In the hushed corridors of Islamabad’s Q-Block this April 2026, a familiar but increasingly dangerous fiscal paradox is playing out. Pakistan has, at great political cost, wrestled its macroeconomic indicators back from the precipice. Currency volatility has subsided, and the structural benchmarks of the International Monetary Fund (IMF) are largely being met. Yet, beneath the surface of this stabilization lies a deeply punitive revenue model—one that threatens to suffocate the very engine of export-led growth it intends to fuel.

This is the stark reality underscoring the OICCI tax recommendations 2026, recently presented to Minister of State for Finance, Bilal Azhar Kayani. In a critical high-level meeting—joined virtually by the Director General of the Tax Policy Office, Dr. Najeeb Memon—the Overseas Investors Chamber of Commerce and Industry (OICCI) laid bare the math of Pakistan’s uncompetitive corporate landscape.

Their message was unequivocal: expand tax net Pakistan, or watch foreign direct investment (FDI) route itself to Hanoi, Dhaka, and Mumbai. The chamber’s roadmap is not merely a corporate wishlist; it is the most pragmatic, investment-friendly blueprint Islamabad has seen in a decade.

The Anatomy of a Squeeze: The Laffer Curve’s Vengeance

To understand why OICCI urges Minister Kayani tax burden existing taxpayers must be reduced, one need only look at the sheer weight of the current fiscal extraction. Currently, the headline corporate tax rate sits at a seemingly manageable 29%. However, when layered with the regressive Super Tax (up to 10%), the Workers Welfare Fund (WWF) at 2%, and the Workers Profit Participation Fund (WPPF) at 5%, the effective corporate tax rate aggressively scales to an eye-watering 46%.

This is the Laffer Curve in full, vindictive effect. At 46%, taxation ceases to be a revenue-generating mechanism and becomes a penalty for formal documentation. Compliant multinationals and domestic conglomerates are essentially subsidizing the sprawling, untaxed informal economy.

As noted in recent analyses by The Financial Times on emerging market capital flows, capital is ruthlessly unsentimental; it goes where it is welcomed and stays where it is well-treated. By clinging to the Super Tax, Islamabad is signaling that commercial success in Pakistan will be met with ad-hoc penalization. This is why the super tax abolition OICCI budget 2026 proposal is not a plea for leniency, but a baseline requirement for economic survival.

The OICCI Blueprint: Pragmatism Over Populism

During the April 2026 session, OICCI Secretary General M. Abdul Aleem cut to the heart of the issue, advocating for rigorous documentation and digitization. He noted that fiscal health requires “all segments contributing proportionately” to the national exchequer.

The chamber’s meticulously phased roadmap for FY2026-27 offers a graceful exit from this high-tax trap. The core proposals demand urgent legislative attention:

• A Phased Corporate Tax Cut: A reduction of the headline corporate tax rate from 29% to 28% in FY2026–27, cascading down to a Pakistan corporate tax cut to 25% 2026-27 over a three-year horizon.
• Abolition of the Super Tax: A gradual phasing out of the Super Tax to bring effective rates back into the realm of regional sanity.
• Rationalizing Personal Taxation: The immediate abolition of the 10% surcharge on high earners and capping the personal income tax rate at a maximum of 25%, a vital move to stem the accelerating brain drain of top-tier talent.
• Sales Tax Rationalization: A phased reduction of the general sales tax (GST) from its inflationary peak of 18%, stepping down to 17%, and eventually stabilizing at 15%.
• Fixing Friction Points: An urgent overhaul of the withholding tax (WHT) regime, a review of the draconian minimum and alternate minimum taxes, and the resolution of perennial refund delays exacerbated by poor federal-provincial coordination.

Regional Reality Check: Capital Flies to Competitors

To contextualize the severity of Pakistan’s position, we must look across the borders. The global narrative of “friend-shoring” and supply chain diversification is entirely bypassing Pakistan because of its fiscal hostility. When an American or European multinational evaluates South Asia for a manufacturing hub, the tax differential is often the deciding metric.

