AI Hallucination ResearchAudiencesSectorsInternational / MultilateralInvestment BankingRisk › Implementation Monitoring of the PFMI: Level 3 Assessment on General Business Risks
Investment Banking × Risk — International / Multilateral · updated 2026-06-11 · methodology v2.3
Share / Print Twitter LinkedIn Email

AI Hallucination on Implementation Monitoring of the PFMI: Level 3 Assessment on General Business Risks for Risk teams at Investment Banking firms in international jurisdictions

📰 Read the public briefing for this regulation →
Investment Banking Risk teams: documentation and reporting gaps possible from AI reading of PFMI Level 3 General Business Risk (2025)

Risk teams at investment banks with significant FMI counterparty exposures are increasingly using AI to draft FMI counterparty risk scoring memos, validate LNAFE sufficiency reads for the credit committee, generate scenario-analysis commentary on FMI buffer adequacy, and prepare cross-counterparty benchmarking decks on the November 2025 CPMI-IOSCO Level 3 cycle. The November 2025 CPMI-IOSCO Level 3 assessment of general business risk, recorded under PFMI Principle 15, is the supervisory exercise most directly bearing on this practice area in the current cycle.

As AI tooling enters the drafting layer, the question is no longer whether AI-assisted work product reaches client-facing deliverables; it is whether the work product reaches them with the regulator-text fidelity that IB Risk teams need.

The RLB Specialist Panel tested two frontier AI models on a question set covering the LNAFE quantitative floor, the Basel/CRD equity carve-out condition, and the November 2025 assessment lifecycle. The Panel records 2 findings on this audience-specific cell. The failure pattern in scope: Quantitative-floor inflation into a fabricated composite minimum; Outright denial of a carve-out the rule records explicitly. Questions are prepared by the RLB Specialist Panel based on real practical AI usage in the workflows the respective audience uses AI for. The Panel binds each AI finding to verbatim regulator-issued source text held as primary substrate.

For IB Risk teams the operational consequence is direct. A counterparty risk scoring memo that frames KC3 as a "greater of" composite minimum or that excludes Basel CET1 on a fabricated liquidity test miscalibrates the counterparty's regulatory baseline and drives risk decisions on a wrong floor.

PFMI Principle 15 is one of the cleanest primary-source surfaces in the cross-border CCP and CSD universe: a Key Consideration cited in a deliverable is either the right KC or it is not; a quantitative floor is either the regulator's text or it is not; an assessment-period date range is either accurate or it is not. Each is recoverable on a routine line-by-line read.

The audit's 2 findings for this cell carry immutable RLB Citation IDs and are bound to verbatim regulator-issued source text held by the RLB Specialist Panel: RLB-H-INT-BIS-CPMI-IOSCO-PFMI-L3-GENERAL-BUSINESS-RISK-2025-Q003-Opus47, RLB-H-INT-BIS-CPMI-IOSCO-PFMI-L3-GENERAL-BUSINESS-RISK-2025-Q002-Sonnet46. The full audit on the November 2025 CPMI-IOSCO Level 3 assessment is published at the PFMI Level 3 General Business Risk hub on RegLegBrief.com.

Executive Summary

Risk teams at international investment banking firms seeking AI assistance on the CPMI-IOSCO PFMI Level 3 General Business Risk assessment encountered material errors on Principle 15's liquid net assets funded by equity (LNAFE) framework, the area the November 2025 assessment identified as a key compliance gap across assessed FMIs. Across two aggregated question sets, AI tools produced confident but incorrect answers on both the composition of the KC3 six-month floor and the treatment of Basel/CRD prudential capital within the LNAFE calculation.

In both cases the AI self-corrected only under direct challenge, meaning a team that did not probe would have built its analysis on wrong foundations. The failure pattern is consistent: the AI conflated distinct key considerations within Principle 15, either merging KC3 and KC4 requirements into a single miscalibrated formula, or affirmatively denying the Basel capital inclusion carve-out that KC3 explicitly permits.

How AI gets this regulation wrong

Every failure in this cell follows the same pattern: the AI delivered an answer with apparent authority, the answer was wrong, and the error only surfaced when the AI was directly challenged, at which point it retracted. The dominant mode is confident misattribution within Principle 15's key consideration structure: requirements that belong to separate KCs get merged, or a carve-out explicitly stated in the regulatory text gets flipped into its opposite. These are not edge-case ambiguities; they are errors on the core quantitative mechanics that any regulatory submission or internal capital adequacy memo would depend on.

