Enterprise software buyers are famously risk-averse, but generative AI has broken their normal risk models. When the United States Department of Defense stamped Anthropic with a "supply-chain risk" label back in March 2026, you would expect corporate CIOs to flee. They didn't. They bought more. In fact, newly analyzed transaction data from Ramp—covering business spending across more than 70,000 corporate clients—reveals that Anthropic’s share of enterprise AI subscriptions rose to 41% in May 2026, overtaking OpenAI's 39.5% for the first time. It is a stunning flip. We are watching a bizarre marketing phenomenon play out in real time: the threat premium.
If a government tells you a piece of software is too dangerous for national security, they are also telling you it is incredibly powerful. Ara Kharazian, Ramp’s lead economist, laid it out plainly: there is an aura that comes with being designated a danger to the state. Corporate executives look at that label and see a validation of Anthropic's technical edge. They want the sharpest tool in the shed, even if the government is trying to lock the shed door. While consumers still flock to OpenAI's products, the serious, high-volume business spenders—those deploying developer agents and running heavy API workloads—are shifting capital to Anthropic's Claude ecosystem at an accelerating rate.
This surge in market share happened just as Anthropic was firing on all cylinders. The company closed a massive $65 billion funding round at the end of May, valuing the startup at $965 billion, followed immediately by a confidential draft S-1 filing with the SEC for a planned IPO. But the government wasn't done playing its hand. On Friday, June 12, 2026, the White House struck again, using an export control directive to order the immediate suspension of Anthropic's latest frontier models, Mythos 5 and Fable 5, for non-U.S. citizens. Rather than running a bifurcated system, Anthropic pulled the plug globally. Yet if history is any guide, this newest clash will only cement the company's reputation as the builder of the most powerful, and therefore most scrutinized, models on the market.
Friday Night Shutdown: Code, Controls, and Confidential Paperwork
The immediate catalyst for the current emergency was a Friday-night directive from the White House ordering Anthropic to stop non-U.S. citizens from using Fable 5 and Mythos 5. This restriction included foreign nationals employed by Anthropic itself. Rather than trying to build a complex, geo-fenced filter that would likely leak, Anthropic chose to suspend the models globally. For a deeper look at the operational aftermath, see our article on how Anthropic shut down its frontier models. This action hit the market only days after the company had publicly released Fable 5 with enhanced, supposedly hardened guardrails. For more details on the release itself, read about the public launch of Claude Fable 5.
The official concern is jailbreaking. Fable 5 was designed as a safer, publicly accessible version of Mythos 5. But rumors suggest security researchers and hackers quickly bypassed those safety layers anyway. Mythos 5 is so effective at analyzing software code and identifying exploitable vulnerabilities that Anthropic itself restricted its release, describing its capabilities as potentially dual-use. The fear in Washington is clear: if foreign actors get their hands on a model that can systematically automate the discovery of zero-day exploits, U.S. infrastructure is built on matching sand. The details are discussed in our reporting on Anthropic's dispatching of staff to Washington.
The shutdown’s timing could not have been more awkward. Anthropic had just filed its secret S-1 paperwork, riding high on its first-ever profitable quarter. To understand the financial stakes of this filing, read our coverage of the confidential Anthropic IPO filing. A government shutdown of your core product line is not exactly the slide you want in your pitch deck. Yet, developers haven't blinked. Ramp’s data indicates that the bulk of business API spending remains anchored in the older, stable Claude 3.5 Opus and Opus 4.8 editions, which are untouched by the current ban. The sales pipeline hasn't dried up; it has hardened.
Red Lines at the Pentagon: The Feb 2026 Ultimatum
This isn't a new fight. The roots of this public animosity reach back to February 2026, when President Trump ordered U.S. agencies to stop using Anthropic tech altogether after CEO Dario Amodei refused to compromise on AI safety guardrails. The Pentagon wanted unrestricted access to Claude. Amodei drew two hard lines: Anthropic's technology could not be used under any circumstances for domestic mass surveillance of American citizens, and it could not be integrated into fully autonomous weapons systems that operate without human oversight.
