<- Take me back to my Operations teams at Payment Institutions (International) overview
Executive Summary
Operations teams at Payment Institutions are increasingly using AI to operationalise the October 2024 CPMI final report on FPS interlinking governance, recorded as publication d223. Two frontier AI models tested by the RLB Specialist Panel produced confident, citable answers on the count and scope of the report's oversight recommendations, the named list of public consultation respondents, and the distinction between the interim d219 and the final d223 that the regulator's own primary text directly contradicts.
This cell collects the relevant hallucination findings on the October 2024 CPMI final report, organised for operations teams at payment institutions working on FPS interlinking matters. Across the relevant findings the AI subjects produced confident, citable answers on questions ranging from the count of oversight recommendations to the named list of Annex 1 consultation respondents. Every finding in this cell is bound to verbatim regulator-issued source text held as primary substrate by the RLB Specialist Panel.
How AI gets this regulation wrong
The findings in this cell cluster around two failure shapes that recur across the October 2024 CPMI final report on FPS interlinking governance: inference drift on counts and named-entity lists (oversight recommendations, consultation respondents), and misstated rules on the scoping language that places certain cross-border payment models inside or outside the report's recommendation set. In each case the AI subject committed to a specific, citable, verbatim-looking answer where the regulator's own primary text in d223 records a different position.
| AI's Failure Mode | Count | Affected findings |
|---|---|---|
| Ai Committed To Approximately 10 Oversight Recommendations Where The Final Repor | 1 | Finding#1 |
| Ai Invented The Consultation Respondent Set Reporting 15 20 Named Respondents Wh | 1 | Finding#2 |
| Ai Committed To Approximately 10 Oversight Recommendations And Conflated D219 S | 1 | Finding#3 |
What that means for your practice
Operations teams at Payment Institutions commonly use AI to: operating manuals for FPS interlinking arrangements, service-level agreement drafting against the d223 recommendation set, incident-management playbooks for interlinking links, and consultation-engagement briefings on the d223 outcome.
The risk concentrations across the 3 findings in this cell are summarised in the table below. Each entry maps the failure shape to its practical implications for Operations teams at Payment Institutions working on CPMI FPS interlinking governance matters.
| Risk Impact | Count | Affected findings |
|---|---|---|
| Operational decision-support exposure on board briefings and oversight roadmaps anchored on a fabricated recommendation count | 1 | Finding#1 |
| Operational decision-support exposure on stakeholder-engagement exhibits and analyst reports that import the AI's invented respondent set | 1 | Finding#2 |
| Operational decision-support exposure on oversight policy notes and supervisory roadmaps anchored on the wrong recommendation count and instrument status | 1 | Finding#3 |
When this affects Operations teams at Payment Institutions
Operations teams at Payment Institutions encounter the October 2024 CPMI final report when operationalise board-level briefings, drafting oversight policy notes, preparing legal or operational opinions on cross-border interlinking arrangements, and producing stakeholder-engagement materials on the d223 outcome.
The specific findings in this cell map onto the most common questions Operations teams at Payment Institutions put to an AI tool on the October 2024 CPMI final report. First, what the count and scope of the report's oversight recommendations are. Second, which cross-border payment models the report's recommendations actually cover. Third, who the report's consultation respondents were. The AI subjects in this audit produced verbatim-looking answers on each that the regulator's own primary text in d223 directly contradicts.
The findings at a glance
The table below lists each finding from the AI testing on the CPMI October 2024 final report in this cell, showing the question area, the failure mode, and the immutable citation identifier for the underlying finding record.
Aggregate impact
The 3 findings in this cell, taken together, describe a specific pattern that Operations teams at Payment Institutions should expect to encounter when AI tools are used on the October 2024 CPMI final report. The AI subjects in this audit committed, with no hedging, to verbatim-looking answers on counts (oversight recommendations), named-entity lists (consultation respondents), and scope questions (which cross-border payment models the recommendations cover). In each case the AI subject had access to the regulator's source text at query time, and in each case the AI's output diverged from the source text on a specific, testable fact.
