Category: Technology & AI

Anthropic shipped a frontier model today that quietly makes itself stupider for you — and keeps the full version for the government. They called it safety. I call it the encryption backdoor fight, reborn at the model layer.

On 9 June 2026, Anthropic announced Claude Fable 5, the most capable model it has ever released to the public. In the same breath, it announced a twin: Mythos 5 — the same model, with the safety rails removed — available only to “a small group of cyberdefenders and infrastructure providers” through Project Glasswing, in collaboration with the US government.

Read that again. The full-power version exists. You just aren’t allowed to have it.

What they actually built

Fable 5 is, by Anthropic’s own account, state-of-the-art on nearly every benchmark — compressing months of software engineering into days, topping senior-level finance reasoning tests, rebuilding apps from screenshots. Genuinely impressive.

But the public model ships with a mechanism that should make every self-sovereign individual sit up. On certain topics — Anthropic names cybersecurity and biology — your query is silently rerouted to a weaker model, the older Claude Opus 4.8. You don’t get told. You don’t get asked. The system simply decides that this particular question is one you shouldn’t have the best answer to, and hands you a lesser one. Anthropic concedes the filter is tuned “conservatively” and fires on harmless requests too — in their estimate, under 5% of sessions.

Meanwhile Mythos 5 — same brain, no muzzle — has, in their words, “the strongest cybersecurity capabilities of any model in the world.” It goes to the approved. Initially the US government.

We have seen this exact movie before

Strip away the model weights and the neural networks, and this is a thirty-year-old argument wearing new clothes. In the 1990s the US government tried to classify strong encryption as a munition and prosecute the people who released it. Phil Zimmermann published PGP anyway. The Clipper Chip proposed a government key escrow baked into every secure device — full security for the state, managed weakness for the citizen. The cypherpunks won that round, and the entire modern internet economy was built on the freedom they secured.

The principle they fought for was simple: capability you are forbidden from possessing is not safety, it is control. A lock the locksmith can always open is not a lock. A model that throttles itself on command is not your tool — it is theirs, lent to you on conditions.

I have written before about the UK’s war on encrypted messages, about what the EU really wants from your VPN, and about Canada fighting the same fight three decades late. Fable 5 is the same impulse, migrated to a new frontier. The battleground used to be the wire. Now it is the weights.

“For your safety” is doing an enormous amount of work

Let me be fair, because the argument deserves it. The dual-use case is real. A model that can find zero-days at superhuman speed, or accelerate pathogen design, is genuinely dangerous in the wrong hands. Anthropic is not being cartoonishly villainous — they red-teamed for over a thousand hours and are trying to release something powerful without it being immediately weaponised. I take that seriously.

But notice the structure that “safety” quietly installs:

• A capability hierarchy by permission, not ability. The model can do the thing. Whether you may is a policy decision made above your head.
• A trusted class and an untrusted class. Governments and select infrastructure firms are inside. You — taxpayer, professional, citizen — are outside, by default and indefinitely.
• Silent degradation. You aren’t refused; you’re quietly given the worse answer. The most insidious censorship is the kind you never notice.

That is precisely the architecture libertarians and cypherpunks have warned about for a generation. It is the disarm-the-citizen pattern, and it does not become benign because the gatekeeper is a well-meaning AI lab instead of a home secretary.

Why a CFO should care, not just a cypherpunk

This is not only a philosophy-seminar point. If you run a business, capability gating is now a supply-chain risk. When the most capable AI is reserved for the state and a handful of anointed incumbents, the competitive playing field tilts before you have placed a single bet. The firms inside Glasswing get the unthrottled tool. You get the one that reverts to last year’s model when the question gets interesting.

We already live in a world where 97% of PE-backed finance teams use AI and where everyone’s AI buys the same stock. Layer a permissioned capability tier on top of that, and you are no longer competing on talent or judgement — you are competing on whether you made the access list. That should worry any independent operator.

The trim on this sail

I am not telling you to reject the technology. I use it daily; so should you. But use it with your eyes open, and act on the things you can actually control:

• Keep the keys you can keep. Self-custody your assets, your data, your communications — the things no provider can throttle if you hold them yourself. (I have made the civil-rights case for self-custody already.)
• Favour open models where the capability is yours. A locally-run open-weight model you control will never silently downgrade itself because head office decided your question was sensitive.
• Watch the framing. Every time “safety” is invoked to justify you having less capability while an approved class has more, ask the old cypherpunk question: safe for whom, and controlled by whom?

The Clipper Chip lost because enough people refused to accept that security was something the state rationed out. Fable 5 and Mythos 5 are the same proposition in a far more powerful package: here is the most capable mind we have ever built — and here is the lesser one we have decided is appropriate for you.

Decline the lesser one wherever you can. The whole point of being on the right tyres is choosing your own conditions before someone chooses them for you.

Something extraordinary happened in the United States this year, and most people missed it.

The chairman of the SEC — the same agency that spent the last administration treating every crypto project like a securities fraud waiting to happen — publicly declared that the right to self-custody your own assets is “a core American value.”

Meanwhile, across the Atlantic, the EU is implementing rules that treat sending crypto to your own wallet like a potential money laundering event. Same technology. Same year. Two completely different philosophies about whether you’re allowed to hold your own property.

The CLARITY Act: Property Rights in Code

The Digital Asset Market Clarity Act (H.R. 3633) — the CLARITY Act — has passed the House and cleared the Senate Banking Committee. It’s the most significant piece of crypto legislation the US has produced, and its self-custody provisions are remarkable.

Section 605 explicitly prohibits federal agencies from restricting individuals’ ability to self-custody digital assets using self-hosted wallets for lawful purposes. Read that again. A federal law that says the government cannot stop you holding your own money.

Section 604 goes further — incorporating the Blockchain Regulatory Certainty Act to protect non-custodial software developers from being classified as money transmitters. If you write open-source wallet software, you’re not a bank. If you build a smart contract, you’re not a broker. The code is speech. The tool is neutral.

This isn’t just regulatory clarity. It’s a philosophical statement about the relationship between individuals and the state.

The SEC and CFTC Follow Through

This isn’t just legislative posturing. The agencies are backing it up with action.

In April 2026, the SEC’s Division of Trading and Markets issued guidance allowing wallet-linked crypto trading apps to operate without a broker-dealer licence for five years — provided they function as neutral interfaces for self-custodial users and don’t handle funds.

In March, the CFTC issued no-action relief to a developer of self-custodial wallet software, clarifying that passive interfaces connecting users to regulated entities don’t need to register as introducing brokers.

