Anthropic
Claude Sonnet 5
v5 · frontier · Released June 30, 2026
Updated July 1, 2026
Claude Sonnet 5 brings Opus-class agentic capabilities to default Free and Pro deployment tiers, triggering immediate governance reassessment requirements. Organizations with existing Claude integrations must audit whether their approved use cases now have access to significantly elevated agentic capability without explicit re-authorization. Key controls CHM-001, CHM-002, AGT-001, AGT-005, and AGT-016 require review before treating Sonnet 5 as an approved production default.
Enterprise guidance
Claude Sonnet 5 is now the default model for Free and Pro plans and delivers capabilities previously requiring Opus-tier access, including advanced agentic task execution. Enterprise compliance teams should: (1) audit all active Anthropic API and Claude-hosted plan integrations to identify deployments now running on Sonnet 5 by default, (2) reassess approved use cases against the elevated capability profile, and (3) update model change management records. Use Claude for Enterprise or AWS Bedrock for HIPAA and zero-retention requirements.
Active Compliance Flags1
Default deployment tier change grants Free and Pro users Opus-class agentic capability without explicit re-authorization. Enterprise governance programs may have approved prior Sonnet-tier capability only.
Primary source →Data handling
Default data retention
Transient for API; Claude.ai free tier may use conversations to improve models unless opted out
Zero-retention available
YesVia: Claude for Enterprise; AWS Bedrock; Google Cloud Vertex AI
API data used for training
NoAnthropic does not train on API customer data by default.
GDPR Data Processing Agreement
AvailableHIPAA Business Associate Agreement
AvailableClaude for Enterprise; AWS Bedrock
Data residency options
US (default); EU available via AWS Bedrock eu-west regions
Vendor compliance certifications
Key use restrictions
- —Governance reassessment required before approving Sonnet 5 as enterprise default — elevated agentic capability scope
- —Model version substitution may have occurred silently in existing Free/Pro deployments
- —No CSAM or sexual content involving minors
- —No content facilitating mass casualty weapons (biological, chemical, nuclear, radiological)
- —No cyberweapons intended to cause significant damage to critical systems
Safety documentation
System card referenced in Sonnet 5 release. Full Claude Sonnet 5 model card not yet published at release.
Safety documentation →Related governance resources
Playbook guides
How do we govern AI models from preview release through retirement?
A lifecycle governance framework covering every stage of an AI model's production life — from evaluating preview releases, through controlled promotion to general availability, to scheduled re-assessment triggers and formal retirement.
How do we govern AI agents that take autonomous actions?
Agentic AI systems that can browse the web, execute code, send messages, and interact with external services require governance controls that traditional policy frameworks were never designed to handle.
How do we ensure third-party AI vendors meet our standards?
Extending vendor due diligence to cover model transparency, data handling, bias testing, and contractual liability for AI outputs.