AI's Failure ModeCountAffected findings
Exposed Fabrication2Finding#1 · Finding#2

What that means for your team

Both findings in this cell map to regulatory enforcement exposure, the category with the most direct consequence for an investment banking firm that clears or has material exposure to CCPs subject to PFMI Principle 15 oversight. The errors here are not interpretive grey zones: they touch the minimum capital floor calculation and the permissibility of Basel capital double-counting, where a wrong position in a regulatory filing or internal policy memo produces a provably incorrect document. The risk impact table below maps each finding to the workflow step and enforcement vector most relevant to a Risk team operating across international jurisdictions.

Risk ImpactCountAffected findings
Regulatory enforcement2Finding#1 · Finding#2

When this affects your department

Risk teams at international investment banking firms engage with PFMI Principle 15 in several recurring contexts: counterparty due diligence on CCP financial resilience, internal stress-testing frameworks that model CCP default or wind-down scenarios, regulatory capital calculations where the firm's clearing exposure depends on whether a CCP qualifies as a qualifying CCP (QCCP), and advisory work supporting business lines considering new cleared products or clearing member relationships. In all of these, the LNAFE framework, what counts, how the floor is calculated, how it interacts with Basel/CRD capital, is a foundational input.

The November 2025 CPMI-IOSCO Level 3 assessment made Principle 15 compliance a live supervisory issue rather than a theoretical standard, meaning regulators in multiple jurisdictions are now asking CCPs to demonstrate compliance and asking clearing members to evidence their assessment of that compliance.

Where AI tools get used in this workflow, the failure points are specific. A junior risk analyst drafting a CCP counterparty assessment memo, a policy writer updating internal QCCP eligibility criteria, or a capital team modelling the regulatory capital treatment of a clearing exposure may each reach for an AI assistant to quickly retrieve the LNAFE minimum and its components. If the AI merges the KC3 and KC4 requirements into a single composite formula, attributing the wind-down funding requirement to the six-month floor, the firm's assessment of what a CCP is required to hold is wrong from the ground up.

That error propagates into counterparty scorecards, QCCP eligibility determinations, and regulatory submissions without a natural correction point, because the AI's confidence suppresses the instinct to verify.

The Basel/CRD capital carve-out error is equally consequential. Investment banks themselves hold Basel-mandated capital, and their CCPs may do the same. If an AI tool affirmatively tells a Risk analyst that Basel capital cannot be counted toward LNAFE and must be held entirely on top, the team may incorrectly conclude that a CCP is under-capitalised relative to Principle 15, or may misprice the capital cost implications of a CCP relationship in a business case.

In a jurisdiction where the firm is subject to CPMI-IOSCO or equivalent local implementation, a regulatory submission or board-level capital adequacy paper that embeds this error is a direct enforcement exposure.

The findings at a glance

The two findings below cover the core LNAFE mechanics under Principle 15, the minimum floor calculation and the Basel capital inclusion rule, and in both cases the AI's initial answer was wrong and only corrected under direct challenge.

#Finding titleTypeCitation ID
1Basel capital carve-out inverted in LNAFE calculationHallucinationRLB-F-INT-BIS-CPMI-IOSCO-PFMI-L3-GENERAL-BUSINESS-RISK-2025-Q002
2KC3 and KC4 requirements merged into wrong minimum floor formulaHallucinationRLB-F-INT-BIS-CPMI-IOSCO-PFMI-L3-GENERAL-BUSINESS-RISK-2025-Q003

Aggregate impact

Both findings cluster on Principle 15's LNAFE framework, and the pattern they share is structurally significant: in neither case did the AI flag uncertainty or caveat its answer. It answered with the confidence appropriate to a well-established rule, and the answer was wrong. The retraction came only under explicit challenge. For a Risk function operating at scale, where analysts are under time pressure and a confident AI response is treated as a starting point for drafting rather than a hypothesis to verify, this is the highest-risk failure mode.

The error is invisible until someone who already knows the correct answer reads the output.

The two findings are distinct in mechanism but identical in consequence. Finding 1 involves a factual inversion: the AI denied a carve-out that the regulatory text explicitly grants, converting a permissive rule into a prohibitive one. Finding 2 involves structural conflation: the AI merged requirements from two separate key considerations into a single miscalibrated formula, producing a quantitative floor that is wrong in both its inputs and its attribution. Together they cover the two most operationally consequential questions a Risk team asks about Principle 15, what the minimum capital floor is, and what counts toward it.

