One Friday night in June, Anthropic locked some of its own engineers out of its best model.

These weren't staff at some overseas office. They were people on the company's own payroll, in its own buildings, who happened not to be US citizens. Days earlier, Anthropic had shipped Fable 5, the most capable model it had ever built. Then the Commerce Department decided no foreign national could touch it, and the order didn't stop at the border. It reached onto Anthropic's own staff roster. Rather than sort its people by passport, the company switched the model off for everyone.

The most American, most safety-first, most Washington-friendly lab in the country had its best model switched off by Washington, days after launch. And every government and every boardroom watching had the same thought at the same moment. 

Who holds the switch on ours?

Forwarded this email? You can subscribe by hitting the button below. Want to get in touch? Hit reply to this email or the sign up email.

The U.S. Department of Commerce ordered Anthropic to suspend global access to its advanced AI models, Fable 5 and Mythos 5, by foreign nationals. Citing national security concerns, the Commerce Department issued the directive over a potential "jailbreak" that could supposedly be used to bypass cybersecurity safeguards. As a result, Anthropic removed Fable 5 access for all users.

This one event was a topic of debate at the G7, the business news, the tech podcasts, and in almost every single Fortune 1000 boardroom. Once a theoretical debate, led by the people who worry professionally, sovereignty over data and AI model access has jumped from priority 34 to p0 for anyone working with AI. 

As the Chief AI Officer of Santander put it to me in a recent conversation

Everyone has a sovereignty worry at the same time from different perspectives.

The US is worried about who is guarding its frontier AI-class cyber capabilities from its adversaries (with some evidence that this may not be well managed). Allies are worrying about who holds the off switch on their AI capability, and corporates, if they can compete in a future where their AI destiny isn’t in their hands.

And the off switch isn’t all that’s out of control right now. 

There’s a major reset coming to token pricing.

If you’ve not had the pleasure of watching (or reading) Ed Zitron, famed AI skeptic, then allow me to summarize. He’s calling this phase of the hype cycle the "Subprime AI Crisis." His argument is that the early days of $20-a-month subscriptions were a massive, artificial subsidy con designed to get users hooked on unsustainable token burn. Flat-rate consumer subscriptions are underwater for hundreds, even thousands of dollars per month.

(As an aside, there’s an interesting tipping point for enterprise pricing. Below 150 seats, subscriptions can be used, encouraging companies to tokenmaxx and innovate. Above that, API billing kicks in. There’s a genuine potential advantage to being a startup, but a tax on going above 150 seats.)

Zitron highlighted Zillow spending over $1 million on AI tokens through Q1 2026, putting them on track to burn $7 million to $10 million in a single year—eating up a massive chunk of their profits. Software like Excel or PowerPoint doesn't cost more money the more you use it.

This is showing up in lived experience too, as Iñaki said to me:

A single task can fall in cost by two orders of magnitude just by changing the model underneath. And the quality of output was exactly the same. And that makes sense: how often do you need a genius to run a basic process? So what happens next is the heaviest AI users start to ration their AI token usage from the top labs, and route everything else to something smaller, or even local.

Every token a customer routes is pricing power leaving the AI labs. But doing that routing isn’t easy, and may be beyond the reach of many companies.

Yes, but it’s hard.

Some companies, in their rush to get AI, wedded themselves to one vendor or AI lab. Whether it’s using their forward-deployed engineers to build new AI capabilities, or having the lab install its enterprise software and tightly coupling that with internal data and processes. Both of these options bring you enterprise-grade security at the cost of lab-vendor lock-in. 

For example, Customers Bank and FIS both chose to allow OpenAI and Anthropic (respectively) to have forward-deployed engineers (FDEs) build new capabilities quickly with AI, in return for agreeing to use the underlying model. That does get you talent and speed to market, but with the potential supply chain risk we’re facing, it might also create a problem. Where your supplier, due to no fault of your own, or theirs, is no longer able to serve you. 

Managing supply chain risk needs four things: The ability to route workloads between models, control over your data (and the boundary), build your own models, and potentially, for larger banks, controlling your own compute too.

1. The ability to route between models. This is what Ramp, Allica, and Santander all do to ensure the best ROI per token. Santander even built llm_bridge, a lightweight adapter routing across OpenAI, Bedrock, Gemini, and Santander's own models, and open-sourced it. 

If a model gets taken away from you by a government, or becomes so prohibitively expensive as it gets used more, a router means business continues as usual.

2. Control of your own data. This is what every board worries about. How do I get the benefits of AI without giving over my data and process knowledge to the labs that could displace me? The same bridge that helps you route between models can also broaden into a harness. Allica, Ramp, and Santander all built internal skills and workflows that work across any model, and securely connect to their internal systems 

Most corporations wait for the IT team to get access to their data or create new reports in Power BI. If you have an AI harness, you can invert that, and have the agents write custom integrations to every underlying system, then bring that together into a single “brain” or knowledge base. 

3. The ability to build your own models.  Revolut, Nubank, and, yes, Santander have built their own models on their own data instead of sending it to labs. This means being able to access all of your data and a shared set of skills and memories that work across the organization. 

Building your own small language models can be done quite easily with a handful of GPUs and a small team. Iñaki gave me an example of building models that are stronger at Portuguese and Spanish dialects than the ones on the market with 10 GPUs and a team of two. 