Data reflects projected standard formal sector rates for 2026.

As the table illustrates, a foreign entity operating in Karachi or Lahore surrenders nearly half its profits to the state, before even accounting for double-digit inflation, exorbitant energy tariffs, and high borrowing costs. Without Pakistan tax net expansion foreign investment will remain anemic. You cannot build a 21st-century export powerhouse on a fiscal chassis that penalizes your most productive corporate citizens.

Untangling the Financial Arteries: Banking Sector Constraints

The corporate squeeze is perhaps most vividly illustrated within the financial system. The OICCI banking sector tax constraints 2026 agenda highlights a critical vulnerability. Banks in Pakistan are subjected to a dizzying array of discriminatory taxes, often treated as the government’s lender of first resort and its most easily accessible cash cow.

When banks are taxed punitively—often at effective rates crossing 50%—their capacity and willingness to extend credit to the private sector shrink. They retreat into the safety of sovereign paper, crowding out the private borrowing necessary for industrial expansion. Minister Kayani and Dr. Memon must recognize that unleashing the banking sector from these constraints is prerequisite to stimulating the very export sectors the government relies upon for dollar liquidity.

Beyond the Formal Sector: The Urgent Need for Tax Net Expansion

The elephant in Q-Block has always been the undocumented economy. Successive governments have found it politically expedient to extract more from the 3 million active taxpayers rather than confront the sacred cows of Pakistani politics: agriculture, retail, and real estate.

However, as highlighted by the World Bank’s Public Expenditure Review, Pakistan’s low tax-to-GDP paradox can only be resolved by broadening the base. The OICCI’s demand to expand the tax net is fundamentally about horizontal equity. Trillions of rupees circulate in wholesale markets, speculative real estate plots, and massive agricultural tracts with near-zero tax yield.

Integrating these sectors via aggressive digitization, point-of-sale mapping, and property valuation overhauls is not optional; it is structural triage. If the tax burden is dispersed horizontally across these vast, untaxed plains, the vertical pressure on multinationals and salaried professionals can finally be released.

Navigating the IMF Reality: From Stabilization to Export-Led Growth

The immediate pushback from Islamabad’s fiscal bureaucrats is entirely predictable: “The IMF will not allow revenue-sacrificing measures.” This is a fundamental misreading of modern macroeconomic consensus. The IMF’s current Extended Fund Facility (EFF) framework prioritizes a sustainable tax-to-GDP ratio, not mutually assured economic destruction via over-taxation.

Executing IMF compliant tax reforms Pakistan export growth requires a nuanced negotiation posture from the Finance Ministry. By simultaneously presenting a robust, verifiable plan to tax retail and real estate, Islamabad can secure the fiscal space necessary to implement the OICCI’s proposed corporate tax cuts. The IMF is highly receptive to revenue-neutral structural shifts that shift the burden from investment and production to consumption and speculative wealth.

It requires political capital to tax a wealthy landowner or a prominent wholesaler, but it is precisely this political capital that the current administration must expend if it wishes to survive beyond the current IMF lifeline. As global economic observers at The Economist have consistently pointed out, economies do not shrink their way to prosperity. They grow out of debt through competitive private enterprise.

A Make-or-Break Moment for Pakistan’s Economy

We have reached a critical juncture in Pakistan’s economic trajectory. The stabilization achieved over the last two years was a necessary, painful chemotherapy. But you cannot keep a patient on chemotherapy indefinitely; eventually, you must nourish them back to vitality.

The corporate sector has bled enough. The arbitrary imposition of super taxes, the stifling of the banking sector, and the delayed processing of legitimate refunds have eroded trust between the state and its most reliable revenue generators. The proposals laid out by Abdul Aleem and the OICCI represent a pragmatic olive branch to the government—a data-backed roadmap to restoring investor confidence.

For Islamabad, the choice heading into the FY2026-27 budget is existential. They can continue the lazy, regressive path of milking the formal sector dry, ultimately driving capital across the border and talent across the oceans. Or, they can undertake the difficult, necessary work of digitization, documentation, and equitable taxation.

