Claude Cowork Goes GA

On 9 April 2026, Anthropic moved Claude Cowork out of research preview. It's now generally available on all paid plans across macOS and Windows, with six enterprise controls aimed at organization-wide deployment.

For investment manager CIOs and CCOs evaluating Cowork, the governance story is materially stronger than it was a week ago. With the right scoping and a written policy, Cowork is deployable today for research and operational workflows.

What Shipped

Cowork brings Claude Code's agentic architecture into Claude Desktop — task delegation, local file access, sub-agent coordination, scheduled tasks, and professional outputs including Excel with working formulas and formatted documents. The GA release layers six organization-level controls on top:

Enterprise admins can also require that all Cowork activity execute inside a virtual machine sandbox on member devices — a meaningful control for shops with strict endpoint data-loss policies.

The Governance Takes Most People Are Getting Wrong

The headline most people are running with: “Cowork activity isn't in Anthropic's audit logs — so don't use it for regulated workloads.”

That framing is doing a lot of work. For investment managers, it's mostly wrong.

The core distinction: activity vs. content

The OpenTelemetry stream gives near-complete visibility into what Claude did — every prompt, every tool call, every data-source query, every file write, every approval decision, with costs and timing, streamed into the firm's existing SIEM. What OTEL doesn't stream centrally is content: Claude's reasoning commentary on screen, the full body of output documents, the raw data pulled from connected sources. That content lives where it always has — at the source, on disk, or in the user's local session history.

A 204-2 Clarification for the CCOs

Rule 204-2(a)(7) under the Investment Advisers Act applies to written communications sent and received— not to information generated inside an application. From Skadden's September 2024 analysis of SEC recordkeeping rules applied to AI-generated content:

“AI-generated information that is not subsequently transmitted likely does not constitute a written communication that must be retained under relevant IA and BD recordkeeping rules… The generation of information in an application cannot reasonably be interpreted as a sent or received communication.”

— Skadden, Arps, Slate, Meagher & Flom LLP, September 2024

An analyst using Cowork to pull fundamentals from FactSet, synthesize, and draft a research memo is not creating a 204-2 record inside Cowork. The eventual email or memo to the PM is the record — and it's captured by the firm's existing communications archiving.

Where the audit gap does matter is narrower: AI-generated marketing or advertising content (204-2(a)(11) captures internal working papers for disseminated advertisements), firm-policy audit mandates under 206(4)-7 compliance programs, client-facing workflows where AI is the communication channel, and the SEC's proposed predictive-data-analytics rule if finalized. Real cases to scope around — not a blanket ban.

A Concrete Research Workflow

An analyst prompts Cowork: “Pull Apple's revenue, EPS, and consensus estimates for the next quarter, and write me a one-page summary.”

Claude calls the FactSet MCP for Fundamentals (historical revenue and EPS) and Estimates Consensus (forward expectations), synthesizes, and writes the output as a markdown file.

No dead-ends for a CCO reconstructing the workflow. The record is distributed across the firm's existing source-level, file-level, and email-level controls, with OTEL providing the activity glue.

What a Defensible Rollout Looks Like

With the new controls, a defensible Cowork rollout at a typical hedge fund or asset manager is straightforward:

This is the first Cowork release where the full deployment stack — identity, permissioning, observability, spend, sandboxing — is coherent enough for an institutional rollout.

Bottom Line

Anthropic's own conservative language — “do not enable Cowork for regulated workloads” if formal audit trails are required — is a defensible posture from their side. Read alongside the actual OTEL coverage and where the recordkeeping rule actually applies, a scoped Cowork deployment with a written policy sits well inside what a reasonable CCO would approve today.

The governance story moved in a week. Most of the FUD didn't.

Sources