When the US government switched off AI: what the Anthropic shutdown means for your GRC program 

Key takeaways  Introduction: for many businesses the lights went out when the US government enforced AI restrictions   Picture this: it’s the morning of 13 June 2026 and the compliance team at a mid-sized, European financial services business opens their AI-assisted regulatory monitoring tool – the one they recently rolled out, that surfaces horizon risk items and flags policy changes across five jurisdictions. It is offline, with no warning email, no estimated time of restoration and, critically, no fallback. …

Corey Avatar
anthropic-US-shutdown-corestream grc

Key takeaways 

  • On 12 June 2026, the US Commerce Department ordered Anthropic to suspend its two most advanced AI models globally – with no advance notice. Days later, the White House made a separate request to OpenAI restricting access to GPT-5.6. Two different government bodies. Two different legal instruments. No consistent framework. 
  • The directive applied to all “foreign nationals,” including those working inside the US, meaning a material share of the workforce at many organizations lost access to tools their workflows depended on. 
  • This is a new category of third-party risk: sovereign intervention by a foreign government, acting without transparency or predictable criteria, with immediate operational effect. 
  • GRC teams should act now: audit AI vendor dependencies, identify workflows without viable non-AI fallback, review vendor contracts for government-compliance clauses, and stress-test operational resilience declarations against a scenario of indefinite AI service withdrawal. 

Introduction: for many businesses the lights went out when the US government enforced AI restrictions  

Picture this: it’s the morning of 13 June 2026 and the compliance team at a mid-sized, European financial services business opens their AI-assisted regulatory monitoring tool – the one they recently rolled out, that surfaces horizon risk items and flags policy changes across five jurisdictions. It is offline, with no warning email, no estimated time of restoration and, critically, no fallback. 

For organizations on both sides of the Atlantic that had integrated Anthropic’s Fable 5 or Mythos 5 into their workflows, that is precisely what happened. 

British MP and former minister for the armed forces Al Carns described the practical reality:  

“This week the most advanced AI model on the planet got switched off by a foreign government. British researchers were studying it. British companies were testing it. British hospitals were piloting it. Not any more.” 

The episode has generated extensive commentary about geopolitics and AI sovereignty but, for GRC professionals, the more immediate question is narrower and more practical: does your organization’s risk framework account for the possibility that a key AI supplier can be switched off, without notice, by an act of a foreign government? For most organizations, the honest answer is no. 

But, when McKinsey’s State of AI in 2025 report finds 79% of organizations reporting the regular use of generative AI in at least one business function, and  Deloitte’s 2026 State of AI in the Enterprise report states worker access to AI rose by 50% in 2025, the operational resilience of AI models becomes a real and growing risk. 

What happened, and why it matters for GRC 

On 12 June 2026, the US Commerce Department’s Bureau of Industry and Security sent Anthropic a directive ordering it to suspend access to Fable 5 and Mythos 5 (its two most advanced AI models) for any foreign national, whether inside or outside the United States. The directive cited national security authorities. Anthropic said it had been given no specific details of the security concern: “the government has only given us verbal evidence of a potential narrow, non-universal jailbreak.” 

Because Anthropic could not reliably distinguish foreign nationals from US persons across a user base of hundreds of millions in real time, it took the only operationally viable path: it disabled both models entirely, for everyone, within 90 minutes of receiving the directive. 

Thirteen days later, on 25 June 2026, the Trump administration intervened again, this time with OpenAI. The request to OpenAI came from the White House, whereas the export control ban on Anthropic had come from the Commerce Department. The White House asked OpenAI to limit the release of its new GPT-5.6 model to a short list of government-approved partners, with OpenAI’s CEO Sam Altman confirming in an internal memo that “the government would be approving access customer by customer during this preview period.”  

The two episodes were handled differently, by different parts of the US government, on different legal bases, with different levels of notice, and with different outcomes for customers. That inconsistency is itself a problem. Technology analyst Benedict Evans has characterized the broader dynamic as one of “random unqualified officials banning and unbanning products with no process or transparency.” Whatever one’s view of the specific decisions involved, this captures exactly the governance gap that risk managers now face. There is no statutory framework. There is no defined process. There are no predictable criteria. For GRC professionals, this is a material uncertainty that needs to appear in your vendor risk register. 

Kevin Bankston, senior AI governance adviser at the Center for Democracy & Technology, described the Anthropic directive as “made hastily based on unclear evidence of a cybersecurity threat with little to no due process,” issued “without any apparent clear plan for how long” the restrictions would last or what Anthropic would need to do to lift them. 

On 27 June 2026, the Commerce Department partially lifted the export ban on Fable 5, allowing a small list of named American companies – and their foreign-national staff – to resume access. By 1 July, restrictions on both models had been lifted with the Commerce Department reserving the right to reconsider its decision. But the reversal doesn’t resolve the risk, it confirms it. Access can be withdrawn and restored, on an unpredictable timeline, by different agencies acting on different grounds.