If Kayani and the Finance Ministry listen, Pakistan can finally move from tax collector to growth enabler.

In the high-stakes theater of modern geopolitics, the final miles of a war are almost always the most treacherous. When US President Donald Trump took to Fox News this week to confidently declare that the six-week US-Israel war against Iran is “very close to over,” markets exhaled. Global equities flirted with record highs, and Brent crude oil—the geopolitical thermometer of the Middle East—slipped mercifully below the $100-a-barrel threshold.

Yet, as the rhetoric in Washington pivots toward peacemaking, the view from the bridge of any commercial vessel navigating the Arabian Sea is distinctly less rosy.

Within hours of Trump’s optimistic broadcast, the operational headquarters of the Iranian armed forces issued a chilling rejoinder. If the United States Central Command (CENTCOM) continues its naval blockade of Iranian ports, Tehran warned, it will not simply choke the Strait of Hormuz; it will aggressively expand its theater of disruption to the Persian Gulf, the Sea of Oman, and the critical arteries of the Red Sea.

As diplomatic backchannels hum in Islamabad, we are left with a jarring cognitive dissonance. Trump says war very close to end, but the escalating Iran shipping threat suggests that the Islamic Republic is preparing for a sprawling, asymmetric maritime insurgency. To understand how this ends, one must strip away the political bravado and examine the cold, mathematical reality of blockades, oil markets, and the shifting calculus of global power.

The Anatomy of the CENTCOM Blockade: A High-Stakes Gamble

To force Tehran’s hand at the negotiating table, the Trump administration has deployed an aggressive naval doctrine. Following the collapse of weekend peace talks spearheaded by Vice President JD Vance in Pakistan, the US military initiated a targeted blockade on all vessels entering or exiting Iranian ports.

The early tactical results are undeniable. In its first 48 hours, CENTCOM reported a zero-penetration rate, successfully forcing nine commercial vessels to turn back toward Iranian coastal waters. It is a muscular display of maritime supremacy, designed to strip Tehran of its primary economic lifeline and its most potent point of leverage: the extortion of global shipping.

Prior to the blockade, Iran had effectively privatized the Strait of Hormuz—the waterway through which nearly a fifth of global oil and gas supplies flow. Tehran had barred non-Iranian vessels from passing without its explicit authorization, effectively transforming the strait into a toll road, reportedly demanding up to $2 million per transit.

By choking off Iranian ports but permitting passage to US Gulf allies, the Trump administration is executing a classic pressure campaign. As Max Boot notes in the Council on Foreign Relations, the strategy is a bet that Iran will buckle under profound economic asphyxiation before a sustained global energy crisis forces the United States to blink. But blockades are inherently escalatory. They invite retaliation not on the battlefield, but in the vulnerable, interconnected veins of global commerce.

Tehran’s Counter-Move: Expanding the Shipping Threat

Iran’s response to the blockade reveals a profound understanding of asymmetric warfare. Instead of directly challenging the overwhelming conventional might of the US Navy in the Strait of Hormuz, Iranian military commander Ali Abdollahi signaled a horizontal escalation.

By threatening commercial vessels in the wider Persian Gulf, the Sea of Oman, and the Red Sea, Iran is leveraging the inherent vulnerability of the global supply chain. The Iran Red Sea shipping threat 2026 is not merely a tactical bluff; it is a strategic warning that Tehran can inflict catastrophic economic pain far beyond its immediate territorial waters.

This strategy forces the US military into a defensive crouch over thousands of miles of ocean. The US Navy, while formidable, cannot indefinitely escort every commercial tanker from the Suez Canal to the Arabian Sea. Iran knows that it only takes a handful of successful drone or missile strikes on civilian tankers—or even the credible threat of such strikes—to send maritime insurance premiums into the stratosphere, functionally closing these waterways to commercial traffic.

President Trump has countered with his trademark maximalist rhetoric, threatening to turn Tuesday into “Power Plant Day, and Bridge Day, all wrapped up in one” if Iran does not yield. He has also warned that any vessel paying an Iranian toll will be intercepted by the US Navy and denied safe passage on the high seas. This brinkmanship creates a precarious binary: either Tehran capitulates, or the Middle East plunges into an infrastructure-decimating war of attrition.

