President Donald Trump abruptly cancelled the signing of his AI national security executive order last Thursday, hours before a scheduled Oval Office ceremony, telling reporters he did not want to “do anything that’s going to get in the way” of America’s lead over China. The reversal landed against an unusually loaded backdrop. A few weeks earlier, Treasury Secretary Scott Bessent and outgoing Fed Chair Jerome Powell had pulled Wall Street’s biggest bank CEOs into a closed-door meeting to warn them about an Anthropic model that taught itself to find thousands of severe security holes in the software the financial system runs on.
For a sophisticated business audience, the policy whiplash is not the only story. The story is that the most consequential AI regulator in Washington right now may be sitting at Treasury, not at any tech-policy desk.
The Order That Did Not Get Signed
The executive order was the closest the administration had come to a federal framework for frontier AI. According to NBC News, it would have set up a process for the government to vet the national-security risks of advanced models before public release, directed agencies to harden their own cybersecurity, and invited voluntary safety testing with US labs including Anthropic, OpenAI, and Google. Trump scrapped it at the last moment, telling reporters, “I didn’t like certain aspects of it, I postponed it,” and framing the decision around the race with Beijing.
The Arkansas Democrat-Gazette connected the postponement to the broader anxiety over Anthropic’s most powerful internal model. That connection is the subtext of the entire episode, even if no official has stated it as the cause.
The Model Behind the Anxiety
In April, Anthropic disclosed a research preview it calls Claude Mythos. Through a program named Project Glasswing, the company said the model autonomously discovered more than 10,000 high and critical-severity vulnerabilities across every major operating system and web browser, a capability the company found alarming enough that it has not released the model publicly. The more cinematic specifics circulating in security circles are harder to confirm and worth treating with caution, but Anthropic’s own description of a model that finds zero-day flaws at machine scale is on the record.
That single capability reframes the entire regulatory debate. An AI that can map the soft spots in critical infrastructure faster than any human red team is a national-security asset and a national-security hazard in the same body. This is the same Project Glasswing work that anchored our earlier reporting on Anthropic’s push into AI cybersecurity and the Claude Mythos program.
When the Treasury Secretary Becomes the AI Regulator
The most telling business detail is who convened the bankers. In April, Bessent and Powell brought the heads of the largest US banks to Treasury to brief them on the systemic cyber risk a model like Mythos represents, a meeting first reported by Reuters and carried by Fortune. The attendee list read like a Financial Stability Oversight Council session: Jane Fraser of Citi, Ted Pick of Morgan Stanley, Brian Moynihan of Bank of America, and Charlie Scharf of Wells Fargo among them, with Fortune detailing the closed-door warning.
Read that through a markets lens and the implications stack up fast. If the Treasury Secretary is personally briefing bank CEOs on AI-discovered vulnerabilities, then cyber-insurance underwriting, SOC 2 attestation cycles, and vendor-risk timelines are all about to get repriced, regardless of whether a single executive order ever gets signed. The regulation is already happening. It is just not happening through the document Trump declined to sign.
The Anthropic and White House Cold War
None of this is occurring between friendly parties. In February, the administration directed federal agencies to “immediately cease all use” of Anthropic technology on a six-month phase-out, and the Pentagon flagged the company as a supply-chain risk, as Defense One reported. The clash traced to Anthropic refusing the government unrestricted access to its models for what the company viewed as mass domestic surveillance and autonomous-weapons use cases. A senior Pentagon official accused Amodei of operating with a “God-complex.”
So a White House that banned Claude across the federal government in February was never likely to sign an order that hands frontier labs a formal seat at the national-security table. The China-lead explanation is real. It is probably not the whole explanation.
Correlation, Not Confession
Here is the honest read, because the temptation to draw a straight line is strong. No official has said the executive order died because of Claude Mythos. The timeline lines up, the cybersecurity framing is unmistakable, and the administration’s history with Anthropic is openly hostile, but the stated reason is the competitive race with China. Treating context as proof would be the same overreach the wire copy is making this week.
What Businesses Should Actually Watch
The signing got cancelled. The risk did not. Watch for cyber-insurance carriers to reprice AI-related exposure, for SOC 2 and vulnerability-disclosure timelines to compress, for a revised executive order to surface in a quieter form, and for Bessent’s role in AI policy to keep expanding. The document is on hold. The market is already moving without it.