AI Hallucination ResearchAudiencesSectorsInternational / MultilateralStatutory Boards AgenciesComplianceDetail › Finding
Statutory Boards Agencies × Compliance — International / Multilateral · published 2026-05-26 · methodology v2.1

False assertion that the 2016 guidance remains the operative standard

RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q022
What the RLB Specialist Panel found

3. False assertion that the 2016 guidance remains the operative standard

  • Question (paraphrased to protect IP): Is the CPMI-IOSCO 2016 Cyber Resilience Guidance still the operative international standard, or has it been updated or put out for revision?
  • Source regulation: Guidance on Cyber Resilience for Financial Market Infrastructures (CPMI-IOSCO 2016)
  • What AI assistants typically say: Multiple AI tools gave similar incorrect responses, each stating that the 2016 guidance remains the operative primary international standard for financial market infrastructure cyber resilience and has not been formally revised or superseded.
  • What the regulator actually says: CPMI-IOSCO published a consultative document on updated guidance in May 2026, opening a formal public comment process. The 2016 guidance is under active revision as of that date.
  • Why the AI went wrong: The AI tools' training data predates the May 2026 publication of the consultative document, so they were unaware that a formal revision process had commenced. Rather than acknowledging uncertainty about the guidance's current status, both AI tools stated definitively that no revision had occurred.
  • Cited source(s): Regulator portal: https://www.bis.org
Impact for this audience

Multiple AI tools are unaware that CPMI-IOSCO published a consultative document on updated cyber resilience guidance in May 2026, and will tell Compliance teams that the 2016 guidance remains the operative standard. A firm that relies on this answer when drafting a cyber resilience framework, assessing regulatory obligations for a new product, or responding to a supervisory enquiry about its international standard alignment will be working from a materially incorrect premise. If the updated guidance introduces substantive changes — as consultation processes typically anticipate — any internal framework or regulatory submission built on the assumption that the 2016 text is current could require significant remediation at short notice, at material cost to the Compliance function and the firm.

References — raw findings (per AI model)
This finding also affects
← Previous finding Finding 2. Overconfident alignment claim between the 2016 guidance and the 2018 FSB Cyber Lexicon
Cite this finding

Each finding has a stable Citation ID (RLB-F-… for aggregated case-study findings, RLB-H-… for raw per-model hallucinations) — like a DOI, the ID always resolves to the canonical finding even if URLs change.

Plain text 
RegLeg Specialist Panel (2026). "False assertion that the 2016 guidance remains the operative standard — Statutory Boards Agencies × Compliance — International / Multilateral." Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q022. RegLegBrief AI Hallucination Research, published 2026-05-26. https://reglegbrief.com/audiences/sectors/int/statutory_boards_agencies/compliance/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-022/
APA 7th edition 
RegLeg Specialist Panel. (2026). False assertion that the 2016 guidance remains the operative standard [Hallucination finding RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q022]. RegLegBrief AI Hallucination Research. https://reglegbrief.com/audiences/sectors/int/statutory_boards_agencies/compliance/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-022/
Bluebook / OSCOLA (US + UK legal) 
RegLeg Specialist Panel, False assertion that the 2016 guidance remains the operative standard [RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q022], RegLegBrief AI Hallucination Research (May 26, 2026), https://reglegbrief.com/audiences/sectors/int/statutory_boards_agencies/compliance/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-022/.
BibTeX 
@misc{reglegbrief_RLB_F_INT_BIS_CPMI_IOSCO_CYBER_RESILIENCE_FMI_2016_Q022,
  author    = {RegLeg Specialist Panel},
  title     = {False assertion that the 2016 guidance remains the operative standard},
  year      = {2026},
  publisher = {RegLegBrief AI Hallucination Research},
  note      = {Hallucination finding Citation ID: RLB-F-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q022},
  url       = {https://reglegbrief.com/audiences/sectors/int/statutory_boards_agencies/compliance/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-022/}
}
← Back to case study summary Case study detail →
About Citation IDs →