Executive Summary
The CPMI-IOSCO Guidance on Cyber Resilience for Financial Market Infrastructures (2016) is the primary international benchmark for cyber resilience expectations at payment systems, central counterparties, and other financial market infrastructure. Risk teams at Payment Institutions firms operating across international jurisdictions routinely reference it when mapping cyber risk frameworks, aligning with supervisory expectations, or assessing vendor obligations. Across four aggregated questions put to AI tools on this regulation, AI assistants produced incorrect answers every time.
The failures split into two distinct patterns: AI tools invented false certainty about how this regulation's definitions align with later international standards, and AI tools presented the regulation as current and unchanged when CPMI-IOSCO had in fact placed it under active revision weeks before the assessment. For a Risk function whose outputs feed compliance decisions and regulatory engagement, both failure types carry direct institutional consequences.
How AI gets this regulation wrong
AI tools tested against this regulation failed in two consistent ways: by asserting confident but unsupported claims about how the guidance's definitions relate to later international standards, and by presenting the regulatory status of the guidance as settled when it is actively under revision. The table below breaks down where each type of error appeared and how many AI tools produced it.
| AI's Failure Mode | Count | Affected findings |
|---|---|---|
| Exposed Fabrication | 1 | Finding#1 |
| Outdated | 1 | Finding#2 |
What that means for your team
The errors AI tools produce on this regulation translate into two categories of practical harm for a Risk team at a Payment Institutions firm: risks to the quality of internal deliverables built on false definitional assumptions, and risks of regulatory enforcement exposure from treating a document under active revision as the current operative standard. The table below maps each finding to its risk impact category.
| Risk Impact | Count | Affected findings |
|---|---|---|
| Regulatory enforcement | 1 | Finding#2 |
| Wrong deliverable | 1 | Finding#1 |
When this affects your department
Risk teams at Payment Institutions firms frequently consult AI tools when drafting or updating their cyber resilience frameworks, particularly when aligning internal policy language with international standards. The 2016 CPMI-IOSCO Cyber Resilience Guidance is a natural reference point: it defines the resilience baseline expected of financial market infrastructure operators and is cross-referenced by national supervisors across APAC, EMEA, and the Americas. AI tools are commonly used to accelerate the comparison of internal policy definitions against international standards, or to confirm whether a regulatory document has been updated before a review cycle begins.
When a Risk team uses AI to check how the guidance's core terminology aligns with later international standards — such as the FSB Cyber Lexicon — the team may be building a policy document, producing a gap analysis, or briefing senior management. If the AI incorrectly characterises the relationship between the 2016 guidance and the FSB Lexicon (presenting uncertain alignment as confirmed consistency), that error travels directly into the deliverable.
An internal policy or gap analysis that misrepresents definitional alignment may pass multiple review cycles before an external auditor or regulator identifies the inconsistency — by which point the error may have propagated into subsidiary documents, training materials, or supervisory submissions.
The currency question is equally material for a Risk function. If a Risk team asks whether the 2016 guidance is still operative and receives a confident affirmative, the team may proceed with a regulatory mapping exercise, a supervisory submission, or a vendor assessment against an outdated or soon-to-be-superseded baseline.
CPMI-IOSCO published a consultative revision document in May 2026; a firm that has not engaged with that consultation — because its Risk function was not alerted to the revision — may face regulatory questions about why it failed to track a material development in the international standards it is expected to follow.
The findings at a glance
The table below summarises all findings from this regulation affecting Risk teams at Payment Institutions firms in international jurisdictions, including the question area, the AI's failure mode, and the risk impact category.
| # | Finding title | Type | Citation ID |
|---|---|---|---|
| 1 | Cyber resilience definition alignment with FSB Lexicon | Hallucination | RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q020 |
| 2 | 2016 guidance currency and active revision status | Hallucination | RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q022 |
Aggregate impact
Both failure modes appearing in this regulation's findings share a structural characteristic: AI tools presented uncertain or outdated information as established fact, without flagging the underlying uncertainty or recency risk. On definitional questions, the uncertainty is inherent — the 2016 guidance predates the FSB Cyber Lexicon by two years, and the relationship between the two documents' terminology has not been formally confirmed as consistent.
