Mythos Reshapes Governance as AI Capital Hits Record Concentration

Anthropic's tiered release of Mythos — first to major cloud platforms, now to UK banks and potentially US federal agencies — is hardening into a governance architecture by commercial default. No jurisdiction has established legally binding criteria for who may access a model assessed as too dangerous for general release, what due diligence is required, or what liability attaches to institutional deployers. The UK's AI Safety Institute has remained publicly silent on Mythos risk. The White House is engaging Anthropic through ad hoc executive branch meetings rather than any formal procurement or oversight channel. The result is that Anthropic itself holds the most consequential governance lever: who gets access and on what terms.

The EU AI Act's parallel vulnerability in the Omnibus trilogue reinforces the pattern. The headline legislation is enacted, but its substantive content is being renegotiated in low-scrutiny technical negotiations, just as commercial access decisions are outpacing regulatory readiness elsewhere. CDT Europe's warning that both Parliament and Council risk weakening fundamental rights protections signals that even the world's most comprehensive AI governance framework is being shaped by processes that receive far less public attention than the original drafting. Across jurisdictions, the governance gap between what is being deployed and what is formally regulated is widening faster than legislative processes can close it.

The White House reversal on Anthropic is the clearest illustration yet that national security calculus is moving faster than any other governance input. Political positioning, prior public statements, and the absence of a formal procurement framework were all overridden by a threat assessment of Mythos's cyber capabilities. The Institute for AI Policy and Strategy's framing of Mythos as a structural national security risk — not merely a product concern — reflects a broader shift in how frontier models are being evaluated in Washington. The same model generating anxiety as a threat vector is simultaneously the preferred defensive asset, a duality that existing institutional frameworks are not designed to manage.

The government procurement dimension compounds this dynamic. Anthropic is actively pursuing federal cybersecurity contracts in the US while simultaneously engaging the EU Commission on equivalent applications. OpenAI's parallel pivot away from consumer experimentation toward enterprise and government revenue confirms that frontier labs have identified sovereign procurement as the decisive revenue and legitimacy anchor for this phase of the industry. For capital allocators, which model provider secures the first large-scale federal contracts will function as a leading indicator of which companies dominate regulated enterprise AI deployment across financial services, healthcare, and critical infrastructure in 2027 and beyond.

The satellite imagery finding that 40% of 2026-slated data centre projects face delays is analytically significant beyond the headline number: it establishes that third-party physical evidence now contradicts hyperscaler self-reporting at scale. Construction bottlenecks in switchgear, transformers, and skilled labour, compounded by community opposition forcing cancellations, mean the effective AI compute supply this year may be materially lower than capital commitment figures imply. TSMC's upward CapEx revision confirms sustained demand-side conviction, but the Rotterdam 800MW announcement — at the planning stage with no confirmed grid agreements — illustrates the gap between ambition and deliverable capacity that characterises infrastructure projects from the US to Europe.

Within this supply constraint, the competition for custom silicon is intensifying as sovereign and defence actors seek to reduce GPU dependence. Google's negotiations with the Pentagon to deploy TPUs in classified environments, Musk's Terafab supplier outreach, and Cerebras's IPO refile all point toward a structural shift from commodity GPU racks toward proprietary accelerator architectures as the preferred substrate for strategic compute. Nvidia's ecosystem strategy — co-investing in challengers while maintaining CUDA lock-in — positions it to benefit from the transition regardless of which architecture wins, but the capital now flowing to alternatives signals growing institutional conviction that the current concentration is itself a strategic vulnerability.