00:00So these, almost every CEO of every big bank went.
00:05The only person missing, according to your story, was Jamie Dine of JPMorgan Chase,
00:09and he couldn't make it for some reason.
00:12But why were five of the six big bank CEOs summoned by Fed Chair Jay Powell and Treasury Secretary Scott
00:17Besson?
00:18Well, we know, Tim, that in the past few days, in the past few weeks,
00:22even concerns have been raised about the severity and the strength of this new model by Anthropic,
00:28this tool called Mythos, which basically, Anthropic have said,
00:33can essentially a user's will detect extreme vulnerabilities in things like web browsers,
00:38in security systems, and basically presents a whole new level of cyber risk for countries,
00:46for companies, for huge institutions.
00:48And Anthropic have admitted that they know the severity of this.
00:51They have acknowledged and are taking it very, very seriously.
00:54Obviously, they've had a limited rollout for testing purposes among a select group of companies.
00:59We know JPMorgan is one of those that's public.
01:01There are about 40 other companies as well who are on the list.
01:04Not all of them are public who are getting early access to this and testing it out.
01:10Their information security teams have access to this.
01:14But essentially, what this shows, and bear in mind,
01:16some of the top executives were already in D.C. for lobbying meetings on Monday,
01:20but this was a meeting that was sort of tacked onto that.
01:23It was a very unusual meeting in that you had Scott Besson and Jay Powell.
01:27Remember, the Federal Reserve has taken pains in the past few years to establish its independence
01:33from the political side of government right now.
01:36But together, you have the central bank chair and the Treasury Secretary having a joint meeting
01:41showing how important this is across the department, across the U.S. government,
01:46for financial stability and for the security of the U.S. economy.
01:49What is your understanding of what was really at the heart of the concern that both Besson and Powell had?
01:57Was it just general, like, we need to be careful because there's now a more powerful cyber,
02:02I guess, criminal out there, not criminal, I don't want to say criminal,
02:05but, you know, a cyber tool that we're vulnerable to?
02:08Or were there more specifics of, like, this could actually happen?
02:12Here's a specific risk that maybe was flagged.
02:14Yeah, we're certainly continuing to look into this, that's for sure.
02:17But one thing to bear in mind, right, is the context, the wider context here that you have around these
02:22AI tools.
02:23You have Iran, you have China, you have Russia, all creating their own cyber tools,
02:27their own AI capabilities at the same time.
02:30Here is something that's been developed on U.S. soil.
02:32There have already been partial leaks by some of these, you know, by Anthropic itself, as we know,
02:38that are creating, you know, questions around the security of the capability.
02:44So basically what the government is essentially saying to these banks is,
02:48hey, like, you guys are the most systemically important institutions in some ways that we have in this country.
02:54You of anyone need to be the most defended, you know, in case of potential risks,
02:59not just by this own tool that you will be getting access to.
03:03JP Morgan has access to it.
03:05You know, we know that other companies are getting access to it soon as well.
03:09And that is, you know, that to them is sort of the core of this.
03:13Like, can you test this?
03:15Can you make sure, can you help us evaluate its own risk and the risk that we might face from
03:20elsewhere as well?
03:21And can they?
03:24Well, that's, I think that's a delicate question right now.
03:27You know, obviously these banks have been keeping this meeting extremely confidential.
03:30I mean, this was, this was the results of a few days of reporting.
03:34Yeah, I think in your piece mentions, none of them even commented to you.
03:37Yeah, none of the banks commented to us on this.
03:39I think it was very, very tightly held.
03:42And I think it seems to be more of a directive from the top down to the CEOs directly,
03:47a direct appeal to say, hey, you need to be taking this super seriously internally.
03:51So what can you tell us about the way that banks do keep our money safe
03:56in an environment where, you know, they could be at risk from these new tools?
04:00Yeah, I mean, that's a great question.
04:02I mean, we know banks aren't perfect by any means.
04:04In fact, some of them have the worst tech, right, you know, of institutions.
04:08You know, I've come on this show before to talk about, you know, fat fingers at Citigroup, for instance.
04:13You know, a lot of banks with crunchy technology, let's say to be generous, you know,
04:17we all know, you know, even from a retail perspective, many people listening to this show will know
04:22that their own bank is far from perfect when it comes to technology.
04:25So the urgency of this is really not lost on these companies.
04:28They are reflective on this.
04:30The Federal Reserve, you know, has a huge role in particular in its supervisory role.
04:34Looking internally at banks, they are the ones that have staff often inside the bank's offices
04:39who are looking at their capabilities, looking at their systems, looking at their defenses here.
04:44And they've obviously been evaluating that and evaluating the new tools and the new capabilities
04:49that are both available to these companies, but also to people who might want to hack these companies
04:54and have decided that, look, you know, the equation and the balance that stands right now
04:58is serious enough that this needs to have, like, you know, a top-down, extremely detailed
05:06and serious approach to what's going on here.
05:09Is there a potential that that approach would ever turn into maybe new, like, rules and regulation for banks?
05:15I think that's quite possible.
05:17I think there are, you know, there's chatter around that, you know, across sectors
05:21about how different companies might respond to questions of best practice.
05:27You know, as we all know across Wall Street right now, a lot of banks, you know,
05:31have public partnerships with certain companies, are trying out lots of different tools internally,
05:36whether that's for their engineers, their junior analysts, all this kind of thing.
05:39They are already, you know, playing around in the sandbox as it is.
05:44But I think it's only inevitable that at some point there will be some formalization of what's required.
05:49Todd, I think what's particularly chilling in a scenario like this is just because one American company has this technology
05:55now
05:55doesn't necessarily mean that other companies won't get it soon and that it won't easily fall into the wrong hands
06:01at some point soon.
06:02I think people are pretty shocked about how quickly this tech moves.
06:05But no question, everything's moving in the direction where it just gets better, better, and more impressive, and more impressive.
06:10What happens then?
06:11It seems like this is, you know, it's always going to be a race between sort of the bad actors
06:16and the ones who are trying to keep this stuff safe.
06:19Yeah, I mean, it's not, yeah, I mean, you're right, Tim and it's not just Anthropic's own tools, but who
06:24could replicate that, right?
06:25You know, a lot of this, you know, a lot of AI source code is open source.
06:30You know, China and Russia, Iran, you know, are also developing open source tools, at least China is for sure.
06:36You know, and this stuff is readily available.
06:38So it's not just the case of whether Anthropic, it's not just a question of whether Anthropic itself is secure,
06:44but it's who can replicate what Anthropic has and what can the US economy learn from what Anthropic has
06:53in order to defend itself against what other companies might have and other states might have.
Comments