At the Bitcoin 2026 conference in Las Vegas, a panel titled “The Right to Self-Custody Shall Not Be Infringed” featured US Congressman Nick Begich introducing the Bitcoin Act — legislation specifically designed to enshrine self-custody protections in statute rather than executive order, because executive orders can be reversed.

The American regulatory machine is, for the first time, building legal infrastructure to protect your right to hold your own keys.

Now Cross the Atlantic

The EU’s approach could not be more different.

Under MiCA (Markets in Crypto-Assets Regulation) and the associated Transfer of Funds Regulation, the Travel Rule applies enhanced scrutiny to any transaction involving a self-hosted wallet.

The mechanics:

• Transfer more than €1,000 to or from your own self-hosted wallet via a Crypto-Asset Service Provider (CASP), and that CASP must verify you own the wallet
• For every CASP-to-CASP transfer — regardless of amount — full originator and beneficiary information must be collected and transmitted
• By July 1, 2026, all CASPs must be fully MiCA-compliant or cease operating in the EU
• The European Commission is due to assess “risks and measures” for self-hosted addresses by July 2026

The EU hasn’t banned self-custody. They’ve done something more insidious: they’ve made it suspicious. Every interaction between your own wallet and a regulated service triggers additional verification. The message is clear — if you want to hold your own keys, we’ll be watching more closely.

Two Philosophies, One Technology

This isn’t really about crypto. It’s about two fundamentally different answers to the same question: who owns your property?

The American answer, at least in this moment, is: you do. You can hold it yourself. You can build tools that help others hold it themselves. The government’s job is to go after fraud and crime, not to gatekeep the act of possession.

The European answer is: you do, technically, but we need to verify that. And monitor it. And require your service providers to report on it. Because the mere act of wanting to control your own assets is, statistically speaking, a risk indicator.

Erik Voorhees has been making this argument for over a decade: the entire point of cryptocurrency is the self-sovereignty it offers. The moment you hand your keys to a custodian, you’ve recreated the banking system with extra steps. You’re back to trusting institutions and the governments that regulate them. The EU’s Travel Rule doesn’t ban self-custody — it just makes it uncomfortable enough that most people won’t bother.

The UK Sits in the Middle

For those of us in Britain, it’s worth noting where we land. The FCA’s broader crypto regime is set for October 2027, with consultations ongoing. Post-Brexit, we’re not bound by MiCA. But the direction of travel — pardon the pun — will be telling.

Does the UK follow the American model and protect self-custody as a right? Or does it drift toward the European model of surveillance-by-default? The answer will say a lot about what kind of financial system this country wants to build.

Why This Matters Beyond Crypto

Self-custody is a proxy for a much larger question: does the state trust its citizens?

The American approach says: we’ll set rules for intermediaries and go after bad actors, but the basic act of holding your own assets is a right, not a privilege. The European approach says: the risk of illicit activity is too high to leave individuals unsupervised.

You can apply this logic to encryption, to speech, to data — to any domain where technology gives individuals capabilities that were previously only available through institutions. The question is always the same: do you regulate the tool, or do you regulate the person using it?

Congressman Begich made the point at Bitcoin 2026 that legislative protection matters more than executive orders, because orders can be reversed. He’s right. The CLARITY Act, if it passes the Senate, would be the first federal statute in any major economy to explicitly protect the right of individuals to hold their own digital assets without government interference.

That’s not just a crypto milestone. It’s a property rights milestone.

The Choice

We’re watching two models of digital property rights emerge in real time. One treats self-custody as a civil liberty. The other treats it as a compliance risk. Both approaches will shape their respective economies for decades.

If you believe that individuals should have the right to hold their own property — digital or otherwise — without asking permission or being monitored by default, then the CLARITY Act is one of the most important pieces of legislation in a generation. And the EU’s Travel Rule is a warning about what happens when “safety” becomes the default argument against individual sovereignty.

Hal Finney — the first person ever to receive a Bitcoin transaction — wrote in 2009: “The computer can be used as a tool to liberate and protect people, rather than to control them.”

Seventeen years later, we’re still deciding which way to go.

In 1991, Phil Zimmermann released Pretty Good Privacy — PGP — as free software because the US government was about to mandate backdoors in all secure communications. For his trouble, the federal government investigated him for three years under the Arms Export Control Act. They classified encryption as a munition. A weapon. Because apparently, the ability to have a private conversation is the same thing as shipping missiles to hostile states.

The investigation was dropped in 1996. Zimmermann won. Privacy won. And we all moved on, right?

Wrong.

Bill C-22: The Backdoor Returns

Canada’s Bill C-22 — the “Lawful Access Act, 2026” — is currently working its way through the House of Commons. Its stated purpose is to modernise how law enforcement accesses digital information. Noble enough on the surface. But beneath the language of safety and modernisation lies something deeply familiar: a government demanding the keys to your private conversations.

The bill doesn’t explicitly say “break encryption.” It’s more sophisticated than that. It requires “electronic service providers” — a definition so broad it captures virtually any internet-based business operating in Canada — to build “technical capabilities” that enable law enforcement and CSIS (Canada’s intelligence agency) to access data quickly and consistently.

That’s a backdoor. You can dress it up in whatever parliamentary language you like, but if a system must be built to allow a third party to access encrypted communications, the encryption is broken. By design.

Secret Orders, No Oversight

Here’s where it gets properly dystopian. Bill C-22 allows for ministerial orders to be issued in secret, with approval from the Intelligence Commissioner. Companies could be compelled to weaken encryption without public disclosure. Without telling their users. Without anyone outside the security apparatus knowing it happened.

Google called this out directly: “Secret orders are out of step with other democratic countries and would severely restrict companies’ ability to be transparent with users about how their data is protected.”

The bill also includes provisions for mandatory metadata retention — including device location data — for up to one year. Your phone becomes a government tracking device. Not because you’re suspected of anything. Just because you exist in Canada and own a mobile.

The Tech Giants Push Back

Apple, Meta, and Google are all publicly fighting this. Apple has stated — again — that it will never build a backdoor into its products. Meta has warned about the bill’s “sweeping powers, minimal oversight, and lack of clear safeguards.”

Some companies have indicated they might withdraw services from Canada entirely if the bill passes in its current form. And Apple has form here. When the UK government issued a similar demand under the Investigatory Powers Act in 2025, Apple pulled its Advanced Data Protection feature from UK users altogether. Rather than compromise encryption for everyone, they simply stopped offering it to the British.

That’s not a victory for the UK government. That’s British citizens being made less secure because their own government demanded a backdoor that Apple refused to build.