4. Control your own compute. Finance has always been about algorithms, Monte Carlo methods, stochastic models, regressions, time series, and other quantitative systems. Modern AI is beginning to materially upgrade those workloads, shrinking simulations that once took months into processes that can run in an hour. At that point, the bottleneck shifts from whether the models work to whether you have enough compute to train and run them at scale.

That is why it's logical that Santander was a founding investor in Spanish AI gigafactory and could secure a large GPU offtake: because it sees control of training and inference capacity as becoming strategically essential to the future of banking..

There’s also secret door 5: do all of the above (which is what Santander did and why I think they might be the most interesting case study in regulated AI, and I’m pleased to say Iñaki will be speaking at this year's Fintech Nerdcon on their open source initiatives). 

Maybe if they know who their customer is.

The US Government’s core concern appears to be that adversaries had access to frontier “cyberweapon” like capabilities. Both OpenAI and Anthropic are implementing Know Your Customer (KYC). This means users will have to submit a Government photo ID, a live selfie, and a facial-geometry template. 

OpenAI has had a verified developer program for some time, and Anthropic has been testing “KYC” since April; it will be mandatory on consumer plans from July 8. The API and enterprise sit outside it for now.  They’re using Persona (yes, the same one many Fintech companies use). When implemented, US persons (and potentially its allies) would be able to use the latest models.

But KYC isn’t a panacea (as fintech nerds will know well). 

For a motivated attacker, it's friction, not a wall, and running a real program is constant vigilance and a permanent tradeoff between user experience and catching the bad guy. No system is perfect. Short term, adding KYC might buy Anthropic and its users some reprieve.

But long term it makes them look like a different animal

They’re building identity checks through Persona, the same vendor half of fintech uses. How far is that from watchlists and suspicious activity reports? A regulator who can switch the product off on a Friday night. That is how a bank runs. 

The scarce thing in AI is shifting from raw intelligence to trust. Can you prove who used the model, that the decision was fair, and that it will behave tomorrow the way it did today? Banking has answered that under a regulator's eye for decades. The smartest companies of the age are learning it live, in public.

Longer term, the sovereignty questions remain in every company and country, and there’s not much the labs can do about that. Other than perhaps continuing to be at the frontier, extending their lead, and becoming the default choice when you need the best intelligence. 

Perhaps where this nets out is a barbell (as I’ve seen Marc Andreessen mention), where 99% of the time you don’t need a super genius. So you run those tasks locally or on a low-cost model, but the 1% of planning and strategic rationale work goes to the frontier lab. If you’re worried about cyber risk, do you want the not-frontier model doing your penetration testing, or the frontier? 

Their bigger concern is the long-term cost/profitability structure, especially if you’re being commoditized, and the application of frontier intelligence is less and less of a default. How can the labs simultaneously

My sense is that we’ll find an equilibrium. Getting there might be short-term painful. I’m not sure I buy Ed Zitron's full argument that “AI is a scam” and dishonest. Yes, there’s plenty of short-term hype, and it's wildly competitive, but there’s also more demand than there is supply. And people forget that demand exists long after models are trained. Once they’re alive and being served (via inference time compute), that’s where all of the cost is.

And all the way across the stack, companies are vying to serve that to you, whether it’s hyperscalers like Amazon Bedrock, Neoclouds like Coreweave, or companies buying their own GPUs and investing in data center build-outs themselves. 

Everyone is fighting for sovereignty, the sovereigns, the labs, and their clients. The space is moving incredibly quickly, and people are having to learn and adapt in real time. Welcome to life inside the singularity.

The Fable release and retraction was an omnishambles, shambolic from every direction, a perfect storm of persona, politics, and power that left just about everyone unhappy. The one good thing it produced was urgency. 

At the G7, Anthropic and much of the US AI industry proposed a framework for AI governance among allies, the diplomatic version of agreeing not to use the off-switch on each other. It forced companies to confront how much of their AI destiny they'd handed away, and how to build resilience before the next shock. And it pushed the labs to react, communicating better, adding KYC, engaging rather than dictating.

It's hard to see how the past week's events do anything but weaken the labs' moat. If cost pressure remains enormous and enterprise, the biggest growth segment, pulls back on revenue, how do these labs get repriced by public markets?

My bet is they get repriced the day public markets stop treating them like software, recurring, locked-in, high-margin, and start treating them like capital-intensive infrastructure. 

Staying at the frontier is their moat, and their moat is expensive.

Yours is cheaper. Multiple models, control of your data, control of your compute.

It just takes knowing where to look.

And focus. Lots of focus.

ST.

—

Further reading

I appreciate this piece comes across as a bit of a Santander ad. But frankly, I speak to lots of companies on AI, and I was genuinely excited about what I heard. I’m always happy to hear from and talk to other teams. Hit reply to this email if you have something to share :)

Remember, if you're enjoying this content, please do tell all your fintech friends to check it out and hit the subscribe button :)

Want more? I also run the Tokenized podcast and newsletter.

(1) All content and views expressed here are the authors' personal opinions and do not reflect the views of any of their employers or employees.

(2) All companies or assets mentioned by the author in which the author has a personal and/or financial interest are denoted with a *. None of the above constitutes investment advice, and you should seek independent advice before making any investment decisions.

(3) Any companies mentioned are top of mind and used for illustrative purposes only.

(4) A team of researchers has not rigorously fact-checked this. Please don't take it as gospel—strong opinions weakly held

(5) Citations may be missing, and I’ve done my best to cite, but I will always aim to update and correct the live version where possible. If I cited you and got the referencing wrong, please reach out