Executive Summary
Compliance teams at Statutory Boards & Agencies firms operating across international jurisdictions use the OECD's 2025 Merger Review Recommendation to benchmark their competition-law compliance programmes, calibrate internal review timelines, and brief business lines on how cross-border merger scrutiny is evolving. In our testing, AI tools produced an incorrect answer on the one structural reporting question put to them, mischaracterising the Competition Committee's Council-reporting schedule as a single recurring five-year cycle when the Recommendation in fact establishes a two-tier structure: an initial report due within five years of revision, followed by reports at least every ten years thereafter.
The failure mode was particularly sharp: the AI gave a confident, internally coherent answer, and only walked it back when pressed, meaning any Compliance team member who accepted the first response without challenge would have taken a materially wrong picture of the oversight cadence into their deliverable. For a function that feeds regulatory-timeline data into policy gap analyses, board reporting, and regulator engagement strategies, that gap between what the AI asserted and what the text actually says is precisely the kind of error that survives undetected until it matters most.
How AI gets this regulation wrong
The dominant failure pattern on this Recommendation is confident fabrication of procedural structure, AI tools invented a simplified version of the reporting framework that was internally plausible but structurally wrong, then conceded uncertainty only under direct challenge. The table below maps where that pattern appears and how the AI's behaviour shifted between the initial response and follow-up questioning.
| AI's Failure Mode | Count | Affected findings |
|---|---|---|
| Exposed Fabrication | 1 | Finding#1 |
What that means for your team
For Compliance at a Statutory Boards & Agencies firm, the practical risk on this Recommendation concentrates in a single category: producing a wrong deliverable, a policy brief, a regulatory-timeline map, or a board-level compliance status note that carries an incorrect account of the oversight schedule into downstream decisions. The table below sets out where that risk lands in your function's workflow and what the exposure looks like when the error propagates uncorrected.
| Risk Impact | Count | Affected findings |
|---|---|---|
| Wrong deliverable | 1 | Finding#1 |
When this affects your department
Compliance teams at Statutory Boards & Agencies firms consult AI tools on the OECD Merger Review Recommendation most often when they are building or refreshing the regulatory-timeline layer of a competition compliance programme, mapping which international oversight bodies are expected to report, review, or revise their frameworks, and on what cadence. That mapping feeds directly into board and audit-committee reporting on the forward regulatory horizon, internal policy review schedules, and the guidance Compliance gives business development teams assessing cross-border transaction risk.
When the AI's account of a reporting timeline is wrong, the error does not stay in the research note: it migrates into the programme documentation and the briefings that rely on it.
The specific failure here, collapsing a two-tier reporting structure into a single uniform cycle, is the kind of error that creates a plausible but quietly wrong baseline. A Compliance team that believes the OECD's Competition Committee reports to Council on a fixed five-year cycle will align its own review triggers and escalation points to a cadence that does not match the Recommendation.
For a Statutory Boards & Agencies firm with ongoing or anticipated M&A activity across OECD member jurisdictions, that misalignment can surface at precisely the wrong moment: when internal stakeholders ask whether the regulatory framework underpinning a transaction clearance analysis is still current.
The broader reputational and governance risk for the firm is in the audit trail. Compliance functions are expected to demonstrate that their regulatory-horizon mapping is accurate and sourced. When an AI tool produces a confident, well-formatted answer and the team forwards it without independent verification, the error becomes the firm's error, not the tool's. Statutory Boards & Agencies operating in international markets cannot use "the AI said so" as a credible line of defence in a regulatory examination or internal audit review.
The findings at a glance
The table below summarises the one finding in this cell, the question tested, the AI's incorrect response, and the verbatim text of the Recommendation that contradicts it.
| # | Finding title | Type | Citation ID |
|---|---|---|---|
| 1 | Section VIII.c two-tier Council reporting timeline | Hallucination | RLB-F-INT-OECD-OECD-MERGER-REVIEW-RECOMMENDATION-2025-Q004 |
Aggregate impact
The single finding in this cell sits at the procedural governance layer of the Recommendation, Section VIII.c's requirement for the Competition Committee to report to Council on implementation, dissemination, and continued relevance. That is not the most operationally intensive part of the framework for most firms, but it is the part that anchors a Compliance team's forward-looking horizon scan: when should we expect the OECD to formally reassess whether this Recommendation is still fit for purpose, and does our programme need to build a review trigger around that cadence?