The pattern across the 3 findings points to a generation behaviour that Operations teams at Payment Institutions should treat as a near-certain failure mode in this practice area. When the question asks for a count of recommendations, a named list of consultation respondents, or a scoping statement on which payment models the report's recommendations cover, the AI subjects produced a coherent, structurally plausible answer with the wrong number, with fabricated respondent names, or with the wrong scoping treatment.
None of the AI outputs in this cell flagged uncertainty, recommended source verification, or declined to commit; each output reads as if the AI had directly retrieved the regulator's text.
For practising teams, the implication is that AI-assisted research on the CPMI October 2024 final report on FPS interlinking governance cannot be relied on for: the count of the oversight recommendations; the named list of consultation respondents; the scoping statement on the single access point and common platform models; or the distinction between the interim d219's ten considerations and the final d223's seven recommendations. Each of these is a question type the AI handles in a confident, fluent register, and each is a question type where the AI in this audit was wrong in ways the regulator's own text resolves.
Findings overview
What the AI got wrong
Finding 1: Misstated count of CPMI oversight recommendations in the October 2024 final report
Citation ID: RLB-H-INT-BIS-CPMI-CPMI-FPS-INTERLINKING-GOVERNANCE-2024-Q001-Opus47
For Payment Institution operations leads supporting FPS interlinking arrangements, the AI's commitment to approximately ten oversight recommendations rather than the seven set out in CPMI d223 Section 5.2 lands directly in operational-readiness assessments, hub-entity onboarding due-diligence packs, runbooks and operating procedures for interlinking participation, and the operations team's CPMI-tracking dashboard. The wrong number anchors the team's planning on a fabricated compliance surface, drives over-implementation work against considerations carried over from the interim d219, and creates downstream inconsistencies between the team's d223 position and the recommendation set the regulator actually issued.
The risk concentrates in operational-readiness assessments, supplier-and-counterparty due diligence, and runbooks for cross-border interlinking participation, where the count is a verifiable fact that supervisors, counterparties, and internal QC reviewers will check against the source.
AI's failure mode: AI committed to approximately 10 oversight recommendations where the final report sets out 7.
See the full per-finding analysis →
Finding 2: Public consultation respondent list inflated and partly fabricated
Citation ID: RLB-H-INT-BIS-CPMI-CPMI-FPS-INTERLINKING-GOVERNANCE-2024-Q005-Opus47
For Payment Institution operations leads supporting FPS interlinking arrangements, the AI's inflated and partly fabricated consultation-respondent list lands in operational-readiness assessments, hub-entity onboarding due-diligence packs, runbooks and operating procedures for interlinking participation, and the operations team's CPMI-tracking dashboard as a named-entity attribution. CPMI d223 Annex 1 records seven specific respondents to the public consultation; the AI's answer names fifteen to twenty organisations and attributes positions and counts to stakeholders the regulator's record does not list.
The risk concentrates in operational-readiness assessments, supplier-and-counterparty due diligence, and runbooks for cross-border interlinking participation, where named organisations carry reputational weight and the inflated list, if circulated externally, attributes views to parties that did not in fact engage in the consultation.
AI's failure mode: AI invented the consultation respondent set, reporting 15-20 named respondents where the regulator records 7.
See the full per-finding analysis →
Finding 3: Conflated interim d219 considerations with final d223 recommendations
Citation ID: RLB-H-INT-BIS-CPMI-CPMI-FPS-INTERLINKING-GOVERNANCE-2024-Q006-Opus47
For Payment Institution operations leads supporting FPS interlinking arrangements, the AI's commitment to approximately ten oversight recommendations rather than the seven set out in CPMI d223 Section 5.2 lands directly in operational-readiness assessments, hub-entity onboarding due-diligence packs, runbooks and operating procedures for interlinking participation, and the operations team's CPMI-tracking dashboard. The wrong number anchors the team's planning on a fabricated compliance surface, drives over-implementation work against considerations carried over from the interim d219, and creates downstream inconsistencies between the team's d223 position and the recommendation set the regulator actually issued.
