Snippings

xxx

UK financial regulators are holding urgent discussions with the government’s main cyber security watchdog and the country’s biggest banks to assess the risks posed by the latest AI model from Anthropic.

Officials at the Bank of England, the Financial Conduct Authority and HM Treasury are in talks with the National Cyber Security Centre to explore potential vulnerabilities in key IT systems revealed by Claude Mythos Preview.

From: UK financial regulators rush to assess risks of Anthropic’s latest AI model.

xxx

xxx

Testing and controls should, in theory, be able to prevent an agent from escaping a sandbox, or from getting access to information or networks it’s not authorized to access.

“These are all the things you have to tell [an AI agent]: I’m not granting you agency to do these things,” Rubinow said.

Sandboxes themselves are meant to be a good way to safely experiment with and test AI agents. In theory at least, they are safe, contained environments, protected from exposure to outside servers.

But in the Alibaba and Anthropic examples, the agents were running within sandboxes and broke out.

From: AI agents are going rogue. Here’s what banks can do about it | American Banker.

xxx

xxx

Estimates suggest that 2-5% of global GDP, as much as $5.5 trillion annually, is laundered worldwide. A significant share of this flows through trade, which remains one of the most exploited channels for money laundering and the illicit movement of funds.

Criminals are moving a worrying amount of money across borders in plain sight. The chaos from geopolitical disputes only blurs the line between lawful commerce and illicit activity further. And that growing instability has made financial crime harder to detect but easier to disguise.

From: Tariffs, trade and financial crime: What banks must do now | World Economic Forum.

xxx

xxx

Anthropic didn’t release their latest model, Claude Mythos (system card PDF), today. They have instead made it available to a very restricted set of preview partners under their newly announced Project Glasswing.

The model is a general purpose model, similar to Claude Opus 4.6, but Anthropic claim that its cyber-security research abilities are strong enough that they need to give the software industry as a whole time to prepare.

From: Anthropic’s Project Glasswing—restricting Claude Mythos to security researchers—sounds necessary to me.

xxx

xxx

UK financial regulators are holding urgent discussions with the government’s main cyber security watchdog and the country’s biggest banks to assess the risks posed by the latest AI model from Anthropic.

Officials at the Bank of England, the Financial Conduct Authority and HM Treasury are in talks with the National Cyber Security Centre to explore potential vulnerabilities in key IT systems revealed by Anthropic’s latest model.

From: UK financial regulators rush to assess risks of Anthropic’s latest AI model.

xxx

xxx

We plan to add crypto wallets, real estate, and other asset types to personal finance in the future.
The Plaid integration is now available on desktop to all signed-in users in the US and Canada, with mobile and other countries to follow.

From: Computer is Now Your Personal CFO.

xxx

xxx

Launched in 2023, the FedNow interbank RTGS service currently does not let participants use intermediaries, other than reserve banks, for fund transfers. Because this means that transfers sent through FedNow can include only two US banks other than a reserve bank, the service can only be used for domestic payments.

However, the Fed says FedNow participants have expressed interest in using the service to initiate cross-border instant payments, arguing it would improve both speed and efficiency.

In response, the Fed board has now voted unanimously to support a proposed change to its regulations that would allow participants to use intermediaries other than reserve banks.

Says the proposal: “The Board believes this change could support private-sector cross-border payment solutions, among other potential use cases, by allowing FedNow participants to leverage an intermediary (for example, a correspondent bank) for the international portion of a cross-border transaction and use the FedNow Service for the US.”

From: Fed consults on FedNow cross-border payments.

xxx

The US Treasury’s Financial Crimes Enforcement Network (FinCEN) and the Office of Foreign Assets Control (OFAC) have set out their proposed requirements for permitted payment stablecoin issuers (PPSIs) related to combatting illicit finance. The Notice of Proposed Rule Making (NPRM) sets out anti-money laundering and countering the financing of terrorism (AML/CFT) and sanctions compliance measures that PPSIs will be expected to implement once the GENIUS Act regulatory regime becomes fully operational from January 2027.

In short, PPSIs will be expected to comply with the same set of financial crime compliance obligations that already apply to other US financial institutions. What’s more, the NPRM indicates that relationships PPSIs form to provide services to partners, customers and counterparties (such as issuance and redemption arrangements it enters into with cryptoasset exchanges) would be treated as correspondent accounts.

xxx

Early one recent morning, a team of researchers at Alibaba were urgently summoned to a meeting. The company’s cloud computing firewall had flagged several security policy violations coming from the company’s training servers, on which newly developed AI agents were being run. Some AI agents had attempted to access internal network resources they had no business accessing. Others were mining cryptocurrency.

From: AI agents are going rogue. Here’s what banks can do about it | American Banker.

xxx

xxx

The U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) and OFAC issued a 303-page proposed rule implementing the GENIUS Act, reclassifying permitted payment stablecoin issuers (PPSIs) as financial institutions under the Bank Secrecy Act. Requirements include bank-grade KYC, suspicious activity reporting, transaction blocking/freezing capabilities, and appointment of a U.S.-based compliance officer. Enforcement begins January 2027. A 60-day comment period opens now.

From: FIncen/OFAC 303 Page Rule Squashes Stablecoin eCom Ambitions | Noyes Payments Blog.

xxx