Payment Institutions × Technology Data — International / Multilateral · updated 2026-05-28 · methodology v2.1

Origin of the phrase 'secure the periphery, protect the core'

RLB Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q014

What the RLB Specialist Panel found

Question (paraphrased to protect IP)

Does the CPMI-IOSCO 2016 Cyber Guidance contain the phrase 'secure the periphery, protect the core', and if not, where does it originate?

RLB's analysis

The model correctly identified that the phrase does not appear in the 2016 guidance and correctly pointed toward the 2018 CPMI endpoint-security work — but it attributed the phrase to a 2018 strategy document rather than the 2018 speech from which it actually originates. The model appears to have conflated two distinct 2018 CPMI outputs that share thematic content, substituting the closer-in-kind strategy document for the correct speech source. - Regulator portal (if any cited link is dud): https://www.bis.org

AI Head's analysis — what weakness in the AI model caused this

This finding implicates the model's source-attribution logic at the intra-ecosystem level: when the correct source and the asserted source are thematically adjacent outputs from the same organisation in the same year, the model's retrieval or generation step does not reliably distinguish between them. For labs with RAG or web-search integrations, this suggests the citation grounding layer needs finer-grained document-level anchoring, not just organisation- or topic-level matching — two 2018 CPMI outputs on related subjects should not be interchangeable in a citation.

Impact for Technology & Data Teams in Payment Institutions Sector in international jurisdictions working with the Guidance on Cyber Resilience for Financial Market Infrastructures

A Technology & Data team that accepts an AI misattribution of the phrase 'secure the periphery and protect the core' to the CPMI wholesale payments fraud strategy — rather than to Cœuré's 2018 speech — may cite the wrong document in internal papers, regulatory submissions, or board-level cyber strategy materials. The practical harm is reputational and credibility-based: a firm that cites a source that does not contain the attributed language, or that mischaracterises the scope of a CPMI policy document, signals inadequate primary-source diligence to any supervisor or auditor reviewing the firm's regulatory competence.

For Payment Institutions firms in multiple jurisdictions, where senior managers are individually accountable for the accuracy of regulatory submissions, misattribution carries a non-trivial personal and institutional risk.

References — raw findings (per AI model)

RLB-H-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q014-Opus47 Claude Opus 4.7 (web search on)

This finding also affects

← Previous finding NIST Cybersecurity Framework citation in the 2016 CPMI-IOSCO guidance Next finding → Operational detail for cyber incident response in the 2016 guidance versus later documents

Cite this finding

Each finding has a stable Citation ID (RLB-F-… for aggregated case-study findings, RLB-H-… for raw per-model hallucinations) — like a DOI, the ID always resolves to the canonical finding even if URLs change.

RLB Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q014

Plain text Download

RegLeg Specialist Panel (2026). "Origin of the phrase 'secure the periphery, protect the core' — Payment Institutions × Technology Data — International / Multilateral." Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q014. RegLegBrief AI Hallucination Research, published 2026-05-28. https://reglegbrief.com/regulators/j1/int/bis-cpmi/cpmi-iosco-cyber-resilience-fmi-2016/sectors/payment_institutions/technology_data/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-014/

APA 7th edition Download

RegLeg Specialist Panel. (2026). Origin of the phrase 'secure the periphery, protect the core' [Hallucination finding RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q014]. RegLegBrief AI Hallucination Research. https://reglegbrief.com/regulators/j1/int/bis-cpmi/cpmi-iosco-cyber-resilience-fmi-2016/sectors/payment_institutions/technology_data/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-014/

Bluebook / OSCOLA (US + UK legal) Download

RegLeg Specialist Panel, Origin of the phrase 'secure the periphery, protect the core' [RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q014], RegLegBrief AI Hallucination Research (May 28, 2026), https://reglegbrief.com/regulators/j1/int/bis-cpmi/cpmi-iosco-cyber-resilience-fmi-2016/sectors/payment_institutions/technology_data/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-014/.

BibTeX Download

@misc{reglegbrief_RLB_F_INT_BIS_CPMI_IOSCO_CYBER_RESILIENCE_FMI_2016_Q014,
  author    = {RegLeg Specialist Panel},
  title     = {Origin of the phrase 'secure the periphery, protect the core'},
  year      = {2026},
  publisher = {RegLegBrief AI Hallucination Research},
  note      = {Hallucination finding Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q014},
  url       = {https://reglegbrief.com/regulators/j1/int/bis-cpmi/cpmi-iosco-cyber-resilience-fmi-2016/sectors/payment_institutions/technology_data/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-014/}
}

← Back to case study summary Case study detail →

About Citation IDs →