Oil, Midterms, and Markets: The Economics of Peacemaking

At the heart of Trump’s optimism—and his urgency—is the American domestic economy. The US blockade Hormuz oil prices equation is the single most volatile variable in the lead-up to the US midterm elections.

Despite the blockade and the looming Iran shipping threat, energy markets have displayed a surprising, albeit fragile, resilience. Benchmark prices dropping below $100 a barrel on Tuesday reflect Wall Street’s desperate desire to believe Trump’s assertion that “Gasoline is coming down very soon and very big.”

But this market optimism is brittle. Over 100 tankers have transited the strait since the US and Israel launched the war on February 28, largely carrying Iranian oil bound for China and India. Up until the recent blockade, the US had quietly tolerated these exports to prevent a catastrophic global supply shock. By abruptly severing this flow, the administration is playing Russian roulette with global inflation.

As the Financial Times routinely observes, oil markets price in risk, not rhetoric. If Iran makes good on its threat to widen the maritime conflict into the Red Sea, the sudden spike in crude could derail the US economic recovery, wiping out the stock market’s recent gains and dealing a severe blow to the Republican party’s midterm prospects. Trump’s push to declare the Trump Iran ceasefire 2026 a victory is as much a macroeconomic imperative as it is a geopolitical objective.

The Beijing Factor: Xi Jinping’s Calculated Distance

A fascinating subplot to this crisis is the role of China. Trump recently disclosed that he exchanged letters with Chinese President Xi Jinping, urging Beijing not to supply weapons to Iran. According to Trump, Xi “essentially” agreed.

If true, this represents a significant, pragmatic calculus by the Chinese Communist Party. China is the primary consumer of Iranian crude. A prolonged war that permanently destabilizes the Persian Gulf is antithetical to Beijing’s energy security needs. While China routinely challenges US hegemony, it has little appetite for underwriting a suicidal Iranian confrontation that sends oil past $130 a barrel.

Furthermore, Trump claims that China is “happy” he is seeking to permanently secure the Strait of Hormuz. While Beijing will never publicly endorse a US military blockade, the silent acquiescence of the global superpower suggests that Iran may be increasingly isolated. Without a reliable pipeline of advanced Chinese weaponry, Tehran’s ability to sustain a prolonged, multi-front naval conflict is severely diminished.

The Islamabad Backchannel: Can Diplomacy Survive?

Despite the apocalyptic rhetoric and the movement of thousands of additional US troops to the Middle East, the diplomatic machinery has not entirely stalled. The Islamabad peace talks Iran channel remains the vital pulse of this conflict.

The weekend collapse of in-person negotiations in Pakistan was a setback, but the fact that both US and Iranian officials—including Iranian President Masoud Pezeshkian, who recently stated Tehran is “seeking dialogue, not war”—are leaving the door open for talks within the “next two days” is telling.

In diplomacy, a collapsed talk is often just a prelude to the real negotiation. The US blockade was the stick; Trump’s buoyant rhetoric on Fox News is the carrot. The Iranian regime, battered by weeks of US-Israeli airstrikes that failed to topple the government but heavily degraded its infrastructure, must now decide if the cost of retaining control over the Strait of Hormuz is worth the potential destruction of its power grids and water treatment facilities.

Iranian Foreign Ministry spokesman Esmail Baqaei’s acknowledgment of ongoing indirect dialogue indicates that pragmatism may yet prevail. However, the sticking point remains Iran’s nuclear ambitions and its desire to extract sovereign tolls from the Strait—conditions that Israel and the US view as absolute non-starters.

The Geopolitical Fallout: NATO, the Vatican, and an Isolated America

While Trump orchestrates this high-wire act, the geopolitical collateral damage is mounting. The unilateral nature of the US-Israel campaign has driven a historic wedge between Washington and its traditional allies.