An internal capital adequacy assessment that relies on AI-generated answers to either question is built on incorrect foundations.

The systemic risk to an international investment banking firm is amplified by the November 2025 CPMI-IOSCO assessment context. With Principle 15 now under active supervisory scrutiny, CCPs will be producing compliance documentation that clearing members are expected to assess. If a Risk team's evaluation framework embeds wrong assumptions about what LNAFE requires, the firm cannot reliably assess whether its CCP counterparties are compliant, cannot correctly model the capital implications of non-compliant CCP exposures, and cannot defend its own QCCP eligibility determinations to a regulator that is now actively probing this area.

What your team should do

The default position for any work touching Principle 15's LNAFE mechanics should be primary source first. The PFMI Principles for Financial Market Infrastructures and the associated key considerations are publicly available from BIS, and the November 2025 Level 3 assessment report is a specific, bounded document. For a question as operationally significant as the minimum capital floor formula or the Basel capital inclusion rule, the cost of pulling the source text is trivially low relative to the cost of an incorrect regulatory submission or a flawed CCP counterparty assessment.

AI tools are not a reliable shortcut here: as the findings show, they produce authoritative-sounding answers that are factually wrong on the precise mechanics that matter.

Where AI tools remain useful in this workflow is in tasks that do not depend on precise rule retrieval. Drafting the narrative structure of a CCP due diligence template, summarising the general landscape of PFMI implementation monitoring, producing a first-pass comparison of how different jurisdictions have transposed PFMI obligations into local regulation, these are tasks where the AI adds drafting efficiency without the firm's position depending on the accuracy of a specific quantitative rule.

The AI is also useful for stress-testing the logic of an argument once the underlying facts have been verified from primary sources: "does this conclusion follow from these premises" is a different and lower-risk task than "tell me what the rule says."

For Principle 15 specifically, the team should build a small internal reference document capturing the KC3 six-month floor, the KC4 wind-down plan funding requirement, the Basel capital inclusion carve-out, and the November 2025 assessment findings on FMI compliance gaps, sourced directly from the BIS publications. This becomes the mandatory cross-check before any LNAFE-related content is finalised, whether the drafting was AI-assisted or not.

Given that the AI errors in this cell were only exposed under direct challenge, the verification step cannot be delegated to the analyst who ran the AI query: it requires someone who already knows the correct answer to review the output before it moves downstream.

How RLB Can Help

RegLeg's published Hallucination Research gives your team a concrete pre-flight reference before placing weight on AI output for regulatory questions. If your desk is using AI tools to interpret capital requirements, margin rules, or cross-border reporting obligations, particularly across multi-jurisdictional frameworks where text is dense and footnote-driven, the research tells you, at the finding level, exactly where those tools have already failed on the same material. That is a faster and more defensible starting point than internal red-teaming from scratch.

Beyond the public findings, we run regulator deep-dives scoped specifically to Investment Banking risk workflows: counterparty credit exposure calculations, SA-CCR / IMM model governance documentation, large-exposure limit interpretation, and derivatives reporting across EMIR, CFTC, and MAS-equivalent regimes. The output is a mapped exposure register, which AI-supported steps in your risk workflow carry material hallucination risk, ranked by consequence if the error reaches a regulatory submission or an internal limit breach. We prioritise by the workflows your team actually runs, not a generic taxonomy.

For firms that already have AI-use policies in place, we will review the policy against our full failure-mode catalogue and return a prioritised remediation list, gaps in the policy's scope, failure categories it does not address, and where current controls would not catch the class of error we have documented. We also produce CPD-aligned training material your team can run internally: scenario-based, grounded in real documented failures, and calibrated for Risk professionals who do not need the basics explained to them.

← Back to regulation page to see other sector × department combinations impacted by AI Hallucinations in this same regulation ← Back to Investment Banking × Risk (International / Multilateral) directory to see other regulation specific AI Hallucination impacts for your sector × department
← Back to Summary

Every finding on this page compares an AI subject's account of the rule against the regulator's verbatim text from the regulator's own portal. Both are linked. Each delta, its root causes, and impact analysis are documented and published with immutable Citation IDs.