Two-Tier AI Governance Has Arrived: Why Banks Are Splitting Access to Frontier Models

A new wave of AI restrictions is pushing global banks toward two-tier governance: broad access to ordinary AI tools and tightly controlled access to sensitive frontier models. Here is what changed, why Hong Kong matters, and how firms should respond.

Author credential Jitendra Kumar · Founder & Editor

Founder & Editor of HacksByte, based in Dubai and focused on AI, cybersecurity, scams, privacy, apps, and practical digital safety.

View LinkedIn
Impact Workflow impact
First action Verify claims before publishing or submitting work.
Read time 4 minute setup
Audience Students, creators, and operators
Cinematic editorial concept image of a bank AI governance room split between broad access and restricted frontier model access
Quick answer

A new wave of AI restrictions is pushing global banks toward two-tier governance: broad access to ordinary AI tools and tightly controlled access to sensitive frontier models. Here is what changed, why Hong Kong matters, and how firms should respond.

AI Watch Test the workflow before relying on the output.
Last checked: July 4, 2026. This article uses The Banker's July 3 analysis as the primary source and cross-checks the wider context with Reuters coverage, Anthropic disclosures, European Commission AI Act materials, NIST, the Federal Reserve, BIS and the Financial Stability Board.

Banks are moving from one AI policy to two.

The first tier is ordinary enterprise AI: approved chatbots, coding assistants, document search, internal summarization and productivity tools available to broad employee groups under logging, data-loss prevention and normal vendor controls.

The second tier is restricted frontier AI: the newest and most capable models, especially those with cybersecurity, coding, agentic or dual-use capabilities. Those models are increasingly being gated by geography, employee role, nationality, use case, contract terms, regulator comfort and national-security concerns.

That is the shift The Banker described on July 3 in an article titled "The era of two-tier AI governance has arrived." The publication framed the issue around banks deciding who can use politically sensitive frontier AI, after JPMorgan reportedly stopped Hong Kong staff from accessing Anthropic's models and other banks took similar caution.

Cinematic editorial concept image of a bank AI governance room split between broad access and restricted frontier model access.
Cinematic editorial concept image of a bank AI governance room split between broad access and restricted frontier model access.

What Happened

The Banker's report says the sales pitch for financial-technology vendors has changed. It is no longer enough to prove that a tool is faster or cheaper. For sensitive frontier AI, vendors and banks now have to prove that the tool is so capable that it deserves access controls, and also safe enough to be used under those controls.

The immediate trigger is access to Anthropic models in Hong Kong. Reuters, citing a Financial Times report, said on June 18 that JPMorgan Chase had stopped Hong Kong staff from accessing Anthropic's AI models, while noting Reuters could not independently verify the FT report. The Banker also reported that JPMorgan employees in Hong Kong could no longer select Anthropic from an internal approved-model menu because of the wording in Anthropic's licensing terms.

The issue is bigger than one vendor or one bank. Anthropic's own supported-regions page does not list Hong Kong, and the company says it may withhold services from entities whose majority ownership is tied to unsupported regions. In September 2025, Anthropic said it was tightening restrictions on companies controlled from unsupported regions, including China-linked ownership structures, because of legal, regulatory and national-security risks.

That puts global banks in a difficult position. A bank may have one AI platform for employees, but its workforce sits across jurisdictions with different technology rules, data-transfer expectations, political risks and vendor terms. A model that is approved in New York or London may not be approved in Hong Kong, mainland China, sanctioned jurisdictions, or offices serving sensitive clients.

Why This Is Different From Normal Model Risk

Banks already understand model risk. Credit models, fraud models, pricing models and stress-testing models have long required validation, monitoring, inventory and governance.

But frontier AI adds a new problem. The same model can be low-risk for one employee and high-risk for another depending on what it can access, where the user sits, what data is entered, whether the model can run tools, and whether the output affects customers, markets or security.

The Federal Reserve, OCC and FDIC updated U.S. model risk guidance in April 2026 with SR 26-2, emphasizing a risk-based approach tailored to a bank's model profile, size and complexity. The guidance also states that generative AI and agentic AI are novel and rapidly evolving and are not within the scope of that document, while still saying a bank's broader risk management and governance practices should guide tools not covered by the guidance.

That gap is where two-tier governance emerges. Traditional model risk rules still matter, but they are not enough for frontier AI. Banks now need access-control governance, model-capability governance, location governance and vendor-contract governance at the same time.

The Anthropic Case Shows the New Access Layer

Anthropic's Fable 5 and Mythos 5 episode shows why banks are becoming cautious. Anthropic said the U.S. government applied export controls to Fable 5 and Mythos 5 on June 12, requiring the company to restrict access to foreign nationals. Because Anthropic said it could not verify nationality in real time, it suspended access to both models for all users. On June 30, the company said the controls had been lifted and Fable 5 would return globally, while Mythos 5 access would be restored first to approved U.S. organizations.