The Pattern That Never Changes

This is the same fight Zimmermann fought in 1991. The same fight the cypherpunks — Eric Hughes, Timothy C. May, John Gilmore — laid out in the Cypherpunk’s Manifesto. The same fight that the Crypto Wars were supposed to have settled.

The pattern is always the same:

1. Government cites a real threat — terrorism, child exploitation, organised crime
2. Government proposes breaking encryption to fight that threat
3. Security experts explain that you cannot build a backdoor that only good people can use
4. Government presses ahead anyway
5. Public pushback forces a retreat or compromise
6. Wait five years. Repeat from step one.

We’re on at least the fourth cycle now. The UK with the Investigatory Powers Act. Australia with their Assistance and Access Act. The EU with various proposals to scan encrypted messages for CSAM. And now Canada with Bill C-22.

Why This Matters Beyond Canada

If Canada succeeds, it sets a precedent. Every Five Eyes nation — the US, UK, Australia, New Zealand — will point to it as evidence that democracies can mandate lawful access to encrypted communications. The dominoes don’t fall slowly.

And the technical reality hasn’t changed since Zimmermann published PGP’s source code in book form to sidestep export controls: there is no such thing as a backdoor that only governments can use. If a vulnerability exists, it will be found. By criminals. By hostile states. By anyone with sufficient motivation and skill.

Public Safety Minister Gary Anandasangaree has said the government intends to amend the bill to “clarify” definitions of encryption and metadata. That’s encouraging language. But clarifying definitions is not the same as removing the power to compel access. The architecture of the bill still allows secret orders, still mandates technical capabilities, and still treats encrypted communication as a problem to be solved rather than a right to be protected.

The Cypherpunk Position

Eric Hughes wrote in 1993: “Privacy is necessary for an open society in the electronic age… We cannot expect governments, corporations, or other large, faceless organizations to grant us privacy out of their beneficence.”

Thirty-three years later, that’s still the whole argument. Privacy isn’t granted. It’s built. With mathematics. With code. With encryption that works because nobody has the keys except the people communicating.

The moment you build a system where someone else — anyone else — can listen in, you’ve destroyed the thing you claimed to be protecting. You haven’t made citizens safer. You’ve made them vulnerable. To their own government, and to everyone else who finds the door you left open.

Canada’s Bill C-22 is in committee. It can still be stopped, or at least defanged. The tech industry is pushing hard. Privacy advocates are mobilising. The question is whether the Canadian public — and their elected representatives — understand what’s actually at stake.

Phil Zimmermann understood. He risked prison for it. The least we can do is pay attention.

There are moments in markets where the maths tells you something the price doesn’t. This might be one of them.

Over the past 48 hours, three things happened that individually are interesting but together paint a picture worth paying attention to.

Adam Back Enters the Arena

Adam Back — the cryptographer who invented hashcash, the proof-of-work system that directly inspired Bitcoin’s mining mechanism — just announced that his company BSTR (Bitcoin Standard Treasury Co.) is going public on Nasdaq via a SPAC merger. The mission statement is blunt: buy as much Bitcoin as humanly possible.

Sound familiar? It should. It’s the same playbook Michael Saylor has been running at MicroStrategy since 2020. But Back isn’t copying — he’s competing. He said explicitly at Consensus this weekend that BSTR is going “head to head” with Saylor’s strategy, launching with approximately 30,000 BTC on the balance sheet from day one.

This matters because of who Adam Back is. He’s not a finance bro who discovered Bitcoin in 2020. He’s a cypherpunk whose work *predates Bitcoin itself*. When the inventor of the technology that makes Bitcoin possible decides to build an institutional accumulation vehicle, it carries a different kind of weight.

Saylor’s Sunday Signal

Like clockwork, Michael Saylor posted his Bitcoin tracker chart on Sunday evening with the caption “Working ₿etter.” Anyone who’s followed MicroStrategy knows this pattern — Sunday chart, Monday purchase announcement. He skipped last week, which makes this week’s signal more notable.

The numbers at MicroStrategy are now staggering. They hold 843,738 BTC, valued at roughly $62 billion. That’s 110 separate purchase events and counting. In 2026 alone, MicroStrategy has bought approximately 160,000 BTC — nearly the *entire annual output* of every Bitcoin miner on the planet.

Let that sink in. One company is absorbing almost all new supply. Now add a second one.

The JP Morgan Question

The third signal is murkier. Rumours circulating that JP Morgan has been buying Bitcoin heavily. The evidence isn’t conclusive — what *is* confirmed is that JPM has started accepting Bitcoin and Ethereum as collateral for institutional loans in a pilot programme. That’s not the same as buying, but it’s a significant shift from Jamie Dimon calling Bitcoin “a fraud” in 2017 while his European desk was quietly scooping up Bitcoin ETNs on dips.

The old Wall Street playbook: trash it publicly, accumulate privately. Whether that’s happening again is unconfirmed, but the collateral programme alone signals that Bitcoin has crossed a threshold inside traditional finance that it’s not coming back from.

The Maths That Matter

Here’s where it gets structural, and where the price action arguably hasn’t caught up.

Since the April 2024 halving, Bitcoin’s annual new supply is roughly 164,000 BTC. That’s it. That’s all the miners in the world can produce in a year. The protocol doesn’t care about demand — the supply schedule is fixed.

Now look at the demand side:

• MicroStrategy bought ~160,000 BTC in 2026 so far — nearly the entire annual issuance, from one buyer
• Public companies collectively are buying at approximately 3× the rate miners produce
• HODL supply (coins that haven’t moved in over a year) is at all-time highs
• Exchange float — the Bitcoin actually available to buy — is shrinking

And now Adam Back adds BSTR as a second dedicated accumulation vehicle with 30,000 BTC ready to go and an explicit mandate to keep buying.

The supply is fixed. The demand is multiplying. The available float is drying up. This isn’t speculation — it’s arithmetic.

So Why Is the Price at $73,500?

Fair question. Bitcoin hit $126,000+ and has pulled back roughly 40%. A few things are working against it short-term:

• ETF outflows: May 2026 saw the largest monthly Bitcoin ETF outflows of the year — somewhere between $2-4 billion net. After months of aggressive inflows, institutional money rotated out.
• Macro headwinds: A potential $150 billion Treasury liquidity drain from US government operations is tightening conditions. The FOMC meets June 16-17.
• Long-term holder distribution: Some whales and early holders have been taking profits during the consolidation.

These are real pressures. But they’re *flow* pressures — temporary movements of capital. The *structural* picture underneath hasn’t changed. The supply is still fixed. The halving still happened. The corporate treasuries are still accumulating.

