Introduction

On the evening of June 26, 2026, fourteen days after the United States government had given Anthropic ninety minutes to disable its two most powerful AI models for every customer on earth, Commerce Secretary Howard Lutnick sent a different kind of letter. This one did not contain an order to shut something down. It contained, for the first time since the crisis began, a path forward. "Anthropic has worked with the US government to address risks associated with the Covered Models," Lutnick wrote to the company's chief compute officer, in a letter later reported by Semafor and confirmed by Bloomberg. "These efforts have yielded significant progress." Mythos 5, Anthropic's most capable cybersecurity-oriented model, could be redeployed — not to the public, but to a defined list of roughly 100 American organisations that operate and defend critical infrastructure.

It is important to be precise about what actually happened, because the resolution is partial, not complete, and the distinction matters enormously for understanding what comes next. Mythos 5 has been cleared for a specific, named set of trusted partners. Fable 5, the general-purpose public-facing version of the same underlying model that hundreds of millions of ordinary users and businesses had access to before June 12, remains offline. Anthropic confirmed this directly in its own statement: "We're restoring access for these organizations quickly, and we're continuing to work with the government to expand access to Mythos 5 and make Fable 5 available for general use again." The standoff has eased. It has not ended.

What Actually Happened Between June 12 and June 26

The crisis began on June 12, when the Commerce Department issued an export control directive ordering Anthropic to suspend all access to Fable 5 and Mythos 5 for any foreign national, anywhere in the world, including Anthropic's own foreign-national employees. Because Anthropic had no practical way to verify the citizenship of every user across its global customer base in real time, the only path to compliance was a complete global shutdown of both models. Anthropic confirmed it complied within the ninety-minute window the government had given it.

The trigger for the directive, according to multiple independent reports, traced back to Amazon. Amazon CEO Andy Jassy had personally flagged to Treasury Secretary Scott Bessent that Amazon's own security researchers had identified a way to use Fable 5 to extract information related to cyberattacks — a jailbreak that bypassed the model's built-in safety guardrails. Anthropic disputed the severity of the finding from the outset, describing it as a narrow, non-universal vulnerability and noting that the same level of capability was already available through other publicly deployed models, including OpenAI's GPT-5.5. The Commerce Department's written directive, Anthropic said, provided no detailed national security explanation beyond the order itself.

What followed was two weeks of continuous, largely private negotiation between Anthropic and Washington. Anthropic's technical staff met with Commerce Department officials nearly every day. The company's CEO Dario Amodei attended the G7 summit in France during the same window, where he met directly with President Trump and discussed the situation alongside other frontier AI executives. Behind the scenes, Anthropic was working to satisfy whatever specific concerns the government held about the jailbreak vulnerability, though the company has not disclosed publicly what technical remediation, if any, it implemented during that period. Lutnick's June 26 letter is the first public document confirming that whatever work occurred was sufficient, in the government's judgment, to justify restoring access — at least for a defined and limited set of users.

What Changed Between Suspension and Clearance

The honest answer to what changed is that the public record does not fully say. Lutnick's letter states that Anthropic's efforts "yielded significant progress" and that the company has "committed to work with the U.S. government on protocols and standards and releases" for future model launches. That language describes a negotiated framework rather than a specific technical fix. It is consistent with reports that Anthropic and OpenAI have both been pushing the administration to codify a formal, repeatable review process for frontier model releases — the kind of structured framework that was originally part of the AI executive order Trump abruptly cancelled in May before signing a substantially watered-down version weeks later — rather than continuing to resolve each new model's release through case-by-case crisis negotiation.

What is clear is the structure of the resolution itself. Mythos 5's restored access operates under what reporting has described as an "Annex A" framework: a named list of approximately 100 trusted US institutions, including critical infrastructure operators and government agencies, who are authorised to use the model. That structure closely mirrors Project Glasswing, the controlled access programme Anthropic had already built for Mythos Preview models before the crisis began, under which roughly 50 vetted organisations — including Amazon, Apple, Google, Microsoft, Cisco, CrowdStrike, Palo Alto Networks, and major banks — received early access specifically to strengthen their own cyber defences before the model's capabilities became more widely available. The June 26 resolution effectively formalises and expands that tiered access model as the template for how a frontier model with significant dual-use capability gets released when the government has expressed serious concern about it: not full public availability, and not total suspension, but an authorised middle tier of trusted partners.

Fable 5's continued suspension is the part of the picture that has received less attention but carries equal significance. Fable 5 shares the same underlying model architecture as Mythos 5, but was released with additional guardrails specifically designed to prevent it from responding to certain categories of queries, including those related to cybersecurity and biology — in those cases, Anthropic's system routes the response through a different, less capable model called Opus 4.8. The fact that the government cleared the more powerful, less restricted Mythos 5 for trusted partners while continuing to withhold the more heavily guardrailed Fable 5 from general public release suggests that the remaining concern is not primarily about raw model capability. It may instead be about exposure: the risk profile of a model available to a small number of vetted, monitored institutions is fundamentally different from the risk profile of the same capability available to anyone who can create a ChatGPT-style account. Anthropic International Managing Director Chris Ciauri stated at a press conference in Seoul that the company was "very confident that in the coming days, the models will become available again," and Axios separately reported that Fable 5's return, after fifteen days offline, was on track within the following week.

What This Means for Anthropic's IPO

The timing of this crisis relative to Anthropic's public offering plans makes the resolution, even a partial one, commercially significant in ways that go beyond the immediate question of which customers can access which model.

