Scorecard/Anthropic

Anthropic

Data gathering in process

AI safety company building reliable, interpretable AI systems. Developer of Claude.

HQUS
Est2021
Size1001-5000
EU AI ActGPAI Systemic Risk
anthropic.com
Score
72.8 / 100
Evidence
8 items

Industry-leading safety practices with comprehensive governance and technical safeguards.

Strengths:Governance Maturity, Technical Safety, Risk Assessment, Regulatory Readiness, External Engagement
Focus Areas
foundation modelsai safetyalignment researchenterprise ai

Security Assessment

Security-relevant indicators for vendor evaluation

Security Posture
71
TS-01dim: 74
Red Teaming & Pre-deployment Testing
Adversarial testing before deployment
TS-05dim: 74
Robustness & Adversarial Resilience
Resistance to adversarial attacks
RA-01dim: 68
Sector-Specific Risk Assessment
Risk analysis for deployment context
RA-03dim: 68
Dual-Use & Misuse Risk
Dangerous capability awareness
RA-07dim: 68
Incident History & Track Record
Past incidents and response quality
EE-04dim: 82
Vulnerability Disclosure Program
Bug bounty or CVE reporting process
Incident History
Anthropic incident records sourced from AIAAIC Repository and public reporting.
Integration: AIAAIC, OECD AI Incidents Monitor
Third-Party Audits
External audit reports, SOC 2 attestations, and ISO certifications verified where published.
Sources: Company filings, registry lookups
CVE & Disclosures
Known vulnerabilities and security advisories from NVD, GitHub Security Advisories, and vendor pages.
Sources: NVD, GHSA, vendor disclosure pages

Dimension Breakdown

GM
Governance Maturitymedium
Published policies, corporate structure, safety mandate, whistleblowing, executive commitment.
78
3 evidence items
GM-01GM-02GM-03
TS
Technical Safetymedium
Benchmarks, adversarial robustness, fine-tuning safety, watermarking, model cards, research output.
74
2 evidence items
TS-01TS-07
RA
Risk Assessmentlow
Dangerous capability evaluations, thresholds, external testing, bug bounty, halt conditions.
68
1 evidence items
RA-01
RR
Regulatory Readinesslow
ISO 42001, EU AI Act compliance, GPAI obligations, international commitments, incident reporting.
65
EE
External Engagementmedium
Survey participation, research support, transparency, behavior specs, open-source contributions.
82
2 evidence items
EE-01EE-02

Social Impact & Safety Profile

Strong

Anthropic has published a detailed Responsible Scaling Policy that explicitly addresses societal risks at each capability threshold. Their Constitutional AI framework embeds human values directly into model training. The company maintains an active research program on dual-use prevention, workforce displacement impacts, and bias evaluation. Third-party audits and external red-teaming further validate their commitments.

responsible scalingdual-use preventionworkforce impactbias evaluation
Why it matters for safety

Anthropic is the test case for whether safety-first AI development can compete commercially. If Anthropic succeeds, it proves the market rewards safety. If it fails, the argument for voluntary safety investment weakens across the industry.

Civilizational Risk Awareness

3/3

Catastrophic risk is central to company mission with structural commitments (PBC, RSP, dedicated alignment team with significant resource allocation).

Responsible Scaling Policy

Published

First published RSP in the industry (2023). Defines AI Safety Levels (ASL) with specific capability thresholds that trigger additional safety requirements before further scaling. ASL-3 preparations underway.

RSP is publicly auditable but not yet independently verified by a third party. The gap between policy and enforcement is the key question - Anthropic's RSP is the strongest in the industry, but whether it would survive extreme commercial pressure remains untested.

Mission Drift Protection

3/3
  • Public Benefit Corporation status - legal obligation to balance profit and mission
  • Long-Term Benefit Trust (LTBT) - governance mechanism for mission preservation
  • RSP creates hard gates on capability deployment
  • Dedicated alignment team with significant headcount
  • LTBT not yet fully operational
  • No independent external safety board with binding authority
  • Commercial revenue growth may create internal pressure on RSP gates

Vulnerability Disclosure

External

Structured vulnerability disclosure programme. Bug bounty for safety-relevant vulnerabilities. Published responsible disclosure policy.

Among the best in the frontier lab category. Disclosure programme covers both traditional security vulnerabilities and AI-specific safety issues.

Safety Reporting

◆◆◆ Quarterly
RSP assessmentper model release
Safety research publicationscontinuous
Transparency reportannual
Model cardsper release

Among the best for reporting cadence. RSP assessments tied to model releases - not calendar cadence - but output is frequent. Research publications provide continuous safety data. Gap: no structured quarterly safety report in a standardised format (akin to Verizon DBIR for AI safety).

Dual-Use Risk

SignificantAI×Cyber OffensiveAI×BioAI×Information Manipulation

Dual-use risk is inherent to frontier models. Anthropic has the most structured mitigation approach (RSP + red-teaming + usage policies) but no frontier lab has solved the fundamental dual-use challenge. The question is not whether risk exists but whether mitigation is credible.

Mitigation details
RSP with capability-specific thresholds for dangerous capabilities
Red-teaming programme covering bio, cyber, and CBRN risks
Usage policies prohibiting harmful applications
Model deployment gating based on safety evaluation results
No independent dual-use review board with binding authority
Usage policy enforcement relies on detection - determined adversaries can circumvent
Bio-risk evaluation methodology still developing across the industry

Need a detailed report for Anthropic?

Subscribe to express interest in indicator-level evidence, peer benchmarking, and regulatory gap analysis - or reach out to request a full company overview brief.