The third-party risk gap exposed by this AI shutdown 

Standard vendor risk assessments look at financial stability, information security posture, data protection compliance, business continuity arrangements, and contractual terms. They model the risk that a supplier goes bankrupt, suffers a cyberattack, exits the market on commercial grounds, or fails to meet service level commitments. 

They do not, in general, model the risk that a foreign government suspends the supplier’s core product by executive directive, for an indefinite period, on grounds that may be contested and are not fully disclosed.  

The AI shutdown adds another dimension to third-party risk management of IT vendors: 

As Paul Cadwallader, GRC Strategy Director at CoreStream GRC, says:  

“Most organizations have built their AI vendor relationships the same way they built their early cloud relationships — fast, focused on capability, and without thinking hard enough about what happens when the service stops. The Anthropic shutdown changes. When a government can direct a supplier to pull its product with 90 minutes’ notice, that is a supply chain risk, not a technology risk. It belongs in your vendor register, with a contingency plan behind it, not in a footnote to your digital strategy.” 

Paul Cadwallader, GRC Strategy Director at CoreStream GRC

When your enterprise has a dependency on a US frontier AI model, your exposure now includes the decisions of the US government. 

The Anthropic event exemplifies a class of risk, sovereign intervention risk, or geopolitically triggered supply disruption, that organizations need to account for explicitly in their third-party risk programs. 

For European organizations operating under the EU’s Digital Operational Resilience Act (DORA), or UK-regulated firms subject to FCA operational resilience requirements, this has direct compliance implications. Both regimes require firms to identify their important third-party dependencies and demonstrate that they can maintain critical functions within defined tolerance thresholds when those dependencies are disrupted. A US AI model embedded in a regulated workflow almost certainly qualifies as an important third-party dependency. The question is whether the business continuity arrangements for that dependency have been designed to handle a government-mandated shutdown, not just a technical outage. 

The European Commission flagged the structural issue, with spokesperson Thomas Regnier saying the commission was “looking ⁠closely ​at the practical consequences ​of this for European users of these services.” 

The broader European concern, articulated by AI policy analysts, is that dependency on US AI creates a geopolitical vulnerability:  

“The more dependent Europe is on American AI, the more damaging restrictions could be.” 

Afek Shamir, Analyst at RAND Europe  

For US-headquartered businesses, the risk is different in character but equally real. The “foreign nationals” definition has an immediate practical consequence many US businesses may not have fully absorbed: a significant portion of the technology workforce in the United States is not composed of US nationals. The directive applied to anyone at Anthropic who was not a US citizen or permanent resident — meaning some of the company’s own engineers were locked out of its own products. Industry observers noted that this definition would encompass some of Anthropic’s own co-founders. Any US business whose AI-dependent workflows are staffed partly by non-US nationals faces a version of the same exposure. If the government’s customer-by-customer approval model for GPT-5.6 becomes a template, the question of who can access which AI models could become a workforce compliance issue as much as a technology risk one.

How organizations are responding to the AI shutdown, and the GRC implications 

The immediate response from many organizations when Fable 5 and Mythos 5 were disabled was to develop an automatic failover to an alternative model. This is the right instinct, but it carries its own governance dimension. 

Most enterprise AI platforms and API integrations include model-switching capabilities that allow workloads to route to a fallback model when the primary is unavailable. In practice, this means an Anthropic-dependent workflow may automatically re-route to OpenAI, Google Gemini, or another US frontier model. That preserves continuity in the short term. But if the underlying concern is geopolitically triggered supply disruption by the US government, switching from one US frontier model to another US frontier model doesn’t resolve the exposure, it just relocates it. 

A more substantive response is to establish a fallback to local or sovereign-cloud open-weight models, large language models that can be self-hosted, run within European or national cloud infrastructure, and operated without dependency on a US provider’s API or terms of service. Models such as Meta’s Llama family, or European-developed alternatives, are increasingly capable for many enterprise tasks, though they typically operate at lower performance levels than the frontier US models for complex analytical work. For GRC teams, the governance question is not which model is technically better. It is whether the fallback arrangement is tested, documented, and defensible … and whether the performance reduction it implies has been assessed against the tolerance threshold for the workflows it would support. 

Some organizations are taking a more structural approach: building AI workflows from the outset on a multi-model architecture, with explicit rules for primary and fallback model selection, and regular testing of the fallback path. This adds complexity to AI governance, but it is the approach most consistent with operational resilience requirements. A fallback that exists in theory but has never been tested is not a fallback, it’s just a plan. 

The broader lesson is that the governance of AI vendor relationships needs to reflect the same logic that applies to any critical infrastructure dependency. The CoreStream GRC third-party risk management principle – “If the service stops for 24 to 72 hours, what breaks? Can you operate manually? Is there a realistic fallback?” – applies directly to AI dependencies. For many organizations, answering that question honestly about their AI vendor portfolio will surface gaps that need to close. 

