This is the consolidated view of findings. Click the Citation IDs or 'see details →' on any item for the full details for each finding.
A Compliance analyst at a Software & SaaS firm asking AI tools to identify which CPMI API harmonisation recommendations their firm must implement — versus those falling on correspondent banks, payment system operators, or standards bodies — received a fabricated category-level stakeholder map presented as a bounded, careful response. The AI correctly declined to produce a per-recommendation breakdown but then committed to specific stakeholder assignments at a grouping level that no accessible source supports, meaning the hedge was cosmetic rather than substantive.
If that map is used to scope an obligations register or a banking-partner due diligence questionnaire, the error embeds at the foundation of the compliance programme — misallocating regulatory responsibility between the firm and its counterparties in ways that may only surface in internal audit or a regulator-facing review. Given the CPMI's global jurisdiction and the active national-level cascade of these recommendations across multiple markets, a firm operating internationally risks propagating the same scoping error across every jurisdiction simultaneously.