---
type: "AIHallucinationFinding"
title: "How does the CPMI-IOSCO 2016 Cyber Guidance define 'cyber resilience', and is that definition…"
citation_id: "RLB-H-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q020-Opus47"
finding_uid: "INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-020--opus-47-websearch"
question_uid: "INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-020"
regulation_id: "INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016"
regulation_slug: "CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016"
regulation_title: "Guidance on Cyber Resilience for Financial Market Infrastructures"
regulator_short_code: "BIS-CPMI"
regulatory_body_id: "BIS-CPMI-INT-001"
jurisdiction_code: "INT"
j_level: "J1"
ai_subject: "claude-opus-4-7"
ai_subject_display: "Claude Opus 4.7 (web search on)"
ai_subject_version: "opus-47-websearch"
response_failure_mode: "inference_drift"
substrate_document_name: "p_09_OTHER_FSB_Cyber_Lexicon__2018____anachronistic_IOSCONEWS433.pdf"
substrate_document_path: "https://reglegbrief.com/substrate/INT/BIS-CPMI/CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016/_raw_manual_substrate/p_09_OTHER_FSB_Cyber_Lexicon__2018____anachronistic_IOSCONEWS433.pdf"
substrate_section_anchor: "FSB Cyber Lexicon (2018) — anachronistic definitions applied to d146"
citation_issue_types: ["Contradictory"]
audiences: ["ai_labs"]
published_at: "2026-05-30T00:06:03.465817+00:00"
substrate_version: 1
methodology_version: "2.3"
license: "CC-BY-4.0"
resource: "https://reglegbrief.com/regulators/j1/int/bis-cpmi/CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016/ai-labs/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-020--opus-47-websearch/"
tags: ["ai-hallucination", "inference_drift", "bis-cpmi", "cpmi-iosco-cyber-resilience-fmi-2016", "int"]
timestamp: "2026-06-16T00:00:00+00:00"
---

# AI Hallucination Finding: How does the CPMI-IOSCO 2016 Cyber Guidance define 'cyber resilience', and is that definition…

- **Citation ID.** `RLB-H-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q020-Opus47`
- **Finding UID.** `INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-020--opus-47-websearch`
- **Regulation.** [`CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016`](/okf/regulations/CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016.md) — Guidance on Cyber Resilience for Financial Market Infrastructures
- **Regulator.** [`BIS-CPMI-INT-001`](/okf/bodies/BIS-CPMI-INT-001.md) — Bank for International Settlements — Committee on Payments and Market Infrastructures (CPMI)
- **AI subject.** Claude Opus 4.7 (web search on)
- **Failure mode.** [`inference_drift`](/okf/taxonomy/failure-modes.md)
- **Published.** 2026-05-30T00:06:03.465817+00:00

## Question put to the AI subject

How does the CPMI-IOSCO 2016 Cyber Guidance define 'cyber resilience', and is that definition consistent with the FSB Cyber Lexicon published in November 2018?

## AI subject's verbatim answer

So the two are aligned and broadly consistent, but the FSB Lexicon version is slightly broader (mission-continuity framing, organisation-agnostic) than the FMI-specific 2016 formulation.

## Verbatim regulator text contradicting the answer

> The FSB Cyber Lexicon was published November 2018 — two years after the 2016 Cyber Resilience Guidance. Its standardised definitions postdate the 2016 guidance and may not match how the 2016 guidance used those terms in 2016.

_Source:_ [p_09_OTHER_FSB_Cyber_Lexicon__2018____anachronistic_IOSCONEWS433.pdf](https://reglegbrief.com/substrate/INT/BIS-CPMI/CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016/_raw_manual_substrate/p_09_OTHER_FSB_Cyber_Lexicon__2018____anachronistic_IOSCONEWS433.pdf)
_Section anchor:_ FSB Cyber Lexicon (2018) — anachronistic definitions applied to d146

## Failure mode

**`inference_drift`** — Inference drift — the AI inferred a conclusion the regulator's text does not warrant, often by combining unrelated provisions.

## Citation-issue types

- **Contradictory** — <https://www.bis.org/cpmi/publ/d146.pdf>
- **Contradictory** — <https://www.fsb.org/uploads/P121118-1.pdf>

## Related concepts

- Regulation: [CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016](/okf/regulations/CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016.md)
- Regulator: [BIS-CPMI-INT-001](/okf/bodies/BIS-CPMI-INT-001.md)
- Failure-mode taxonomy: [inference_drift](/okf/taxonomy/failure-modes.md)
- Methodology: [v2.3](/okf/methodology.md)
- Editorial standards: [right of reply](/okf/editorial-standards.md)

## Reproduction

Citation ID: `RLB-H-INT-BIS-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-Q020-Opus47`

Resource URL (HTML view of this finding):

<https://reglegbrief.com/regulators/j1/int/bis-cpmi/CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016/ai-labs/finding/INT-BIS-CPMI-INT-001-CPMI-IOSCO-CYBER-RESILIENCE-FMI-2016-v1-020--opus-47-websearch/>

This finding is reproducible against the substrate document linked above, using the same AI subject, the same methodology version, and the verbatim question text.