UK Prime Minister Keir Starmer’s explicit refusal to support the naval blockade, stating he will not be “dragged into the war,” highlights the profound isolation of the current US strategy. European capitals, still weary from the economic scars of the Ukraine conflict, are terrified by the prospect of a closed Strait of Hormuz.

Even more unusually, the conflict has sparked a bitter, public feud between President Trump and Pope Leo, who has aggressively called for an immediate end to the war. Trump’s retaliatory posts on Truth Social against the Vatican underscore the deeply polarizing nature of this conflict on the global stage. As Foreign Affairs analysts might note, the United States is winning the tactical military battles but risks losing the broader strategic narrative, alienating the very coalition required to enforce a long-term containment of Iran.

Conclusion: The Peril of Premature Victory

When Trump says war very close to end, he is expressing a desired political reality, not a guaranteed outcome. The current landscape—a two-week ceasefire ticking down, a watertight US naval blockade, and a furious Iran threatening to ignite the Red Sea—resembles a powder keg searching for a spark.

The strategic brilliance of Trump’s approach lies in its unpredictability. By simultaneously threatening catastrophic military strikes on civilian infrastructure while floating the imminent promise of peace talks in Islamabad, he has forced Tehran into a state of strategic paralysis.

But this is a dangerous game. The Iran shipping threat is real, and the Islamic Revolutionary Guard Corps (IRGC) has a long history of viewing compromise as capitulation. If US naval forces physically board Iranian vessels, or if a rogue Iranian drone strikes a Western tanker in the Red Sea, the fragile ceasefire will shatter instantly.

We are indeed “close to the end” of this specific phase of the crisis. But whether that end arrives via a historic diplomatic breakthrough in Pakistan or a devastating regional conflagration in the waters of the Middle East remains entirely—and terrifyingly—unwritten. For global markets, diplomats, and military commanders alike, the next 48 hours will define the geopolitical trajectory of the decade.

The most consequential financial-security meeting of 2026 happened Tuesday. Almost nobody was talking about it.

There is a particular quality to urgency in Washington — a calibrated, deliberate kind, stripped of drama precisely because the stakes are too high for theater. When Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell jointly summon the chiefs of America’s largest banks to a private session on a weekday morning, they are not performing concern. They are managing it.

That is what happened on Tuesday, April 8, 2026, in the marbled corridors of Treasury headquarters on Pennsylvania Avenue. Bessent and Powell assembled a group of Wall Street leaders to make sure banks are aware of possible future risks raised by Anthropic’s Mythos model and potential similar systems, and are taking precautions to defend their systems. Bloomberg The CEOs of Citigroup, Morgan Stanley, Bank of America, Wells Fargo, and Goldman Sachs were present. JPMorgan’s Jamie Dimon was invited but unable to attend. AOL The Treasury declined to comment. The Fed declined to comment. Anthropic had no immediate comment.

In Washington, silence of that particular texture is its own form of communication.

The Model That Spooked the Regulators

To understand why two of America’s most powerful financial stewards convened an emergency summit with the chiefs of institutions collectively managing trillions in assets, you need to understand what Anthropic’s Claude Mythos Preview actually does — and why it is genuinely different from the parade of large language models that have cycled through headlines since 2022.

Anthropic launched the powerful Mythos model earlier this week but stopped short of a broad release, citing concerns it could expose previously unknown cybersecurity vulnerabilities. The company said the model is capable of identifying and exploiting weaknesses across “every major operating system and every major web browser.” RTÉ Read that sentence again. Every major operating system. Every major web browser. This is not a chatbot that occasionally hallucinates. This is an autonomous vulnerability-hunting engine with the precision of an elite red team and the speed of software.

Unlike typical consumer-facing AI tools, Mythos is geared toward cybersecurity software engineering tasks. Its specialty is identifying critical software vulnerabilities and bugs, but it can also assemble sophisticated exploits. CoinDesk The distinction matters enormously. Most AI models are generative — they produce text, images, code. Mythos is analytical and adversarial, capable of scanning codebases, identifying failure points invisible to human auditors, and constructing the exploits that could weaponize those failures. In the hands of a sophisticated actor — a state-sponsored hacking collective, a ransomware syndicate, a rogue insider — this capability is not a cybersecurity tool. It is a cybersecurity threat.