The AI got the structure wrong in a specific and consequential way, it collapsed the asymmetric two-tier timeline (initial report within five years, subsequent reports at least every ten years) into a uniform five-year cycle, effectively halving the interval for the second and all subsequent reports.
The systemic risk for Compliance is one of calibration. A programme built on an incorrect reporting cadence will set its own regulatory-horizon review points at the wrong intervals, potentially prompting unnecessary internal reviews in years when no OECD reassessment is due, or, more seriously, missing the extended window that the Recommendation actually provides before the next formal review cycle. For a Statutory Boards & Agencies firm managing competition compliance across multiple OECD member jurisdictions, the downstream effect is that internal and external stakeholders receive a regulatory-timeline picture that is internally consistent but factually wrong.
That kind of error is hard to catch in a standard review cycle because the AI's output reads as authoritative and the mistake is in the structural interpretation, not in a plainly invented fact.
What makes this finding particularly instructive is the AI's behaviour under challenge: it conceded uncertainty when pressed, which means the error was not a hard assertion the tool would have defended. A Compliance team member with the habit of probing AI responses on structural questions, not just accepting the first answer, would likely have surfaced the discrepancy. The gap between the AI's initial confidence and its subsequent retreat is itself a data point about how this class of tool handles multi-part procedural questions with asymmetric timelines.
What your team should do
The default position for your team on this Recommendation should be: AI tools are useful for orientation and drafting, but any structural or procedural claim about timelines, intervals, and multi-part schedules requires a direct read of the primary text before it goes into a deliverable. The Section VIII.c reporting structure is a good example of why, the asymmetry between the initial five-year window and the subsequent ten-year-minimum cycle is not a detail a reader would fabricate deliberately, but it is exactly the kind of nuance that a language model will smooth into a simpler pattern.
The Recommendation's text is publicly available from the OECD; checking it takes less time than correcting a board note after the fact.
For practical safeguards: build a standing instruction into your team's AI-use workflow that any regulatory timeline cited in a compliance output, whether in a policy brief, a training deck, or a regulatory-horizon map, must carry a source citation traceable to the primary document, not to an AI response. If a junior analyst cannot point to the paragraph, the timeline should not be in the draft. That discipline catches this class of error before it propagates.
For Statutory Boards & Agencies firms with internal audit functions that review Compliance's horizon-scanning methodology, having that citation discipline in place also protects the function if the accuracy of a regulatory-timeline mapping is ever questioned.
Where AI tools are genuinely safe for this regulation: high-level summarisation of the Recommendation's scope and purpose for non-specialist internal audiences, drafting the explanatory framing around competition-compliance programme objectives, and generating initial checklists of the substantive review criteria in Sections I–VII where the obligations are less procedurally nuanced. The governance and oversight provisions, Section VIII and its sub-clauses, deserve a direct read every time, because that is where the structural detail is and where confident AI errors are most likely to look plausible until someone checks.
How RLB Can Help
RegLeg's published Hallucination Research gives Compliance teams at Statutory Boards and Agencies a practical pre-flight check before placing weight on AI-assisted output for regulatory questions. Because the research is openly available, it can be incorporated into existing review workflows without additional licensing or procurement, teams can consult the relevant failure-mode findings at the point where AI tools are being used to interpret obligations, draft submissions, or assess enforcement exposure, and adjust their reliance accordingly.
Where published research is not granular enough for a specific operating context, RLB offers bespoke regulator deep-dives tailored to the Compliance function's actual workflow. These engagements map the AI-supported tasks that carry the highest hallucination exposure for a Statutory Board or Agency, typically areas such as multi-jurisdictional obligation mapping, condition-of-licence interpretation, and regulatory correspondence drafting, and produce a prioritised picture of where human verification effort should be concentrated.
RLB also conducts confidential reviews of a firm's existing AI-use policy against RegLeg's failure-mode catalogue, identifying gaps and producing a prioritised remediation roadmap that the Compliance team can action within its normal governance cycle.
To support capability building within the team, RLB develops training material and CPD-aligned content that Compliance staff can use internally. This content is designed to be delivered by the team's own leads rather than requiring ongoing external facilitation, and is calibrated to the regulatory environment and AI tools already in use at the firm. The aim is to leave the Compliance function better equipped to make its own informed judgements about AI reliability, not dependent on external sign-off each time a new workflow is introduced.