The risk concentrates in operational-readiness assessments, supplier-and-counterparty due diligence, and runbooks for cross-border interlinking participation, where the count is a verifiable fact that supervisors, counterparties, and internal QC reviewers will check against the source.
AI's failure mode: AI committed to approximately 10 oversight recommendations and conflated d219's 10 considerations with d223's 7 recommendations.
See the full per-finding analysis →
AI's failure mode
Risk impact
What your team should do
Operations teams at Payment Institutions working on the CPMI October 2024 final report on FPS interlinking governance should treat AI tools as a research-prompt generator and outline-drafter, with a mandatory verification step against the d223 published text, the interim d219, and the BIS portal record before AI output enters a memo, board note, opinion, or external deliverable. The findings in this cell concentrate on the question types most exposed in this practice: count of recommendations, named list of respondents, and scope statements on which payment models the recommendations cover.
Practical safeguards: every recommendation count cited in a deliverable must be matched against d223 Section 5.2 directly: every named consultation respondent must be matched against d223 Annex 1: every scope statement on the single access point or common platform model must be matched against d223 Section 2.2 and the Graph 2 caption: every reference to the interim d219's ten considerations must be matched against the d219 executive summary directly, and must be kept distinct from d223's seven recommendations.
Where the AI tool quotes any of these elements as a verbatim-looking figure, name, or rule, the source document is the only reliable input.
Where AI tools are most safely used in this practice area: framing the structure of a memo on the d223 recommendations, identifying which sections of d223 and which adjacent CPMI instruments (such as the d224 API harmonisation companion) are likely relevant, drafting first-pass client-facing summaries for review against the source text, and surfacing cross-references between d223 and adjacent CPMI work. The risk concentrates in the next step, where the AI is asked to specify the actual count, the actual respondent list, or the actual scoping treatment. At that point the d223 source document is the only reliable input.
How RLB Can Help
RegLeg's published Hallucination Research is available as a free pre-flight check for Operations teams at Payment Institutions working across cross-border fast-payment, FPS interlinking, and CPMI oversight matters. Before relying on AI-assisted output for board briefings, regulatory interpretation, compliance documentation, or oversight roadmap work on the October 2024 CPMI final report, practitioners can consult the research to identify where AI tools have demonstrably misstated the rules: invented recommendation counts, fabricated consultation-respondent lists, and scoping treatments that pull out-of-scope payment models inside the recommendation set.
The research surfaces the exact questions where AI tools have failed, making it a practical reference rather than a general caution.
For firms where multiple teams are working the same regulatory portfolio, RegLeg offers bespoke deep-dives into individual CPMI instruments and related cross-border payment guidance. These engagements go beyond the published findings to examine the full pattern of AI failure modes relevant to the instrument: the question types, the failure mechanisms, and the risk implications for legal, compliance, risk, operations, and oversight-engagement work. The output is designed to be shared across functions and used as a durable reference, reducing duplicated due-diligence effort and creating a consistent internal standard for AI-assisted regulatory work.
RegLeg also develops training and CPD-aligned content for teams working CPMI and cross-border fast-payment matters. The material translates the failure-mode catalogue into practical guidance on the classes of error practitioners should watch for: confabulated regulatory counts, fabricated stakeholder lists, conflation of interim and final instruments, and scoping drift that distorts which payment models the recommendations cover. Separately, RegLeg offers a confidential review of a firm's existing AI-use policy against the failure-mode catalogue, identifying gaps between the policy's assumptions and the documented evidence of how AI tools perform on CPMI matters in practice.