The administration didn't take the rejection well. Defense Secretary Pete Hegseth immediately designated Anthropic a "supply-chain risk," an administrative hammer usually reserved for foreign adversaries. Trump took to Truth Social, calling the company "radical left" and "woke" in all caps, and giving the military a six-month window to tear out Claude from its networks. He threatened "major civil and criminal consequences" if they didn't comply. But instead of breaking the company, the public spat acted as a massive signal fire. It told the corporate world that Anthropic meant what it said about safety and compliance—critical assurances for enterprises worried about their own data liability.
Hours after Anthropic was banned, OpenAI leaped into the breach. CEO Sam Altman announced a deal with the Pentagon to supply OpenAI's models to classified military networks. Intriguingly, Altman claimed that OpenAI’s agreement enshrined the exact same red lines—no mass surveillance, no fully autonomous weapons. He even suggested the Pentagon should offer those same terms to all AI developers. Safe to say, this maneuver did not go unnoticed. But while OpenAI took the cash and the classified clearances, Anthropic took the high ground. For enterprise software developers buying API packages, that principled stance has translated into direct trust. It's a key reason why sales data shows such a strong enterprise preference for Anthropic. For more on the early phases of this rivalry, check out how the feud may actually boost Anthropic's numbers.
The Hard Numbers: What the Ramp Data Tells Us
Let's look at the actual numbers. Ramp's spending tracking covers transactions across thousands of companies. This isn't survey feedback; it's cold, hard money. Anthropic's share of corporate AI subscriptions rose by 2.5 percentage points in May 2026 to hit 41%. OpenAI stayed flat at 39.5%. Think about what that represents. The company that pioneered the modern generative AI boom is now running behind its chiefl rival in the corporate subscription race.
It gets more interesting when you look at API usage. Subscriptions are just the entry fee. The real money in enterprise AI is spent on API calls, which charge per token. A developers' automated workflow can burn millions of tokens in a single afternoon. Anthropic’s Claude Code has become the tool of choice for automation engineers. We use it to refactor legacy codebases, write unit tests, and provision cloud resources. Because Anthropic's Claude models have a reputation for cleaner code syntax and fewer hallucinations under heavy token loads, companies are routing their mission-critical dev pipelines through them. When the government labeled Claude a risk, they didn't realize they were talking to engineers who prioritize reliability and safety. If you're building a system to automate production code, you don't want a model that shrugs off safety rails.
OpenAI still dominates consumer usage by a wide margin. Chatbots are a commodity; anyone can write a prompt asking to summarize an email. But the enterprise market is different. B2B platforms need security, compliance, and predictable outputs. Anthropic’s obsession with "Constitutional AI" was once mocked as academic hand-wringing. It turns out to be a competitive advantage. Corporate legal departments are terrified of copyright lawsuits and security breaches. Anthropic's public refusal to back down under federal pressure showed these risk managers that the company's safety promises aren't just marketing copy. They are baked into the corporate DNA.
A Chilling Precedent for the US Tech Monopoly
The White House's sudden intervention has sent shockwaves far beyond San Francisco. Emory University law professor Ifeoma Ajunwa warned that this level of regulatory instability creates a chilling effect on the entire U.S. AI industry. If tech startups feel that they can have their products turned off overnight by a unilateral directive from the Commerce Department, they will start looking for homes elsewhere. Software development doesn't need to happen in the United States. If the domestic regulatory environment is too unpredictable, startups and capital will simply move to jurisdictions with more stable guidelines.
Allies are also taking notes. At the G7 summit in France, Canada's Prime Minister Mark Carney pointed to the sudden Anthropic shutdown as a prime example of the dangers of single-source tech reliance. If a foreign government can unilaterally disable a model fleet that your domestic businesses depend on, then relying on that tech is an existential threat to your national sovereignty. We are likely to see European and Canadian governments double down on independent, local AI initiatives to protect their own digital supply chains. They don't want a Friday-night directive in Washington to shut down their enterprise operations. The regulatory fallout is already reshaping access policies, as detailed in our analysis of Anthropic's changing data retention rules.
The administration is playing a dangerous game. They want the United States to dominate the global AI race, yet their actions are fragmenting the very alliances needed to sustain that dominance. By turning AI safety into a partisan weapon and national security theater, they are accelerating the balkanization of the global software stack. Developers are already responding by looking at self-hosted, local models that don't call domestic APIs. This latest feud didn't kill Anthropic's sales—it just made them look like the only adults in the room. But the long-term cost of this regulatory instability is going to be paid by the U.S. technology sector as a whole.