What GRC teams should do now to mitigate against this enterprise risk  

The Anthropic shutdown is a forcing function. It makes concrete a set of questions that many GRC programs have been deferring. 

Map out your full AI program to get holistic understanding of what’s happening in your business 

The starting point is visibility. Most organizations do not have a complete picture of where AI is in their operations. AI has been adopted rapidly, often by individual teams without central oversight. Build an accurate AI dependency map that includes not just the formal enterprise deployments, but tools embedded in workflows at team and individual level. That map should identify which dependencies are mission-critical, which sit in regulated processes, and which have no viable non-AI or non-US-AI alternative. 

Review your technology vendor terms and conditions 

The second task is to review vendor contracts. Most AI vendor agreements were not written with sovereign intervention risk in mind. They will almost certainly not address government-mandated withdrawal of access, force majeure provisions that capture geopolitical disruption, nationality-based access restrictions, or the absence of any SLA covering legally compelled service withdrawal. 

Scenario test, and implement your policy and controls for AI shutdowns 

The third task is to test the fallback. For AI dependencies in critical or regulated workflows, document the fallback arrangement, specify whether it involves alternative frontier models, open-weight local models, or manual processes, and test it. The operational resilience question is not whether a fallback exists on paper. It is whether it can be activated, at what performance level, and within what timeframe. 

For organizations governed by DORA or equivalent frameworks, the articulation of a plausible non-AI fallback – or the honest acknowledgment that one does not exist and that tolerance thresholds need revisiting – is now a material input to the resilience assessment. 

Anthropic stated its own view of the standard that should apply:  

“We believe the government should have the ability to block unsafe deployments, as part of a statutory process that is transparent, fair, clear, and grounded in technical facts. This action does not adhere to those principles.” 

Until that standard exists in statute, the risk will remain. And planning for the risk is not the same as waiting for the politics to settle. 

Frequently asked questions about the Anthropic shutdown 

What legal authority did the US government use for the Anthropic shutdown, and does that protect businesses from future disruption? 

The Anthropic directive was issued by the Commerce Department under export control authorities historically applied to physical goods and semiconductors, not cloud-delivered software. The request to limit the release of OpenAI’s GPT-5.6 came from the White House. The two different approaches show there is no settled framework a business can rely on to predict when action might be taken. Legal counsel can review specific contractual protections, but no contract insulates an organization from the immediate operational impact of a government-mandated service withdrawal. The process, for now, is not a reliable shield against disruption. 

Does DORA require firms to assess AI model dependency specifically? 

DORA does not yet name AI model providers as a specific category but its requirements are principles-based: firms must identify all ICT third-party dependencies that support critical or important functions and demonstrate tolerance for their disruption. Waiting for regulatory clarification is not a defensible position if the dependency is already embedded in a critical process. 

What is the most important thing GRC teams should do in response to AI shutdowns?

Build the AI dependency map. That is the prerequisite for everything else. You cannot assess the risk, test the fallback, review the contracts, or brief the board without first knowing which AI tools are embedded in which workflows, at what criticality, and with what alternatives available. 

Could the AI shutdown that happened to Anthropic happen to other technology providers?

In principle, yes. What the Anthropic event changes is not the theoretical possibility of government intervention in technology markets, but the demonstrated willingness to do so, rapidly, against a major commercial provider, using existing legal authorities, with immediate global effect. Diversification of AI suppliers, tested fallback arrangements, and explicit inclusion of geopolitically-triggered supply disruption in vendor risk scenarios are now reasonable and proportionate precautions, not excessive ones. 

  • When the US government switched off AI: what the Anthropic shutdown means for your GRC program 

    When the US government switched off AI: what the Anthropic shutdown means for your GRC program 

    Key takeaways  Introduction: for many businesses the lights went out when the US government enforced AI restrictions   Picture this: it’s the morning of 13 June 2026 and the compliance team at a mid-sized, European financial services business opens their AI-assisted regulatory monitoring tool – the one they recently rolled out, that surfaces horizon risk items and flags policy changes across five jurisdictions. It is offline, with no warning email, no estimated time of restoration and, critically, no fallback. …

  • Spotlight on Women in GRC: VP Compliance and MLRO on financial crime, AI and sponsorship 

    Spotlight on Women in GRC: VP Compliance and MLRO on financial crime, AI and sponsorship 

    Key takeaways  In this episode of CoreStream GRC’s Spotlight on Women in GRC podcast, Lucy Montague speaks with Jaypee Soule, VP Compliance and MLRO at PensionBee.  Jaypee’s route into governance, risk and compliance is grounded in values: integrity, fairness, investigation and the desire to help organizations do things properly.   The conversation explores:  The message is clear: the next era of…

  • Controls management: how to prove value, not just activity  

    Controls management: how to prove value, not just activity  

    Key takeaways  Introduction: why controls management needs to move beyond activity  Most organizations have controls in place. That is not the hard part.  The harder question is whether those controls are effective, current, owned by the right people, supported by evidence and connected to the risks that matter most. This is the proof burden now sitting behind…