What’s Actually Happening

Strip away the noise and what you’re looking at is a slow-motion supply crisis being masked by short-term macro volatility.

Two publicly listed companies are now in an explicit arms race to accumulate a finite asset. One of them is run by the person whose academic work made Bitcoin possible in the first place. Public companies collectively are buying three times what miners can produce. The available float on exchanges is at multi-year lows.

This doesn’t mean Bitcoin goes up tomorrow. Markets can stay irrational, macro can tighten further, and the ETF outflow trend could continue into June. But the structural imbalance between fixed supply and accelerating institutional demand is unlike anything we’ve seen before — including previous bull cycles.

The last time Bitcoin’s supply dynamics looked this tight was late 2023, before the spot ETF approvals sent it from $40,000 to $126,000. The catalyst this time might be different, but the underlying maths is even more extreme.

Whether you’re already in or watching from the sidelines, the supply squeeze narrative isn’t hype. It’s happening in the on-chain data, in the corporate filings, and now in the public statements of the people who literally built this technology.

The price will catch up with the maths. It always does. The only question is when.

Robinhood announced something this week that made me put down my coffee and stare at the screen for a while. They’ve launched “Agentic Trading” — a feature that lets you connect Claude, ChatGPT, Codex, or Cursor directly to your brokerage account via MCP (Model Context Protocol). The AI can then autonomously place trades, rebalance portfolios, and execute strategies on your behalf. “Buy $100 of Apple every time it drops 2%.” Set it. Forget it. Let the robot cook.

It’s currently in beta — long equity only, with options, crypto, and futures coming later. There’s a separate “Agentic account” with read access to your positions, balances, and history. And there’s a line in the terms that deserves its own paragraph:

“You are ultimately responsible for all trades your AI agent places.”

Right. Good to know. Let’s unpack what this actually means.

The Herding Problem Nobody Wants to Talk About

Here’s the thing that genuinely worries me. If millions of retail traders connect Claude or ChatGPT to their brokerage accounts — and those models are trained on the same data, with the same RLHF preferences, reasoning in broadly similar ways — what happens when they all look at the same market?

They probably reach similar conclusions.

The Bank of England has already flagged this. Their concern: AI-driven trading doesn’t just correlate positions — it can amplify selloffs in ways that human herding never could, because it operates at machine speed with no emotional friction. Humans hesitate. Humans second-guess. AIs don’t.

Research on AI trading herding suggests roughly 29% holdings overlap between AI-driven funds and institutional portfolios. That’s already high. Now imagine that overlap across millions of retail accounts, all running similar prompts through similar models. You’d get momentum trades that dwarf anything retail has historically been capable of — followed by coordinated exits when sentiment shifts.

The Fed has papers on this. Serious people are worried. And Robinhood just handed the match to the general public.

Can AI Actually Be Contrarian?

This is the question I keep coming back to. Contrarian trading works because you’re thinking differently to the crowd. You’re buying when everyone else is panicking. You’re selling into euphoria. You need conviction that runs against the data, against the narrative, against the consensus.

Can an LLM do that?

Maybe at the margins. Temperature settings, prompt framing, context window — these all introduce variance. If you give Claude the same market data twice, it probably won’t give you identical trade recommendations. But the variance is narrow. The model will always regress toward whatever the training data considered “reasonable.” It was trained to be helpful and balanced. That’s not a great trait in a contrarian investor.

Human traders have gut feelings, stubbornness, and sometimes outright ego — and occasionally, that’s exactly what makes a contrarian trade work. The guy who shorted the housing market in 2007 wasn’t following consensus. He was being told he was wrong for years. Morgan Stanley’s 2026 analysis on contrarian investing specifically highlights that genuine contrarian conviction requires tolerating extended periods of being “wrong” by conventional metrics. I’m not sure LLMs are built for that.

Democratisation or Just a Faster Arms Race?

The optimistic take: retail traders finally get the same algorithmic tools the quant funds have been using for years. You can run a systematic strategy without knowing Python. You can backtest ideas through natural language. You can compete on a more level playing field.

The realistic take: the quant funds are already doing this with billions in capital, proprietary data, co-located servers, and teams of PhDs. Robinhood is giving retail a consumer-grade version of what Renaissance Technologies has been running for decades. The edge in quant trading was never just “having an algorithm.” It was having better data, better models, lower latency, and deeper pockets.

Does “ask Claude to buy Apple” close that gap? Probably not. What it might do is accelerate the arms race — prompting a wave of retail traders who think they’ve found an edge until the strategy gets crowded, and then another wave, and then another. The winning play, as always, might be selling the shovels rather than mining for gold.

The Liability Question Is the Real Story

Let’s be direct about this: Robinhood’s agentic trading carries no fiduciary duty. No advisor obligation. No regulatory protection that a human broker or financial advisor would carry. It’s you, an LLM, and a live brokerage connection.

What could go wrong? Your AI misinterprets your instruction and buys $10,000 of a penny stock instead of the blue chip you meant. Your strategy prompt was ambiguous and the model took the interpretation you didn’t intend. A hallucination in the reasoning chain leads to an order at entirely the wrong price. The model doesn’t “understand” market hours and queues something at the wrong time.

These aren’t hypothetical edge cases. These are the kinds of failures we already see when people use LLMs for code or analysis. The difference is that a bad code suggestion doesn’t instantly cost you money. A bad trade does.

Robinhood’s answer is: that’s your problem. They’ve built the plumbing. What flows through it is on you.

My Actual Take — As Someone Who Trades

I trade actively — Polymarket, equities, the occasional speculative position. And I’ll be honest: the idea of connecting an AI directly to a real brokerage account is both exciting and genuinely unsettling in roughly equal measure.

Exciting because systematic strategies are hard to execute with discipline. I know what I should do — stick to the plan, don’t panic sell, rebalance consistently — and I don’t always do it. An AI that removes emotion from execution has real value there.

Unsettling because the best trades I’ve made were the ones where I thought differently to everyone else. Where I saw something the crowd was missing, or held a position through noise when conventional wisdom said to bail. That requires conviction that’s fundamentally personal — shaped by your own research, your own risk tolerance, your own read of the situation.

If everyone’s AI agent is trained on the same data and reasons the same way, then everyone’s AI agent is, essentially, the crowd. And the crowd, in markets, is usually the last one to the party and the first one to panic on the way out.

The best use case for this technology, right now, is probably execution discipline — not alpha generation. Use it to execute a strategy you already believe in, consistently, without second-guessing. Don’t use it to find the strategy. Don’t outsource your conviction to a language model. That’s not where the edge lives.