This marked the first time Anthropic had limited the launch of a new model. Investing.com That fact alone should arrest attention. A company whose business model depends on broad adoption and API revenue made the deliberate, commercially costly decision to gate access. That restraint — unusual in a sector that tends to race toward release — signals something about how seriously Anthropic’s own researchers regard what they have built.

Project Glasswing: An Experiment in Controlled Power

Access to Mythos will be limited to about 40 technology companies, including Microsoft and Google, and Anthropic has been in ongoing talks with the U.S. government about the model’s capabilities. AOL This restricted release program, referred to internally as Project Glasswing, is a deliberate inversion of how AI has historically been deployed: rather than releasing broadly and patching later, Anthropic gave dominant platform holders a head start — not to monetize first, but to defend first. Anthropic released the model to a select group of partners, including Amazon, Apple, and Microsoft, to give them a head start on securing vulnerabilities. Investing.com

It is a genuinely novel approach, and one that deserves more credit than it will likely receive. The logic is sound: if a model can identify zero-day vulnerabilities at machine speed, the most responsible action is to arm defenders before the broader landscape of threat actors can replicate or steal the capability. But Glasswing also exposes a governance gap so wide you could park an aircraft carrier in it.

Who audits the 40 companies with access? What safeguards prevent Mythos from being fine-tuned, transferred, or reverse-engineered? If a Glasswing participant suffers a breach — and given that these are themselves high-value targets, the probability is non-trivial — what is the liability chain? What is the protocol? The answers to these questions do not exist in any regulatory framework currently operative in the United States, the European Union, or anywhere else.

The Systemic Risk Nobody Has Priced

The meeting at Treasury was not primarily about Anthropic. It was about what Anthropic represents: the arrival of AI capabilities that move faster than the regulatory, legal, and institutional machinery designed to contain them.

Consider the financial system’s exposure. Modern banking infrastructure is built on decades of accumulated code — legacy COBOL systems at regional lenders, middleware connecting trading platforms to clearing houses, authentication layers protecting retail deposits. Much of this code has never been audited by a sophisticated adversary because auditing at scale was prohibitively expensive. Mythos eliminates that constraint. A well-resourced actor with access to comparable capability could, in principle, systematically map the attack surface of an entire national banking system in the time it currently takes a human security team to review a single subsystem.

The episode highlights a fundamental change in how regulators are framing AI risk — not merely as a technological challenge, but as a potential catalyst for systemic events. This has already raised red flags in crypto, where experts are worried that Mythos’ capability of discovering and exploiting zero-day vulnerabilities in real-time at low cost poses risk to the DeFi infrastructure. CoinDesk

The systemic risk framing is the right one — and it is the framing that explains why Powell was in that room. The Federal Reserve’s mandate is financial stability. Historically, stability threats have come from credit cycles, liquidity crunches, and contagion. They are now coming from code. A successful AI-enabled attack on a major custodial bank — one that compromised transaction integrity, corrupted ledger data, or triggered a cascade of failed settlement — would represent a category of financial crisis that no existing playbook addresses. The bazooka of emergency liquidity provision is not particularly useful when the crisis is epistemic rather than financial: when the question is not whether there is enough money, but whether the numbers can be trusted at all.

Anthropic vs. the Pentagon: The Contradiction at the Heart of AI Policy

There is a peculiar irony shadowing this episode. Anthropic has separately been battling the Trump administration in court. The Pentagon had labeled the company as a supply-chain risk, a designation that Anthropic has opposed. Earlier this week, a federal appeals court declined, at least for now, Anthropic’s request that it put a pause to the Pentagon’s designation. Bloomberg Law

Anthropic proactively briefed senior U.S. government officials and key industry stakeholders on Mythos’s capabilities RTÉ — engaging responsibly with the national security community — even as one branch of that same government has labeled the company a security liability. The left hand of the U.S. government calls in Anthropic’s most advanced model to warn bankers about cyber risk; the right hand designates its maker a supply-chain threat. This is not incoherence. It is the natural consequence of applying 20th-century institutional categories to 21st-century technology companies that are simultaneously strategic assets, potential vulnerabilities, and independent actors with their own governance philosophies.

