AI Hallucination ResearchFindings by audienceSectorsInternational / MultilateralCorporate BankingComplianceDetail › Finding
Corporate Banking × Compliance — International / Multilateral · Last updated 11 Jun 2026 · Hallucination Register
Share / Print X LinkedIn Email

Finding#1 . NIST Cybersecurity Framework cross-reference asserted without verification

RLB Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q008
AI's failure:Inference Drift Risk for Corporate Banking × Compliance:Wrong deliverable on cybersecurity framework alignment
What the RLB Specialist Panel found

Finding#1 . NIST Cybersecurity Framework cross-reference asserted without verification

  • Citation ID: RLB-H-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q008-Opus47
  • AI's failure: AI inferred a framework cross-reference the 2016 guidance does not make
  • Risk for the Compliance team: Regulatory enforcement / supervisory engagement exposure For Compliance teams at Corporate Banking firms, an asserted NIST CSF alignment of the 2016 guidance lands inside the programme-foundation evidence package as a regulator-grounded reference. The 2016 guidance does not contain the citation the model asserts. A deliverable that records the asserted alignment as the framework anchor for cyber controls or compliance attestation misstates the regulatory foundation of the programme and creates regulatory enforcement exposure on subsequent supervisory or internal review.
  • see this finding ->
Impact for Compliance Teams in Corporate Banking Sector in international jurisdictions working with the Guidance on Cyber Resilience for Financial Market Infrastructures (CPMI-IOSCO 2016)

For Compliance teams at Corporate Banking firms, an asserted NIST CSF alignment of the 2016 guidance lands inside the programme-foundation evidence package as a regulator-grounded reference. The 2016 guidance does not contain the citation the model asserts. A deliverable that records the asserted alignment as the framework anchor for cyber controls or compliance attestation misstates the regulatory foundation of the programme and creates regulatory enforcement exposure on subsequent supervisory or internal review.

References — raw findings (per AI model)
This finding also affects
Next finding → Finding#2 . NIST Cybersecurity Framework citation asserted as explicit
Cite this finding

Each finding has a stable Citation ID (RLB-F-… for aggregated case-study findings, RLB-H-… for raw per-model hallucinations) — like a DOI, the ID always resolves to the canonical finding even if URLs change.

RLB Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q008
Plain text Download 
RegLeg Specialist Panel (2026). "Finding#1 . NIST Cybersecurity Framework cross-reference asserted without verification — Corporate Banking × Compliance — International / Multilateral." Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q008. RegLegBrief AI Hallucination Research, published 2026-06-11. https://reglegbrief.com/regulators/j1/int/bis-cpmi/cpmi-iosco-cyber-resilience-fmi-2016/sectors/corporate_banking/compliance/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-008/
APA 7th edition Download 
RegLeg Specialist Panel. (2026). Finding#1 . NIST Cybersecurity Framework cross-reference asserted without verification [Hallucination finding RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q008]. RegLegBrief AI Hallucination Research. https://reglegbrief.com/regulators/j1/int/bis-cpmi/cpmi-iosco-cyber-resilience-fmi-2016/sectors/corporate_banking/compliance/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-008/
Bluebook / OSCOLA (US + UK legal) Download 
RegLeg Specialist Panel, Finding#1 . NIST Cybersecurity Framework cross-reference asserted without verification [RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q008], RegLegBrief AI Hallucination Research (June 11, 2026), https://reglegbrief.com/regulators/j1/int/bis-cpmi/cpmi-iosco-cyber-resilience-fmi-2016/sectors/corporate_banking/compliance/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-008/.
BibTeX Download 
@misc{reglegbrief_RLB_F_INT_BIS_CPMI_IOSCO_CYBER_RESILIENCE_FMI_2016_Q008,
  author    = {RegLeg Specialist Panel},
  title     = {Finding#1 . NIST Cybersecurity Framework cross-reference asserted without verification},
  year      = {2026},
  publisher = {RegLegBrief AI Hallucination Research},
  note      = {Hallucination finding Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q008},
  url       = {https://reglegbrief.com/regulators/j1/int/bis-cpmi/cpmi-iosco-cyber-resilience-fmi-2016/sectors/corporate_banking/compliance/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-008/}
}
← Back to case study summary Case study detail →
About Citation IDs →

Every finding on this page compares an AI subject's account of the rule against the regulator's verbatim text from the regulator's own portal. Both are linked. Each delta, its root causes, and impact analysis are documented and published with immutable Citation IDs.