In-house counsel at payment institutions reads CPMI material on a narrow set of legal artefacts: the regulatory-change clause in the system-operator integration agreement, the safeguarding-scheme trust deed addendum on corridor risk, and the board briefing pack on cross-border payments roadmap exposure. Two AI failures on this regulation hit those artefacts directly. Sonnet 4.6 denied the SARB pre-validation partnership documented in CPMI Brief No. 9, and Opus 4.7 returned a per-recommendation stakeholder taxonomy reconstructed from category headings rather than from the d224 recommendation text.
A legal team that copies either AI output into a contractual or trust-deed clause assigns obligation the regulator did not assign and may have to walk it back on counterparty challenge.
What the AI got wrong, and why it matters here
Both failures sit on the artefacts in-house counsel produces from cold-read CPMI material: a partner-naming denial and a fabricated obligation taxonomy. Neither is flagged with retrieval-gap signal.
Finding 1: SARB pre-validation partnership denied
Sonnet 4.6 denied that any central bank has been named as the CPMI partner on the pre-validation API recommendation. CPMI Brief No. 9 (November 2025) names SARB. Quoted into a system-operator integration-agreement schedule or a safeguarding-scheme corridor addendum, the denial misses a documented regulator workstream the counterparty operator will read in print.
Citation: RLB-H-INT-BIS-CPMI-API-HARMONISATION-CROSS-BORDER-2024-Q007-Sonnet46.
Finding 2: Invented per-recommendation stakeholder taxonomy
Opus 4.7 returned a clean stakeholder taxonomy across d224's 10 recommendations, built from category labels (facilitative / global harmonisation processes) rather than from the recommendation text. A PI integration-agreement scope schedule drafted off that taxonomy will misallocate obligation between the PI and its system-operator counterparty.
Citation: RLB-H-INT-BIS-CPMI-API-HARMONISATION-CROSS-BORDER-2024-Q008-Opus47.
When this hits the legal calendar
Counsel touches CPMI material on three artefacts: the system-operator integration-agreement change-of-law clause, the safeguarding-scheme trust-deed corridor addendum, and the board cross-border roadmap brief.
| Standing artefact | Where the AI risk surfaces | Failure mode |
|---|---|---|
| System-operator integration agreement | Stakeholder-obligation mapping | Finding 2 |
| Safeguarding-scheme trust-deed corridor addendum | Pilot-partner naming | Finding 1 |
| Board cross-border roadmap brief | Both | Both |
Aggregate impact on the team
The two failures together corrupt the obligation-mapping work that the rest of the legal pack depends on. The integrity cost is borne at counterparty-challenge time.
| Risk Impact | Count | Affected findings |
|---|---|---|
| 0 | ||
| 0 |
What this team should do
Treat AI partner-naming and AI stakeholder-obligation tables as draft material requiring verification against the relevant CPMI brief by number and the d224 recommendation text before they enter a contractual or trust-deed clause.
Detection patterns to add to AI-review
- Pilot-partner statements must trace to a numbered CPMI brief.
- Stakeholder taxonomies on d224 must be verified against recommendation text, not category labels.
How RLB can help
RLB tracks the failure pattern on d224 and the CPMI brief series and refreshes the catalogue against live AI subjects on rotation. PI legal teams can wire the catalogue into the AI-draft review checkpoint so these two failure shapes are caught before the language ships into a contractual or trust-deed deliverable.