Anthropic's post also described a safeguard update after Amazon researchers found a way to bypass Fable 5 protections in a cybersecurity context. Anthropic said it trained an improved classifier, that U.S. Commerce's Center for AI Standards and Innovation tested the safeguards, and that the new classifier blocks the reported technique in more than 99% of cases, while also increasing false positives for routine coding and debugging.

For banks, the lesson is direct. A model can be allowed, suspended, restored, rerouted or downgraded because of factors outside the bank's own AI committee. If a bank embeds a frontier model deeply into employee workflows without fallback rules, an external access decision can become an operational disruption.

What "Two-Tier" Means in Practice

Two-tier AI governance does not mean two completely separate technology stacks. It means different approval paths for different AI risk classes.

Governance areaTier 1: Broad enterprise AITier 2: Restricted frontier AI
AccessLarge employee groups after training and policy acceptance.Named users, approved teams or specific jurisdictions only.
Use casesSummaries, drafting, search, routine coding, internal productivity.Cybersecurity, autonomous agents, regulated decisions, market-sensitive work, high-impact coding.
Model choiceApproved general models and lower-risk assistants.Highest-capability models with extra vendor, legal and security review.
Region rulesStandard vendor availability and privacy review.Supported-region checks, export-control review and office-specific restrictions.
Data controlsDLP, logging, retention policy and no secrets in prompts.Stronger data classification, prompt review, retrieval controls and customer-data limits.
Human oversightEmployee review before external use.Required sign-off, test evidence, escalation path and audit trail.
FallbackAnother approved tool may be acceptable.Predefined fallback model, manual process or stop-work rule.

The split is not only technical. It is organizational. Legal, compliance, information security, model risk, procurement, business owners and regional management all need to know which tier a tool is in.

Why Hong Kong Became a Signal

Hong Kong matters because it sits at the intersection of U.S.-origin AI vendors, global banking operations, China-related restrictions, local regulation and multinational client coverage.

The Reuters-covered FT report said JPMorgan's Hong Kong staff lost access to Anthropic models, following a similar Goldman Sachs move. The Banker connected the episode to a broader question: if frontier AI access is politically sensitive, banks cannot treat every office as if it were operating under the same AI permissions.

This is not just about whether employees can open a chatbot. It affects internal AI platforms. Many large banks expose approved large language models through internal menus. If a model disappears from the menu in one jurisdiction but remains available elsewhere, the firm has already created a two-tier regime.

That regime may be justified. It may also create uneven productivity, uneven controls and confusion unless the bank explains the rules clearly.

The EU AI Act Adds Another Layer

The European Union's AI Act is not the same issue as U.S. frontier-model export controls, but it reinforces the move toward risk tiers.

The European Commission describes the AI Act as a risk-based framework. It treats some uses as unacceptable, some as high-risk, some as transparency-risk and most as minimal or no risk. The Commission lists credit scoring as an example of a high-risk AI use affecting access to essential private services, and says high-risk systems require risk mitigation, quality datasets, logging, documentation, user information, human oversight, robustness, cybersecurity and accuracy.

That matters for banks because an AI tool used for employee productivity is not in the same category as an AI tool that affects creditworthiness, pricing, onboarding, fraud escalation or customer treatment. The same underlying model may appear in both settings, but the governance treatment should differ.

In other words: Europe is pushing risk-based governance by use case, while the Anthropic and Hong Kong episodes are pushing access-based governance by model and location. Banks have to combine both.

Why Frontier AI Is Harder Than Earlier AI

Older financial models usually had a defined purpose: score credit risk, forecast losses, detect fraud, price an instrument, classify a transaction or estimate capital.

Frontier AI is more general. It can write code, summarize documents, reason over emails, call tools, generate client materials, search databases, plan workflows and answer cybersecurity questions. That flexibility is why employees want it. It is also why governance is harder.

The Financial Stability Board warned in its 2024 report that greater AI adoption by financial institutions could increase vulnerabilities relevant to financial stability, including third-party dependency, model risk, cyber risk and concentration risk. The Basel Committee has also said banks' use of AI and machine learning raises questions around explainability, governance, resilience and financial stability.

Two-tier governance is a practical response to that breadth. Banks cannot review every prompt as if it were a credit model. They also cannot let every employee use the most capable model for every task without stronger controls.

What Banks Should Do Now

Banks should start by building a live AI inventory that separates tool, model, vendor, region, user group, data type, use case and business owner. A single label such as "Claude" or "ChatGPT" is not enough. The bank needs to know which model version is available, through which platform, in which country, to which employees, and for what kind of work.

