily expect these tools to surface things humans wouldn’t find eventually but they are relentless and incredibly thorough in sorting through the millions of lines of code which are in banking apps alone,” Woodward said. He noted that UK banking infrastructure relies heavily on legacy code, making automated auditing highly valuable. He cautioned that the AI systems do generate false positives, meaning human analysts must still review the findings before acting on them.