Goldman blocks Claude access for Hong Kong bankers

Goldman Sachs has removed access to Anthropic’s Claude for bankers in Hong Kong.

Reuters reports, citing a source with direct knowledge, that employees of the US bank in Hong Kong had previously been able to use Claude through an internal AI platform, but no longer had access in recent weeks. The Financial Times reported the restriction first. Goldman declined to comment to Reuters, and Anthropic did not immediately respond to Reuters' request for comment.

The important point is not that one bank changed a setting in an internal portal. It is why: according to Reuters, the move followed Goldman taking a strict interpretation of its contract with Anthropic after consulting the company, concluding that employees in Hong Kong should not use Anthropic products. Reuters also notes that Hong Kong is not listed as an officially supported market for Claude.ai and Anthropic’s API.

For executives, this is a practical warning. AI tools cannot be assessed only on model quality, price and productivity. They must be mapped against supported countries, data-processing terms, group structure, export controls, supervisory expectations and where employees actually sit. A tool that is acceptable for a team in Norway may be unsuitable for a subsidiary, nearshore unit or partner in another jurisdiction.

Reuters says other mainstream models, including Gemini and ChatGPT, were still available on Goldman’s internal platform, according to the source. That makes the case more relevant for CIOs: this is not a general AI ban, but selective vendor governance. Enterprises need policy by model, region, data domain and user group, not one generic AI rule.

Banks and regulated businesses should read the case alongside their own generative-AI risk assessments. Reuters points out that the Hong Kong Monetary Authority recently said some banks were assessing additional mitigation measures in response to evolving cyber threats from advanced AI models. For boards and leadership teams, AI governance is moving from pilot-level guidance to operational control: who has access, from where, with what data, under which contract and with what audit trail.

Assessment: companies rolling out Claude, ChatGPT, Gemini or internal agent platforms should update their AI inventory now. Add supported country or region, data classes, allowed user groups, contractual basis and an emergency process for revoking access. It is cheaper to do this before a regulator, supplier or geopolitical event forces a rushed shutdown.