This case study examines how AI tools perform when Risk teams at Retail Banking firms in Singapore consult them on obligations under MAS Notice 637 (Capital Adequacy for Banks). Across two aggregated questions drawn from this regulation, AI assistants produced responses that could not be verified against the source text and, in several cases, appeared to contradict the document's structure. Both findings relate to the interpretation of specific annexes within MAS Notice 637 — technical reference material that Risk teams routinely need to read with precision when calibrating capital calculations and prudential valuation frameworks.
The pattern documented here is not isolated to a single AI tool: the errors reflect a broader tendency for general-purpose AI models to reason from structural inference rather than retrieved regulatory text when responding to detailed annex-level queries.
Risk teams at Retail Banking firms in Singapore consult AI tools on MAS Notice 637 in a wide range of routine situations: drafting or reviewing internal capital adequacy policies, preparing training materials for front-line and treasury staff, mapping regulatory requirements when scoping new product launches, and responding to ad hoc questions from business lines that need a quick steer on whether a proposed structure attracts specific capital treatment. The annex-level detail covered in this case study — credit risk frameworks, leverage ratio mechanics, and prudential valuation standards — sits at the operational core of these workflows.
When a Risk analyst uses an AI tool to understand what a particular annex governs, that answer typically flows into an internal policy document, a regulatory mapping exercise, or a briefing note to senior management.
The corporate use-cases that sit on top of this material are consequential. Capital adequacy calculations affect how much capital the firm must hold, which in turn affects its capacity to lend, its dividend policy, and its regulatory standing with MAS. Prudential valuation adjustments affect the reported value of the firm's fair-valued positions, with direct impact on regulatory capital ratios. If an AI-assisted answer incorrectly characterises what an annex requires — misidentifying the framework it belongs to, or attributing criteria that the annex does not actually impose — the resulting policy or briefing will embed that error silently.
The firm bears the consequences. If a mis-characterised rule informs an internal capital model or a valuation policy that MAS subsequently reviews, the firm faces potential supervisory action, mandatory remediation, and reputational exposure. Individual employees using AI tools in good faith are rarely held personally liable for the AI's error, but the department that relied on the output, and ultimately the firm, absorbs the regulatory and financial cost of acting on wrong information. In Singapore's regulatory environment, MAS expects firms to maintain robust systems and controls — an AI tool's error is not a mitigating defence.
Both findings in this case study share a common failure shape: the AI tool answered annex-specific questions by reasoning from the overall structure of the Basel III framework or from general regulatory conventions, rather than from the actual text of MAS Notice 637. In one case the AI placed an annex in the wrong part of the regulatory framework entirely — attributing leverage ratio content to an annex that most likely belongs to the standardised approach for credit risk. In the other, the AI assigned prudent valuation criteria to a specific annex without any document passage to support the attribution.
In both instances the AI presented its answer with apparent confidence, and in one case added a caveat only after giving the primary (likely incorrect) answer. That pattern — lead with the wrong answer, hedge afterwards — is particularly hazardous in a workflow where a user may read the headline response and not register the qualification.
The errors cluster exclusively on MAS Notice 637, Singapore's primary capital adequacy framework for banks. This is a technically dense, frequently amended document whose annex structure is not reliably reproduced in the publicly available training material that general-purpose AI models draw upon. Risk teams that use AI tools for any Notice 637 query — whether on credit risk weights, leverage ratios, or fair-value adjustments — face a structurally elevated risk of receiving plausible-sounding but incorrect answers, particularly at the annex level where the detail is most granular.
The systemic risk to the firm compounds quickly. A Risk team that drafts a capital adequacy policy, a regulatory capital model, or a valuation methodology document using AI-assisted research on Notice 637 annexes may circulate that error across multiple downstream work-products: model validation papers, board risk committee reports, regulatory submissions, and business-line guidance notes. Each downstream document that inherits the error extends the firm's exposure and increases the cost of correction if the mistake is identified during an MAS review.
The two findings documented here represent only the questions tested; the pattern of inference-based reasoning over Notice 637 annexes is likely to recur across the full breadth of the document.
2 findings in this case study. Click any to see its full evidence card.
The default position for Risk teams at Retail Banking firms in Singapore should be that AI tools are a starting point for orientation, not a primary source, when working with MAS Notice 637 or any other MAS prudential notice at the annex level. The errors documented in this case study arose precisely because the AI tools provided confident-sounding answers based on inferred structure rather than retrieved text — and that pattern is not detectable from the response itself without independent verification.
For regulatory-facing work, including internal capital adequacy policies, model documentation, and valuation methodology papers, every AI-assisted answer touching a specific annex, rule reference, or quantitative criterion should be verified against the current consolidated text on the MAS website before it enters any firm work-product.
At the firm level, the Risk function should consider several practical safeguards. A regulatory-verification policy should identify AI tools as an unreliable source for annex-specific content in prudential notices, and should require a named team member to confirm the primary source before AI-derived content is circulated. Work-products that were informed by AI research should carry a clear audit trail indicating which elements were AI-assisted and which were independently verified.
Where AI output is intended to inform a firm-wide document — a board risk appetite statement, a regulatory capital model, a valuation policy — sign-off from a senior Risk officer should be required and documented. Distinguishing "AI-drafted" from "AI-summarised" content is particularly important in regulatory-facing material: an AI summary of a long document the team can cross-check is meaningfully lower risk than an AI characterisation of a rule the team has not independently read.
AI tools remain genuinely useful within the Risk workflow in contexts that do not depend on annex-level precision. Drafting internal communications and training materials (subject to human review), generating first-draft questions to structure a regulatory research exercise, and summarising long consultation documents that the team will then verify are all lower-risk applications. The key discipline is maintaining a clear boundary between tasks where AI assists with expression and tasks where AI is being asked to resolve a regulatory fact — the latter always requires a human to close the loop against the source text.
RegLeg's published Hallucination Research is available as a free reference check that Risk teams can use before relying on any AI-assisted answer in areas covered by MAS Notice 637 and other Singapore prudential regulations. The research documents, at the question level, where AI tools have been observed to produce incorrect or unverifiable responses — giving your team a concrete, up-to-date picture of the failure points most likely to surface in a capital adequacy or prudential valuation context. Using the research as a pre-verification step takes minutes and can prevent an error from propagating through multiple downstream documents.
For firms that want a more structured view of their exposure, RegLeg offers bespoke regulatory deep-dives mapping which AI-supported workflows within a Retail Banking Risk function carry the highest hallucination risk across Singapore's prudential framework. These engagements are designed around the specific workflow patterns of the Risk team — capital model documentation, ICAAP preparation, regulatory reporting, policy maintenance — rather than a generic AI risk assessment. The output is a prioritised exposure map the team can act on directly, with specific rule areas flagged for enhanced verification protocols.
RegLeg also provides confidential review of a firm's existing AI-use policy against our failure-mode catalogue, with prioritised recommendations for remediation. For Risk teams building or updating internal guidance on AI use, we can supply CPD-aligned training content that translates the research findings into practical decision rules for analysts and managers. Our aim throughout is to work alongside your team, not to prescribe: the firms best positioned to manage AI hallucination risk in regulated workflows are those that understand the failure modes specifically, not those that apply blanket prohibitions.