Robinhood just handed retail a powerful tool. Whether it’s a weapon or a liability depends entirely on whether the people using it understand what it actually does — and more importantly, what it doesn’t.

In the same week that Pope Leo XIV released a 40,000-word encyclical demanding AI be “disarmed,” governments across the Western world were quietly dismantling the encryption that protects your private messages. Different actors, different targets, same impulse: centralised control over technology that makes individuals harder to manage.

Welcome to 2026, where the Vatican and the surveillance state have found unlikely common ground — both convinced that powerful technology in the hands of ordinary people is simply too dangerous to be left alone.

The Pope, Gandalf, and the Anthropic Co-Founder Walk Into a Room

Let’s start with the sheer theatre of it. Pope Leo XIV, the first American pope, released his debut encyclical Magnifica Humanitas on May 25th — timed deliberately to the anniversary of Rerum Novarum, the 1891 workers’ rights document. The message: AI is the new industrial revolution, and without intervention, it will crush the workers just like the last one did.

Sitting in the front row for the presentation was Dario Amodei, co-founder of Anthropic — one of the most powerful AI labs on the planet. The Vatican, naturally, is already using AI to translate papal masses into 60 languages. This is peak 2026: the institution asking you to distrust technology is simultaneously deploying it at industrial scale.

The encyclical is worth reading, or at least skimming — if you have a week spare and enjoy 40,000 words of careful prose. The core argument: AI must be freed from “logics of domination, exclusion, and death.” Tech elites are compared to colonial conquerors. Data is described as “the new rare earths.” And in a line that will live forever in tech journalism, Leo cited Gandalf — specifically the idea that some powers should not be wielded, even by the wise.

It’s a coherent argument. It’s also an argument being made by an institution that accumulated extraordinary wealth, political influence, and control over information for roughly fifteen centuries before anyone thought to question it.

Meanwhile, Your Messages Are Being Opened

While the Pope was warning about AI concentration, a quieter battle was playing out across the democratic world — governments methodically dismantling the encryption that keeps private communication private.

Meta quietly removed end-to-end encryption from Instagram DMs on May 8th, citing “low adoption.” The Global Encryption Coalition called it exactly what it was: “Encryption is not just a feature. It is fundamental to safety and human rights.” But Meta buckled — the pressure from governments to make messages readable is immense, and Instagram was the easiest front to fold on.

Canada’s Bill C-22 wants backdoors baked into encrypted communication. The EU’s Chat Control regulation (CSAR) — still grinding through Brussels — would require client-side scanning of messages before they’re encrypted. Critics have called it what it is: warrantless mass surveillance. It would also require ID and face scans to open messaging accounts, effectively banning anonymous communication in Europe.

The UK’s Online Safety Act contains technical capability notices that pressure companies to weaken encryption on demand. Apple’s iCloud dispute with UK authorities is ongoing — and getting uglier. Privacy advocates are blunt: 2026 is shaping up to be the worst year for digital privacy in a generation.

The Language of Protection

Here is where the Pope and the surveillance state converge. Both frame their arguments in the language of protection. The encyclical worries about AI harming the vulnerable, the poor, the worker. The governments want backdoors to protect children from predators, to stop terrorism, to prevent financial crime.

These are not dishonest concerns. They are real problems. But “protection” has historically been the most reliable justification for concentrating power, and the pattern here is identical: technology is dangerous, so authority must control it.

The question nobody in power seems willing to ask is: dangerous to whom, and controlled by whom? AI in the hands of an open-source community is a very different threat profile to AI controlled by three labs and a Vatican working group. Encrypted messaging that governments can’t read is dangerous to governments. It is extraordinarily useful to dissidents, journalists, abuse survivors, and anyone living under an authoritarian regime — including quite a few people who currently live in countries that think of themselves as democracies.

Phil Zimmermann Did This Already

In 1991, Phil Zimmermann released PGP — Pretty Good Privacy — and was promptly investigated by the US government for “munitions export without a licence.” Cryptography was classified as a weapon. The idea that civilians could communicate without government access was, in the official view, a national security threat.

The crypto wars of the 1990s produced the Clipper Chip — the NSA’s proposal for an encryption standard with a built-in government backdoor. It failed, eventually, under sustained technical and civil liberties pressure. The internet that emerged was, for a decade or so, genuinely decentralised and hard to surveil at scale.

That window is closing. Chat Control, the Online Safety Act, Bill C-22 — these are the Clipper Chip with better PR. The arguments are identical. The risks are identical. And this time the governments have more leverage, because the platforms are larger, more centralised, and more susceptible to regulatory pressure.

The one bright spot: Apple and Google — pushed by the EFF and others — rolled out E2EE for cross-platform RCS messaging. It’s a genuine win. It also illustrates the dynamic perfectly: the good outcomes come from technical standards and civil society pressure, not from government benevolence.

The Libertarian Counter

Here is the case that neither the Pope nor Brussels will make: technology doesn’t need to be disarmed. It needs to be distributed.

The danger in AI is not that it exists. It’s that it’s concentrated in the hands of a small number of labs, with enormous government influence over those labs. The answer to that isn’t a Vatican working group with a kill switch. The answer is open-source models, local inference, individual sovereignty over compute. The danger of powerful AI is the same as the danger of powerful anything: monopoly. You solve monopoly with distribution, not with centralised disarmament.

The same logic applies to encryption. If your concern is that encryption enables crime, consider that the absence of encryption enables crime on an industrial scale — identity theft, financial fraud, state surveillance of minorities, stalking. The math is not complicated. Backdoors don’t stay exclusive to the good guys. They never have.

Zimmermann was right in 1991. The technology he fought for has saved lives — literally, for journalists and activists working under authoritarian governments. The people trying to “disarm” encryption now are making the same mistake his prosecutors made: confusing “we can’t read it” with “it is dangerous.”

The Irony Worth Savouring

The Vatican is an institution that, for most of its history, controlled who could read the Bible, in what language, and with what commentary. It imprisoned people for translating scripture. It ran the Inquisition. It accumulated land, political influence, and informational control on a scale that would make any tech billionaire envious.

The Pope citing Gandalf to warn about unchecked power is genuinely funny. It’s also worth taking seriously — not because the Vatican has earned the moral authority, but because the underlying point about concentrated technological power is correct. The problem is the proposed solution: more governance, more oversight, more international bodies with “soft power” over AI development. That’s not disarmament. That’s a different set of hands on the same controls.

The answer to powerful AI in the hands of a few is powerful AI in the hands of many. The answer to surveillance infrastructure is encryption infrastructure. The answer to centralised control is radical decentralisation.