Second, banks should create a model-access committee for frontier AI that includes legal, compliance, cyber, model risk, procurement and business owners. This should not replace normal model validation. It should handle questions that model validation alone cannot answer: region eligibility, vendor terms, export sensitivity, allowed users, fallback routes and incident response.

Third, banks should define high-risk AI use cases in plain language. Examples include customer eligibility decisions, credit scoring, underwriting, market-sensitive analysis, autonomous code changes, cybersecurity work, sanctions or AML escalation, employee surveillance and external client advice.

Fourth, banks should implement a kill switch. If a vendor, regulator or government changes model access, the bank should be able to remove that model from affected regions or use cases quickly without breaking critical workflows.

Fifth, banks should train employees on why access differs. If Hong Kong employees lose one model while New York employees keep it, the explanation cannot be "the tool disappeared." Staff need to know whether the reason is vendor support, contract terms, data policy, regulation, export-control risk, or a temporary internal review.

What Smaller Companies Can Learn

The issue is not limited to global banks. Any company using frontier AI across countries should copy the basic pattern.

Do not approve AI tools only at the company level. Approve them by model, region, data class and use case. Keep a record of who can use which models. Track vendor-supported countries. Avoid putting secrets, customer data, health data, payment data or regulated records into consumer AI tools. Create fallback options for important workflows. Review whether contractors, offshore teams and subsidiaries are covered by the same terms as employees.

For startups and mid-sized firms, the goal is not to build a bank-sized bureaucracy. It is to avoid a dangerous shortcut: assuming that if a tool works in one office, it is automatically acceptable everywhere.

Timeline

DateEventWhy it matters
August 1, 2024The EU AI Act entered into force.It formalized a risk-based AI regime that affects financial services uses such as credit scoring.
September 4, 2025Anthropic announced tighter restrictions for entities controlled from unsupported regions.Vendor terms began acting like a private access-control layer for frontier AI.
April 17, 2026U.S. agencies issued SR 26-2 model risk guidance.Banking model risk rules were refreshed, but generative and agentic AI were left outside the guidance scope.
June 12, 2026Anthropic said U.S. export controls were applied to Fable 5 and Mythos 5.Frontier AI access became a live operational and nationality-screening issue.
June 18, 2026Reuters reported JPMorgan had stopped Hong Kong staff accessing Anthropic models, citing FT.Banks began visibly splitting AI access by jurisdiction.
June 30 to July 1, 2026Anthropic said export controls were lifted and Fable 5 access was restored.The episode showed why banks need fallback and monitoring for model availability.
July 3, 2026The Banker argued that two-tier AI governance had arrived.The bank-policy question moved from tool approval to differentiated access to frontier capability.

What To Watch Next

The next phase will be less about headlines and more about policy plumbing.

Watch whether banks publish clearer internal model menus by region. Watch whether vendors add contract language that separates global access, supported regions, ownership restrictions and frontier-model permissions. Watch whether regulators ask banks to explain how they approve general-purpose AI systems that can become high-impact depending on use.

Also watch whether frontier AI vendors converge on a common severity framework for jailbreaks, as Anthropic has proposed with Amazon, Microsoft, Google and other partners. A common framework would make it easier for banks to understand whether a model issue is a routine safety update or a reason to suspend access.

For now, the direction is clear. AI governance is no longer a single enterprise policy. It is becoming a layered access system.

FAQ

What is two-tier AI governance?

It is the separation of AI controls into a broad enterprise tier for lower-risk productivity uses and a restricted tier for sensitive frontier models, high-impact use cases, special jurisdictions or dual-use capabilities.

Why are banks doing this now?

Recent restrictions and access changes around Anthropic models, including reported bank restrictions in Hong Kong and temporary U.S. export controls on Fable 5 and Mythos 5, showed that frontier AI access can change quickly for legal, geopolitical and safety reasons.

Does this mean banks should stop using AI?

No. It means banks should match controls to risk. Routine summarization and drafting do not need the same governance as credit decisions, cybersecurity work, autonomous agents or market-sensitive analysis.

Is Hong Kong banned from all AI tools?

No. The issue is specific to vendor support, contract terms, model access and firm policy. Anthropic's supported-regions page does not list Hong Kong, but banks may still use other approved models or internal tools depending on their policies.

What should employees do?

Use only approved tools, follow regional access rules, avoid entering sensitive data unless the tool is approved for that data class, and escalate if a model is used for customer, market, legal, cybersecurity or regulated decisions.

Sources

Reader protocol

Before you move on

Global AI workflow guidance. Use this short checklist to turn the article into action.

  • Check whether the tool can access private files or account data.
  • Verify factual claims against primary sources before publishing.
  • Keep a human review step for work that affects money, school, or customers.
HacksByte editorial standard

This guide is written for practical user safety. For account, platform, or legal decisions, confirm critical steps with the official help center or your service provider.