OpenAI has offered nine major UK banks access to its advanced cybersecurity model, GPT-5.5 Cyber, intensifying competition with rival AI developer Anthropic and its highly discussed Claude Mythos system.
The move comes as banks and regulators increasingly focus on the opportunities and risks posed by powerful AI models capable of identifying hidden vulnerabilities in software, networks and financial infrastructure.
Both GPT-5.5 Cyber and Claude Mythos are designed to help cybersecurity teams discover security weaknesses before attackers can exploit them. According to testing by the AI Security Institute, the two models demonstrated broadly similar performance levels across a range of cybersecurity tasks.
Claude Mythos attracted significant attention following claims that it uncovered a vulnerability in a legacy system that had reportedly remained undetected for nearly three decades. The announcement sparked concerns among regulators, central bankers and financial institutions about the potential risks of increasingly capable AI-powered security research tools.
Last week, Andrew Bailey, Governor of the Bank of England, noted that UK banks had not yet been granted access to Mythos, limiting their ability to test their own systems using the technology.
In contrast, OpenAI is providing selected financial institutions with access to GPT-5.5 Cyber as part of its controlled cybersecurity programme. However, the company has indicated that the model will not be made universally available.
George Osborne, now a senior executive at OpenAI, said the company wants trusted defenders to benefit from the technology rather than keeping it restricted internally, while still maintaining safeguards around its use.
Why this matters for banks
- AI can identify vulnerabilities much faster than traditional manual security reviews.
- Financial institutions can use these tools to strengthen defenses before cybercriminals discover weaknesses.
- Regulators are increasingly concerned that the same capabilities could potentially be used to develop more sophisticated cyberattacks if controls fail.
- The banking sector is becoming a key testing ground for advanced AI cybersecurity systems because of the critical importance of protecting payment systems, customer data and financial infrastructure.
The development highlights a growing race between leading AI companies to provide powerful cyber-defense tools while balancing concerns about safety, access and potential misuse.
“The key things with these tools is that they need to be in the hands of the right people,” he said.
“We want to make sure that the forces that are establishing order in our democracies have these tools, and the forces that want to disrupt us or commit crime, do not.”