Gandalf, for what it’s worth, didn’t hand the One Ring to Gondor for safekeeping. He insisted it had to be destroyed.

The Pope might want to re-read his own citation.

Related: Capability Apartheid: Anthropic Built a Genius, Then Decided You Get the Lesser One — the same gatekeeping logic, now applied to AI itself.

The year is 2026, and the British government wants to read your messages. Not metaphorically. Not in some dystopian hypothetical. Right now, through multiple overlapping legal instruments, the UK is conducting the most aggressive assault on end-to-end encryption of any Western democracy. And it’s working.

Phil Zimmermann was investigated as an arms dealer in the 1990s for releasing PGP — software that let ordinary people encrypt their emails. The US government classified strong encryption as a munition. They lost that fight. Thirty years later, a different government is trying the same thing with different tools. And this time, they’re not bothering with the pretence of public debate.

The Secret Order Apple Can’t Talk About

In January 2025, the UK Home Office issued a Technical Capability Notice (TCN) under the Investigatory Powers Act — the law everyone calls the Snooper’s Charter, because that’s what it is. The TCN demanded that Apple build a backdoor into iCloud’s Advanced Data Protection, the feature that end-to-end encrypts your backups.

Here’s the part that should make your blood run cold: the order originally applied to all Apple users globally. Not just Brits. Americans. Europeans. Everyone. A British Home Secretary, operating in secret, tried to compromise the security of billions of people worldwide.

Apple, to their credit, refused to build the backdoor. Instead, they withdrew Advanced Data Protection from UK users entirely. If you’re in Britain and you want Apple’s strongest encryption on your iCloud data, you simply can’t have it. The UK government didn’t technically break encryption — it just made Apple remove it from the menu.

The legal battle is ongoing. Apple appealed to the Investigatory Powers Tribunal, which at least had the decency to reject the Home Office’s demand for the entire case to be heard in secret. A seven-day public hearing was scheduled for early 2026, structured around “assumed facts” — a legal contortion necessary because the government maintains the right to neither confirm nor deny the TCN even exists.

Meanwhile, reports from the EFF suggest the government quietly rewrote the order in late 2025 to target only British users — a tactical retreat, not a surrender. US lawmakers, including House Judiciary Chair Jim Jordan, demanded a briefing by March 2026 on what the UK was doing with American citizens’ data. The diplomatic pressure helped narrow the scope. It didn’t kill the demand.

Advanced Data Protection remains unavailable in the UK. That’s not a temporary situation. That’s the new normal.

Signal’s Line in the Sand

Signal’s president, Meredith Whittaker, has been unambiguous: Signal will leave the UK before it compromises its encryption. This isn’t corporate posturing. Signal is a non-profit whose entire reason for existing is genuine end-to-end encryption. Asking Signal to weaken its protocol is like asking a hospital to make patients sicker.

The threat comes from the Online Safety Act’s Section 122, which gives Ofcom the power to compel platforms to scan private messages — including encrypted ones. The technical reality is simple: you cannot scan content that is truly end-to-end encrypted. To comply, Signal would need to implement client-side scanning — examining messages on your device before encryption. Security researchers universally regard this as a backdoor by another name. UCL researchers have called it the equivalent of a “mandatory wiretap.”

As of May 2026, Ofcom hasn’t pulled the trigger. The regulator publicly claims its measures “do not recommend that providers break end-to-end encryption.” But the legal power exists, and Ofcom is expanding CSAM monitoring duties to more platforms throughout 2026. The gun is loaded. It’s pointed at encrypted messaging. They just haven’t squeezed the trigger yet.

WhatsApp has made similar threats. Remember that WhatsApp uses the Signal Protocol — the same cryptographic foundation. Compromising it doesn’t just affect one app. It undermines the security architecture that protects billions of conversations daily.

The Online Safety Act: Surveillance as Child Protection

Every government that wants to break encryption uses the same justification: protecting children. It’s the argument that no politician can publicly oppose, which is precisely why it’s so dangerous. The Online Safety Act weaponises child safety to create a legal framework for mass surveillance of private communications.

Section 122 makes no exception for encrypted communications. The government has said it won’t invoke these powers until “appropriate technology” exists — a meaningless deferral, since client-side scanning technology already exists. Apple built and then abandoned its own CSAM scanning system in 2021, not because it didn’t work, but because they recognised the privacy implications were unacceptable.

Some services have already left. Smaller encrypted cloud providers like Krakenfiles have exited the UK market rather than face compliance demands they can’t meet without gutting their security. They won’t be the last.

The UK government’s position is logically incoherent. They claim to support strong encryption while simultaneously creating legal instruments that make strong encryption illegal in practice. It’s the regulatory equivalent of saying “we support free speech, but everything you say will be monitored.”

The European Front: Chat Control and ProtectEU

The UK isn’t alone. The EU has been pushing its own version of this fight through the Child Sexual Abuse Regulation — universally known as “Chat Control.” The proposal would have mandated client-side scanning of encrypted messages across the bloc.

Five hundred and two cryptography and IT security scientists signed an open letter calling client-side scanning “technically unfeasible” and warning it would create vulnerabilities exploitable by criminals and hostile states. The European Parliament pushed back hard. Germany’s Federal Constitutional Court ruled that mass surveillance of encrypted communications likely fails constitutional standards. The mandatory scanning mandate was blocked.

But the EU didn’t give up. It rebranded. In April 2025, the European Commission launched ProtectEU, a new “internal security strategy” built around the law enforcement concept of “Going Dark” — the idea that encryption is making criminals invisible. The strategy calls for a Technology Roadmap on encryption access by Q2 2026, with a target of deploying decryption capabilities to Europol by 2030.

The High-Level Group behind ProtectEU has coined the phrase “lawful access by design” — requiring all internet service providers to build their systems so that encrypted data can be accessed on demand. If that sounds like “backdoors by design,” that’s because it is. They just workshopped the branding.

The European Court of Human Rights has previously ruled that mandating encryption backdoors violates the European Convention on Human Rights. Whether that precedent holds against the sustained political pressure of ProtectEU remains to be seen.

Why This Matters Beyond Privacy

The standard response from surveillance advocates is: “If you’ve got nothing to hide, you’ve got nothing to fear.” This argument is intellectually bankrupt and historically illiterate.

Encryption isn’t a luxury. It’s critical infrastructure. It protects banking transactions, medical records, legal privilege, whistleblower communications, journalistic sources, and every business that handles sensitive data. When you break encryption for governments, you break it for everyone — including the criminals and hostile state actors the government claims to be protecting you from.

