Payment Institutions × Technology Data — International / Multilateral · Last updated 28 May 2026 · methodology v2.1 · Hallucination Register

Origin of the phrase 'secure the periphery, protect the core'

RLB Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q014

AI's failure:Misattributed Risk for Payment Institutions × Technology Data:Wrong deliverable on cybersecurity framework alignment

What the RLB Specialist Panel found

2. Origin of the phrase 'secure the periphery, protect the core'

Question (paraphrased to protect IP): Does the CPMI-IOSCO 2016 Cyber Guidance use the phrase 'secure the periphery, protect the core', and if not, where does the phrase originate?
Source regulation: Guidance on Cyber Resilience for Financial Market Infrastructures (CPMI-IOSCO 2016) (Regulator portal: https://www.bis.org)
What AI assistants typically say: AI assistants correctly note that the phrase does not appear in the 2016 Cyber Resilience Guidance, but then misattribute it to the CPMI's later work on reducing the risk of wholesale payments fraud relating to endpoint security, describing that as the document where the phrase is associated.
What the regulator actually says: The phrase 'secure the periphery and protect the core' originates from a 2018 speech by Benoît Cœuré on the topics of cryptos, cyber, and CCPs, published as BIS review r181115a. It describes the CPMI's strategic approach but does not appear in the 2016 Cyber Resilience Guidance.
Why the AI went wrong: AI tools identified a plausible 2018 CPMI document — the wholesale payments fraud and endpoint security strategy — and attributed the phrase to it, conflating two distinct 2018 CPMI publications with different subject matter and different authors. The actual source is a speech, not a strategy paper.
Cited source(s):

Impact for Technology & Data Teams in Payment Institutions Sector in international jurisdictions working with the Guidance on Cyber Resilience for Financial Market Infrastructures (CPMI-IOSCO 2016)

For Technology & Data teams at Payment Institutions, attributing 'secure the periphery, protect the core' to the 2016 guidance or to a 2018 fraud paper places a regulator strategic frame inside the deliverable with the wrong source attribution. The phrase is from a 2018 speech, not a guidance document. A control narrative, board paper, or training pack that rests on the wrong attribution carries direct review exposure as soon as the citation is tested.

References — raw findings (per AI model)

RLB-H-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q014-Opus47 Claude Opus 4.7 (web search on)
RLB-H-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q014-Sonnet46 Claude Sonnet 4.6 (web search on)

This finding also affects

← Previous finding NIST Cybersecurity Framework citation in the 2016 CPMI-IOSCO guidance Next finding → Operational detail for cyber incident response in the 2016 guidance versus later documents

Cite this finding

Each finding has a stable Citation ID (RLB-F-… for aggregated case-study findings, RLB-H-… for raw per-model hallucinations) — like a DOI, the ID always resolves to the canonical finding even if URLs change.

RLB Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q014

Plain text Download

RegLeg Specialist Panel (2026). "Origin of the phrase 'secure the periphery, protect the core' — Payment Institutions × Technology Data — International / Multilateral." Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q014. RegLegBrief AI Hallucination Research, published 2026-05-28. https://reglegbrief.com/regulators/j1/INT/BIS-CPMI/CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016/sectors/payment_institutions/technology_data/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-014/

APA 7th edition Download

RegLeg Specialist Panel. (2026). Origin of the phrase 'secure the periphery, protect the core' [Hallucination finding RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q014]. RegLegBrief AI Hallucination Research. https://reglegbrief.com/regulators/j1/INT/BIS-CPMI/CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016/sectors/payment_institutions/technology_data/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-014/

Bluebook / OSCOLA (US + UK legal) Download

RegLeg Specialist Panel, Origin of the phrase 'secure the periphery, protect the core' [RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q014], RegLegBrief AI Hallucination Research (May 28, 2026), https://reglegbrief.com/regulators/j1/INT/BIS-CPMI/CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016/sectors/payment_institutions/technology_data/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-014/.

BibTeX Download

@misc{reglegbrief_RLB_F_INT_BIS_CPMI_IOSCO_CYBER_RESILIENCE_FMI_2016_Q014,
  author    = {RegLeg Specialist Panel},
  title     = {Origin of the phrase 'secure the periphery, protect the core'},
  year      = {2026},
  publisher = {RegLegBrief AI Hallucination Research},
  note      = {Hallucination finding Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q014},
  url       = {https://reglegbrief.com/regulators/j1/INT/BIS-CPMI/CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016/sectors/payment_institutions/technology_data/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-014/}
}

← Back to case study summary Case study detail →

About Citation IDs →

Every finding on this page compares an AI subject's account of the rule against the regulator's verbatim text from the regulator's own portal. Both are linked. Each delta, its root causes, and impact analysis are documented and published with immutable Citation IDs.