Anthropic confidentially filed its S-1 registration statement with the SEC on June 1, 2026, eleven days before the export control directive was issued, targeting a Nasdaq listing as early as October 2026 at a valuation that could reach $1 trillion. A prolonged, unresolved standoff with the federal government — in which the company's flagship products remained completely unavailable to the public for an indefinite period, with no clear resolution mechanism — would have represented exactly the kind of unquantifiable regulatory risk that makes institutional investors hesitate before committing capital to a public offering. The two-week resolution timeline, while not fast in absolute terms, is fast relative to the kind of regulatory disputes that can otherwise drag on for years through litigation and rulemaking processes. For prospective IPO investors, a documented instance of Anthropic and the federal government successfully negotiating a return to operations, even a partial one, is meaningfully more reassuring than an open-ended crisis would have been.

The continued suspension of Fable 5, however, is a detail that any S-1 disclosure will need to address directly. Public market investors evaluating Anthropic's revenue projections will want to understand what portion of the company's commercial business depended on Fable 5's general availability, how the prolonged outage affected user retention and enterprise customer relationships during the suspension period, and what assurance exists that a similar suspension could not recur after the company goes public. The relationship between Anthropic and the federal government is not settled. It is being actively managed through ongoing negotiation, and an IPO prospectus will need to characterise that relationship as an identified risk factor rather than a resolved issue.

What This Signals for How AI Companies and Regulators Will Operate Going Forward

The Mythos 5 resolution establishes a template that is likely to recur, and understanding its shape matters for every company building frontier AI systems with potential national security relevance.

The template has three tiers. At one end is full public availability — the default state for most AI products, including the vast majority of what Anthropic, OpenAI, and Google release. At the other end is total suspension — the emergency measure the government used on June 12, justified under export control authority that was originally designed for physical goods and whose application to cloud-based AI access remains legally contested. In between is the tier that the Mythos 5 resolution has now formalised: authorised access for a defined, named list of trusted partners, typically organisations with a demonstrated need to use a capability for defensive purposes and the security infrastructure to use it responsibly.

That middle tier did not exist as a formal regulatory mechanism before this crisis. It existed informally, through programmes like Project Glasswing that Anthropic built voluntarily. What the June 26 resolution does is convert that voluntary, company-designed access tier into something closer to a government-sanctioned regulatory category — a list with a name, "Annex A," approved by the Commerce Department, that other AI companies releasing similarly capable models will likely need to construct in advance if they want to avoid a repeat of the abrupt, ninety-minute shutdown scenario that Anthropic experienced. OpenAI's own decision to initially limit the release of its new GPT-5.6 model to a small group of government-approved trusted partners before a broader rollout, announced the same week as the Mythos 5 resolution, suggests that this lesson has already been absorbed across the industry. The era of releasing a frontier model with significant dual-use cybersecurity capability directly to the general public, without first establishing a government-coordinated trusted access framework, appears to be ending — not through new legislation, but through the precedent that this crisis has set.

What Businesses Using Anthropic's Models Should Take From This

For any business currently using Claude models in production, or evaluating Anthropic as an AI provider, the practical lesson from this episode is not that Anthropic is an unreliable or risky vendor in the ordinary commercial sense. The company's underlying Claude models — including Opus 4.8 and the standard commercial product line — were never part of the suspension, and the vast majority of Anthropic's enterprise customers experienced no disruption to their core API access throughout the entire crisis. What was suspended were specifically the newest, most capable Mythos-class models, which represent the frontier of Anthropic's cybersecurity-relevant capability rather than its general commercial product.

The lesson that does generalise is about dependency planning for frontier capability specifically. Any business that had built a product or workflow specifically around Fable 5's unique capabilities — rather than around Anthropic's broader, more stable model lineup — experienced an unplanned fifteen-day outage with no advance warning and no guaranteed restoration timeline. That is a genuine operational risk, and it is not unique to Anthropic. The same dynamic could affect any AI company whose most capable models carry national security relevance significant enough to attract government attention, including OpenAI, whose GPT-5.6 release was itself constrained by a similar government coordination requirement in the same week. Businesses building mission-critical systems around frontier-capability AI models, specifically the newest and most powerful releases from any provider, should build contingency plans that assume those specific models could become unavailable with minimal notice, while treating the provider's broader, more established model lineup as a more stable foundation for production dependencies.

Conclusion

The partial clearance of Mythos 5 closes the most acute phase of a crisis that began with a ninety-minute shutdown order and ends, fourteen days later, with a negotiated, tiered access framework that satisfies neither the government's original sweeping restriction nor Anthropic's original position that the entire episode was an overreaction to a narrow, non-universal vulnerability. Mythos 5 is back for roughly 100 trusted institutions. Fable 5 remains offline, with restoration expected but not yet confirmed. The underlying legal dispute over the Pentagon's supply-chain risk designation of Anthropic remains in federal court. The relationship between one of the world's most valuable AI companies and the federal government that holds emergency authority over its products remains, by any honest assessment, unresolved at its foundation even as the immediate crisis eases.

What the episode has produced, regardless of how the remaining details are settled, is a template that the rest of the AI industry will now build around: tiered, authorisation-based access for frontier models with significant dual-use capability, with trusted-partner clearance occupying a permanent middle ground between full public release and total suspension. For Anthropic, heading toward an IPO that could value the company near $1 trillion, the speed and partial success of this resolution is a meaningfully better outcome than an unresolved standoff would have been. For every other AI company watching from the sidelines, the lesson is that the choice of whether to build a trusted-partner access tier before releasing a powerful new model is no longer optional. It is the price of avoiding the ninety-minute phone call that started this entire episode.