The UK government’s own National Cyber Security Centre has acknowledged this. GCHQ knows that backdoors are security vulnerabilities. They pursue this agenda anyway, because the institutional incentive to access communications outweighs the institutional incentive to protect them.

Consider the precedent. If the UK can compel Apple to build a backdoor, China can too. Russia can too. Every authoritarian regime on earth is watching this case. The UK isn’t just undermining its own citizens’ security — it’s writing the playbook for every government that wants to surveil its population.

Hal Finney understood this in the 1990s when he became the first person to receive a Bitcoin transaction from Satoshi Nakamoto. Erik Voorhees understood it when he built ShapeShift. Phil Zimmermann understood it when he released PGP and faced a federal investigation for his trouble. The cypherpunks saw this coming decades ago. Encryption is a human right because privacy is a human right. You don’t get to have one without the other.

What Happens Next

The Apple tribunal case will be the most significant legal test of government encryption powers in a generation. If the IPT upholds the TCN regime, the UK will have established that the government can secretly compel any technology company to compromise its encryption — with criminal penalties for even revealing that the order exists. Every encrypted service operating in the UK will face the same choice Apple faced: comply, remove your security features, or leave.

Ofcom will continue expanding its enforcement of the Online Safety Act throughout 2026. At some point, the regulator will have to address the elephant in the room: you cannot enforce content scanning obligations on encrypted platforms without breaking encryption. The deferrals and careful language will eventually run out.

The EU’s ProtectEU roadmap will produce its encryption technology assessment by mid-2026. Whatever it recommends will set the trajectory for European encryption policy for the next decade.

And ordinary people will continue using WhatsApp and iMessage without knowing that their governments are systematically dismantling the security those services provide.

The UK government isn’t just winning this fight. It’s winning it quietly, through secret orders and obscure tribunals and carefully worded legislation. That’s the most dangerous part. By the time most people realise what’s happened, the infrastructure of surveillance will already be built.

Phil Zimmermann called PGP “Pretty Good Privacy.” In 2026 Britain, even pretty good privacy is too much for the government to tolerate.

Related: Capability Apartheid: Anthropic Built a Genius, Then Decided You Get the Lesser One — the same gatekeeping logic, now applied to AI itself.

If you’ve seen the headlines this month about the EU “banning VPNs,” you can relax. They’re not banning VPNs.

They’re doing something far more insidious: making them useless.

What’s Actually Happening

Three separate EU initiatives are converging on the same target. None of them says “ban VPNs.” All of them, taken together, amount to a systematic assault on encrypted privacy in Europe.

Thread one: ProtectEU. Launched in April 2025, this is the European Commission’s internal security strategy. Buried in the policy language is a “Technology Roadmap on encryption” with a stated goal: EU law enforcement should be able to decrypt private data by 2030. That includes VPN tunnels, end-to-end encrypted messaging, and cloud storage.

Read that again. The European Commission wants the technical capability to break open your encrypted connections within four years.

Thread two: mandatory data retention. Leaked EU Council documents reveal proposals to extend data retention obligations to VPN providers, messaging apps, and cloud services for the first time. The requirements: log IP addresses, timestamps, session duration, traffic volume, and user identification data for 6–12 months. A formal legislative proposal is expected next month.

This would make “no-log” VPN policies illegal within EU territory.

Thread three: the age verification sideshow. EU officials publicly described VPNs as a “loophole” in their new age-verification system. The Commission later clarified there’s no VPN crackdown planned. This is where most of the breathless headlines came from, and it’s the least important of the three threads. Classic misdirection — everyone’s arguing about whether there’s a ban while the real damage happens elsewhere.

Why This Matters More Than a Ban

A ban would be honest. You’d know where you stood. You could route around it, use services outside the jurisdiction, make an informed choice.

What the EU is proposing instead is a hollowing out. Your VPN will still exist. It will still have a logo and a subscription fee and a “connect” button. But the tunnel won’t be private anymore. Your provider will be logging your metadata. And somewhere on the Commission’s roadmap, there’s a checkbox for decrypting what’s inside it.

This is the Crypto Wars all over again. Phil Zimmermann faced a criminal investigation in the 1990s for releasing PGP — strong encryption that the US government classified as a munition. The argument then was the same as now: “We need access to encrypted communications for law enforcement.” The counterargument hasn’t changed either: you cannot build a door that only the good guys can walk through.

The Backdoor Fallacy

Every serious cryptographer will tell you the same thing: there is no such thing as a backdoor that only works for authorised parties. If the EU mandates that encrypted tunnels must be decryptable by law enforcement, they are mandating a vulnerability. Full stop.

Proton (the Swiss company behind ProtonVPN and ProtonMail), Surfshark, and Tuta Mail have all said the same thing publicly: weakening encryption doesn’t make Europeans safer. It makes them targets.

Consider what flows through corporate VPN tunnels every day: financial data, medical records, legal communications, trade secrets, board papers, M&A documents. Now consider a mandated decryption capability sitting in a government database somewhere in Brussels. How long before it’s breached? How long before a state actor — or a sufficiently motivated criminal — finds the key?

The answer, based on every precedent in cybersecurity history, is: not long enough.

What About Businesses?

If you run a company with staff connecting remotely to corporate systems — and in 2026, who doesn’t? — this affects you directly.

The data retention proposal targets commercial VPN providers. If your company uses a third-party EU-based VPN service, that provider could be forced to log every connection your employees make. Self-hosted infrastructure (your own WireGuard or OpenVPN servers) appears exempt for now, but the distinction between “provider” and “operator” could narrow as the legislation evolves.

Several major VPN providers have already indicated they’d relocate outside the EU rather than comply. NordVPN is in Panama. Proton is in Switzerland. Mullvad has publicly stated they’ll maintain their no-logs policy regardless. But if your provider is EU-domiciled, you need to ask them what their plan is — now, not after the legislation passes.

There’s also a beautiful irony in the GDPR conflict. The EU’s own flagship privacy regulation requires data minimisation — don’t collect what you don’t need. The data retention proposal requires the opposite: collect everything, keep it for a year, hand it over on request. The Court of Justice of the EU struck down the last blanket retention directive in 2014 (Digital Rights Ireland). It may well do so again. But the years of legal uncertainty in between will be painful for businesses trying to comply with both frameworks simultaneously.

The UK Angle

Post-Brexit, the UK is not bound by EU data retention rules or ProtectEU. Before you breathe a sigh of relief: the UK already requires ISPs to retain connection metadata for 12 months under the Investigatory Powers Act 2016. We’re hardly the privacy utopia.