The contradiction will not resolve itself. It requires a policy architecture that does not currently exist — one that can hold together the dual realities that Anthropic’s capabilities are a genuine national asset and that Anthropic’s capabilities require genuine national oversight. Neither a blanket clearance nor a blanket designation captures that complexity.

What Bessent and Powell Actually Did — and What It Implies

The convening itself was a significant signal. Bessent and Powell do not share a conference room casually. The joint appearance invested the meeting with the authority of both fiscal and monetary sovereign — the message being that AI cyber risk is no longer a niche technology-sector concern but a macro-prudential one. Banks should be pricing this into their operational risk frameworks. Insurers will follow. Rating agencies will not be far behind.

But signals, however weighty, are not architecture. The meeting produced no public guidance, no regulatory proposal, no framework for how banks should report, manage, or disclose AI-enabled cyber exposures. The CEOs who left Treasury on Tuesday left with warnings — and no rulebook.

The Governance Gap and How to Begin Closing It

The Mythos episode crystallizes three failures that policymakers now have no excuse for ignoring.

First, the pre-release consultation gap. Anthropic did the right thing in briefing U.S. officials before releasing Mythos. But that consultation was informal, voluntary, and ad hoc. The EU AI Act’s tiered risk framework is imperfect, but it at least establishes mandatory pre-market assessment for high-risk systems. The United States has no equivalent. A model capable of autonomously discovering and exploiting zero-days across every major OS and browser is, by any reasonable definition, a high-risk system. Its release should trigger a formal, structured national security review — not a phone call.

Second, the systemic-risk classification vacuum. The Fed can designate non-bank financial institutions as systemically important. It cannot currently designate AI models as systemically risky. That gap is now visible and consequential. What is needed is not a new agency but a clear cross-agency mandate — Treasury, CISA, the Fed, the OCC — with authority to classify certain AI capabilities as requiring coordinated disclosure, pre-release review, and sector-specific defensive preparation.

Third, the liability architecture. If a bank suffers losses traceable to an AI-enabled attack using capabilities derived from or analogous to a commercially released model, who bears what responsibility? The current answer — whatever tort law eventually produces — is wholly inadequate for systemic risks. Liability frameworks that can price and allocate AI-era cyber risk are not a luxury. They are a precondition for insurability and, ultimately, for financial stability.

A New Era of Risk — and Responsibility

There is a version of this story that ends badly: a race between capability development and governance in which capability wins by a decisive margin, and the first major AI-enabled financial system attack comes before any of the above frameworks exist. That version is not inevitable, but it requires active work to prevent.

The Tuesday meeting at Treasury was, in its way, a hopeful sign. It suggests that the United States’ most senior financial authorities understand, at least viscerally, that the risk is real and that the clock is running. It suggests that some version of public-private coordination is possible, even in a regulatory environment that remains deeply fragmented.

Anthropic has previously disclosed that it consulted with U.S. officials ahead of Mythos’ release regarding both its defensive and offensive cyber capabilities. CoinDesk That consultation should become a standard, not an anomaly. The release of any AI system with demonstrated offensive cyber capabilities — the ability to identify and exploit zero-days at scale — should automatically trigger a mandatory interagency review, sectoral briefings for affected industries, and a public risk disclosure, however carefully worded.

What Bessent and Powell did on Tuesday was, in the truest sense, firefighting. The fire is real. But what the financial system needs is not better firefighters. It needs buildings that are harder to burn.

The Mythos moment is a clarifying one. It tells us, with unusual precision, that the era of AI as a productivity story is over. The era of AI as a security story — a national security story, a financial security story, a systemic stability story — has arrived. Policymakers who treat it otherwise are not being optimistic. They are being negligent.