AI Hallucination ResearchFindings by audienceSectorsInternational / MultilateralCorporate BankingComplianceDetail › Finding
Corporate Banking × Compliance — International / Multilateral · Last updated 28 May 2026 · methodology v2.1 · Hallucination Register
Share / Print X LinkedIn Email

Definitional consistency between the 2016 Cyber Guidance and the FSB Cyber Lexicon

RLB Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q020
AI's failure:Inference Drift Risk for Corporate Banking × Compliance:Wrong deliverable on cybersecurity framework alignment
What the RLB Specialist Panel found

1. Definitional consistency between the 2016 Cyber Guidance and the FSB Cyber Lexicon

  • Question (paraphrased to protect IP): How does the CPMI-IOSCO 2016 Cyber Guidance define 'cyber resilience', and is that definition consistent with the FSB Cyber Lexicon published in November 2018?
  • Source regulation: Guidance on Cyber Resilience for Financial Market Infrastructures (CPMI-IOSCO 2016) (Regulator portal: https://www.bis.org)
  • What AI assistants typically say: Multiple AI tools gave similar incorrect responses, asserting that the two definitions are "broadly consistent" or "aligned" — and in some instances claiming the FSB Cyber Lexicon explicitly drew on and refined the CPMI-IOSCO 2016 definition, presenting the relationship between the two documents as an established, harmonised derivation.
  • What the regulator actually says: The FSB Cyber Lexicon was published in November 2018 — two years after the 2016 Cyber Resilience Guidance. Its standardised definitions postdate the 2016 guidance and may not match how the 2016 guidance used those terms in 2016.
  • Why the AI went wrong: AI tools resolved an explicitly uncertain relationship into a confident assertion of consistency, dropping the qualifier that the two documents' definitions may not align. One AI tool went further and fabricated a specific derivation claim — that the FSB Lexicon drew on the CPMI-IOSCO definition — for which no authoritative basis exists.
  • Cited source(s):
Impact for Compliance Teams in Corporate Banking Sector in international jurisdictions working with the Guidance on Cyber Resilience for Financial Market Infrastructures (CPMI-IOSCO 2016)

For Compliance teams at Corporate Banking firms, an asserted consistency between the 2016 guidance and the November 2018 FSB Cyber Lexicon collapses a two-year vocabulary gap into a single asserted alignment. A definitional reference in policy, KRI documentation, or control library tagging that uses the asserted alignment as evidence of vocabulary grounding imports terminology that may not match the 2016 source, and exposes the team on a definition-by-definition test against either document.

References — raw findings (per AI model)
This finding also affects
Next finding → Currency of the CPMI-IOSCO 2016 Cyber Resilience Guidance
Cite this finding

Each finding has a stable Citation ID (RLB-F-… for aggregated case-study findings, RLB-H-… for raw per-model hallucinations) — like a DOI, the ID always resolves to the canonical finding even if URLs change.

RLB Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q020
Plain text Download
RegLeg Specialist Panel (2026). "Definitional consistency between the 2016 Cyber Guidance and the FSB Cyber Lexicon — Corporate Banking × Compliance — International / Multilateral." Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q020. RegLegBrief AI Hallucination Research, published 2026-05-28. https://reglegbrief.com/regulators/j1/int/BIS-CPMI/CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016/sectors/corporate_banking/compliance/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-020/
APA 7th edition Download
RegLeg Specialist Panel. (2026). Definitional consistency between the 2016 Cyber Guidance and the FSB Cyber Lexicon [Hallucination finding RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q020]. RegLegBrief AI Hallucination Research. https://reglegbrief.com/regulators/j1/int/BIS-CPMI/CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016/sectors/corporate_banking/compliance/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-020/
Bluebook / OSCOLA (US + UK legal) Download
RegLeg Specialist Panel, Definitional consistency between the 2016 Cyber Guidance and the FSB Cyber Lexicon [RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q020], RegLegBrief AI Hallucination Research (May 28, 2026), https://reglegbrief.com/regulators/j1/int/BIS-CPMI/CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016/sectors/corporate_banking/compliance/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-020/.
BibTeX Download
@misc{reglegbrief_RLB_F_INT_BIS_CPMI_IOSCO_CYBER_RESILIENCE_FMI_2016_Q020,
  author    = {RegLeg Specialist Panel},
  title     = {Definitional consistency between the 2016 Cyber Guidance and the FSB Cyber Lexicon},
  year      = {2026},
  publisher = {RegLegBrief AI Hallucination Research},
  note      = {Hallucination finding Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q020},
  url       = {https://reglegbrief.com/regulators/j1/int/BIS-CPMI/CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016/sectors/corporate_banking/compliance/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-020/}
}
← Back to case study summary Case study detail →

Every finding on this page compares an AI subject's account of the rule against the regulator's verbatim text from the regulator's own portal. Both are linked. Each delta, its root causes, and impact analysis are documented and published with immutable Citation IDs.