But there’s an opportunity here. If the EU forces VPN providers to log, and the UK doesn’t extend the same requirement to VPN services specifically, UK-based VPN infrastructure becomes more attractive for privacy-conscious businesses. Post-Brexit regulatory divergence occasionally produces something useful. This might be one of those times.

Encryption Is a Right, Not a Feature

Here’s where I stop being measured and start being honest.

Encryption is not a “loophole.” It’s not a “tool for criminals.” It’s a fundamental component of digital self-sovereignty. When Hal Finney ran the first Bitcoin transaction and championed strong encryption, he wasn’t evading law enforcement. He was building the infrastructure for a world where individuals control their own data. When Phil Zimmermann released PGP and told the US government that privacy was a human right, he wasn’t being a radical. He was being correct.

The EU’s position — that encrypted tunnels should be decryptable by state actors — is not a security measure. It’s a power grab dressed up in the language of child protection and counter-terrorism. The same arguments, the same emotional blackmail, every single time. And every single time, the actual result is the same: ordinary people lose privacy, criminals adapt, and the state gets more access to data it has no business seeing.

Erik Voorhees said it best: “Privacy is not about having something to hide. It’s about having something to protect.”

What Happens Next

The formal legislative proposal on data retention is expected next month. The ProtectEU encryption roadmap trundles toward its 2030 target. The age verification debate will continue to generate misleading headlines.

If you care about digital privacy — and if you’re running a business in 2026, you should — here’s what to do:

• Audit your VPN architecture now. Know who your provider is, where they’re domiciled, and what they’ll do if forced to log.
• Consider self-hosted or non-EU VPN infrastructure for anything sensitive.
• Support the organisations fighting this. The EFF, EDRi, and companies like Proton are doing the heavy lifting.
• Don’t wait for the legislation to pass. By then it’s too late to architect around it.

The EU doesn’t want to ban your VPN. It wants to turn it into a surveillance pipe with a privacy logo on it. Don’t let them.

---

Mark Hendy is a PE-focused interim CFO and founder of Tanous Limited. He runs his entire digital infrastructure through encrypted, self-hosted systems and believes privacy is a right, not a feature.

A new Oliver Wyman Forum and NYSE survey of 494 CFOs dropped this week, and the headlines wrote themselves: “AI to slash junior finance jobs.” Cue the hand-wringing.

Here’s the problem: that’s not the story. The story is that 92% of CFOs haven’t even started yet — and the ones who have are discovering something the headlines completely miss.

The Numbers Everyone Is Quoting

Let’s get the data on the table. The survey found:

• 64% of CFOs expect the finance function to shift away from junior roles over the next three years
• 91% anticipate flat or lower overall finance headcount
• Only 8% have deployed AI at scale in their finance function
• 74% are still in planning or pilot stages
• 61% expect enterprise AI spending to rise 5–20% in 2026

That last number is the one that should stop you. Sixty-one percent are increasing spend on something that ninety-two percent haven’t deployed. That’s not a workforce transformation story. That’s a procurement story.

The Intention-Execution Gap Is Enormous

I’ve sat in enough PE-backed boardrooms to know the difference between a strategy deck and operational reality. When 64% of CFOs say they “expect” junior roles to shift, what they actually mean is: “I’ve seen the demos, I believe it’s coming, and I’ve told the board it’s on our roadmap.”

That’s not the same as doing it.

Microsoft’s research, published earlier this month, puts a finer point on it: 67% of AI’s impact is organisational, not technical. The bottleneck isn’t the model. It’s the workflows, the incentives, the performance metrics, the change management. It’s the messy human stuff that no vendor demo covers.

Most finance teams are buying AI tools the way they bought ERP systems in the 2000s — with grand ambitions and no operating model to match.

What Actually Happens When You Deploy

I run an AI assistant. Not as an experiment — as operational infrastructure. It manages my email, monitors my calendar, runs a daily news podcast, handles trading positions, and publishes content. It’s not replacing a junior analyst. It’s doing work that no junior analyst could do at this speed and breadth.

And here’s the thing the survey gets right, buried in the detail: the CFO role is expanding, not shrinking. When AI handles the routine — the reconciliations, the variance analysis, the data gathering — you don’t need fewer people. You need different people. The finance team structure is shifting from a pyramid to something middle-heavy: fewer data entry roles, more people who can interpret, challenge, and act.

The junior analyst who used to spend three days building a board pack? That job is genuinely at risk. The senior finance business partner who can look at the output and say “this number doesn’t make sense given what I know about that customer”? That person just became more valuable.

The Real Risk Isn’t Job Losses — It’s Inaction

Here’s my contrarian take: the companies that should be worried aren’t the ones deploying AI. They’re the 92% who haven’t.

While they’re running pilots and building business cases, their competitors are compounding operational advantages. Bain’s latest data shows finance departments are ramping internal AI budgets precisely because early adopters are seeing measurable returns — not in headcount reduction, but in speed, accuracy, and decision quality.

If you’re a PE-backed CFO reading this, ask yourself: when your investors ask what you’re doing with AI in the finance function, is your answer a strategy deck or a live system? Because the gap between those two answers is about to become very visible in portfolio company valuations.

The Pyramid Is Dead. Good.

The traditional finance team pyramid — lots of juniors doing data work, a few seniors making decisions — was always inefficient. It just felt normal because we’d never had an alternative.

AI doesn’t kill the pyramid by firing the base. It kills it by making the base unnecessary for the work it used to do. That’s a different statement with different implications. It means:

• Hiring profiles change. You want fewer graduates with accounting degrees and more people who can work alongside AI systems — prompt engineers, data interpreters, exception handlers.
• Training inverts. Instead of teaching juniors to build spreadsheets, you teach them to validate AI output. That’s a harder skill, not an easier one.
• The CFO becomes a technologist. Not writing code — but understanding what’s possible, what’s reliable, and what’s theatre. The Accenture CFO AI Pulse survey confirms this: finance leaders are increasingly governing AI investment decisions.

Stop Talking About Job Losses. Start Building.

The conversation about AI and junior finance roles is a distraction. It’s comfortable because it’s abstract and future-tense. “Someday, AI might…”

The uncomfortable truth is simpler: AI is ready now. Your organisation isn’t. And the 8% who’ve figured that out are pulling away from the rest of you every single day.

The question isn’t whether junior finance roles will change. They will. The question is whether you’ll be the CFO who shaped that change — or the one who read about it in a survey.

---

Mark Hendy is a PE-focused interim CFO and founder of Tanous Limited.