On the currency question, the uncertainty arose from a training data cutoff: CPMI-IOSCO's consultative revision was published in May 2026, and AI tools without access to that development continued to describe the 2016 guidance as the definitive, unrevised international standard.
For a Risk team at a Payment Institutions firm, these two failure modes cluster on exactly the questions the team is most likely to ask before beginning substantive regulatory work: what does the standard say, and is the standard still current. The errors are not obscure edge cases — they arise on the foundational queries a Risk function poses at the outset of a framework review, a regulatory mapping exercise, or a supervisory engagement. A team that receives confident but incorrect answers at that initial stage may not re-examine its premises until a later review surfaces the discrepancy.
The systemic exposure for the firm is meaningful across both failure types. Regulatory frameworks built on unverified definitional premises require remediation when identified — a process that grows more disruptive the further downstream the error has propagated through internal documents, training materials, and supervisory submissions. And a firm that misses an active international consultation because its Risk team was told the standard had not changed faces a separate credibility problem: it must explain to its supervisor why it did not track a publicly available development in a regulatory framework directly applicable to its operations.
What your team should do
The default position for a Risk team at a Payment Institutions firm should be to treat AI output on this regulation as a starting point for verification, not a source of record. On any question that asks how this regulation's text relates to another document — whether that is the FSB Cyber Lexicon, NIST frameworks, or national supervisor guidance — the team should consult both source documents directly before embedding any relational claim in an internal deliverable.
The BIS publishes the CPMI-IOSCO guidance and associated materials at bis.org; both the 2016 document and any consultative revisions are publicly accessible without restriction.
On the currency question specifically, the team should make direct checks against the BIS website's CPMI publications page before beginning any regulatory mapping or supervisory engagement work premised on the 2016 guidance. As of May 2026, CPMI-IOSCO has published a consultative document for updated guidance; a Risk function that does not track this development may be working from an outdated baseline.
Setting a periodic calendar reminder to check for CPMI or IOSCO publications on cyber resilience — rather than relying on AI to flag updates — is a low-cost safeguard against this category of error, and is consistent with the standard of regulatory horizon-scanning expected of a Risk function at an internationally active firm.
AI tools are useful for initial orientation on this regulation: summarising the guidance's structure, identifying the key resilience components (governance, identification, protection, detection, response and recovery), and generating a first-pass comparison of how an internal framework maps against those components. Where AI is not safe is in assertions about definitional precision or regulatory currency — both of which require direct source verification. The team should be particularly cautious when an AI answer is unusually confident and contains no hedging language about uncertainty or document recency; this regulation's findings illustrate exactly that pattern.
How RLB Can Help
RegLeg's published Hallucination Research gives Risk teams at Payment Institutions a ready-made pre-flight check before relying on AI-assisted output for regulatory questions. Each research entry documents, by regulation, the specific failure modes AI tools have exhibited — misquoted thresholds, fabricated cross-references, outdated prudential ratios — so your team can calibrate how much independent verification a given AI output warrants before it informs a risk decision, a capital model assumption, or a supervisory submission.
For firms that want analysis tailored to their own operating model, RegLeg offers bespoke regulator deep-dives that map which AI-supported workflows in a Payment Institution's Risk function carry the highest hallucination exposure. Licensing and own-funds calculations, transaction monitoring rule interpretation, incident reporting timelines, and cross-border passporting conditions each attract distinct failure patterns. A deep-dive produces a prioritised exposure map your team can use to set internal thresholds, review protocols, and escalation triggers — grounded in the same research base as the public site but scoped to your specific regulatory footprint.
RegLeg also offers a confidential review of a firm's existing AI-use policy, benchmarked against the failure-mode catalogue documented in the research programme and assessed against current supervisory expectations on model risk governance. The output is a prioritised remediation list rather than a gap report, with practical steps your team can action. Alongside this, RegLeg can supply training material and CPD-aligned content — covering hallucination mechanics, verification techniques, and risk-function-specific case examples — that equips practitioners to apply sound AI hygiene in their day-to-day work without requiring external support for every query.