Research

The four failures,
and who documented them.

We catch four things. None of them is our invention. Standards bodies, regulators, courts and peer reviewers have each written the problem down, and every source below is linked so you can read it yourself.

Catch 01

Altered after the fact.

A record only settles an argument if you can show it is the record that was written. Most systems store logs. Far fewer can prove one was never edited, and the people best placed to edit it are the ones holding the keys.

  1. Efficient Data Structures for Tamper-Evident Logging Names the insider, not the outsider, as the threat: staff with privileged access who want to act without leaving a trace. Proving one event is still present in an 80-million-event log costs 800 MB under a plain hash chain, which is why almost nobody actually checks. Crosby & Wallach
    USENIX Security, 2009
  2. Guide to Computer Security Log Management (SP 800-92) States it plainly: logs held without protection are open to deliberate alteration, in storage and in transit. The loss is not the data. It is that the evidence about who did what can be rewritten. NIST
    2006
  3. Amendments to Electronic Recordkeeping Requirements "We store it" stopped being an answer. A firm must now keep records write-once, or run an audit trail that time-stamps every modification and deletion and can re-create the original if either happens. SEC
    Adopted 2022
  4. Bates v Post Office, Horizon Issues judgment The court asked whether branch transaction data could be inserted, edited or deleted without the branch knowing. On the nine ways it could be done, the answer was yes to all nine, after years of the operator saying otherwise. High Court of England & Wales
    [2019] EWHC 3408 (QB)
Catch 02

Backdated.

A false creation date is rarely a clerical slip. It is usually the mechanism of the fraud itself, and it lives in the gap between when a thing happened and when it was written down.

  1. How To Time-Stamp a Digital Document The founding paper set the bar we still work to: back-dating must be infeasible even when the service issuing the timestamps is in on it. Haber & Stornetta
    Journal of Cryptology, 1991
  2. Time-Stamp Protocol (RFC 3161) The internet has had a formal answer to backdating since 2001: a third party that proves a given datum existed before a given moment. Twenty-five years on, most enterprise records still do not carry one. IETF
    2001
  3. Does backdating explain the stock price pattern around option grants? The suspicious pattern shrank as soon as firms had to report within a day, and it grew with the reporting delay. The exposure scaled with the gap between the event and the record. Heron & Lie
    J. Financial Economics, 2007
  4. SEC enforcement action on stock option backdating Officers signed consents approving grants "as of" a retroactive date. The regulator put the unreported compensation expense at $2.22 billion and the restatement at over $2 billion. The instrument of the fraud was a document date. SEC
    2008
Catch 03

No origin.

A figure arrives in a slide, a decision, a filing. Nobody can say which record it came out of. In August 2026 that stops being an internal annoyance in Europe and starts carrying a fine.

  1. Reducing Risks Posed by Synthetic Content (AI 100-4) Sets out what provenance data is for: recording where content came from and what happened to it. NIST is careful to add that authenticity is not the same as trustworthiness, which is the honest version of the claim. NIST
    November 2024
  2. Content Credentials: C2PA Technical Specification The standard says of itself that it validates whether an assertion is correctly formed, bound to the asset and untampered, and declines to judge whether the assertion is true. It certifies the seal. Somebody still has to check the substance. C2PA
    Specification 2.4
  3. EU AI Act, Article 50 (Reg. 2024/1689) Synthetic audio, image, video and text must be marked in a machine-readable format. Article 99 prices a failure at up to €15 million or 3% of worldwide turnover, whichever is higher, and it applies from 2 August 2026. Official Journal of the EU
    June 2024

Both standards bodies are on record that sealing a record is not the same as substantiating it. That gap is the one we work in: veriker re-derives the record from the inputs it declares, rather than confirming that a wrapper is intact.

Catch 04

Invented source.

The citation looks right. The case, the paper, the figure does not exist. This is the failure that has already cost professionals their credibility in open court, and buying a better tool does not close it.

  1. Hallucination-Free? Assessing the Reliability of Leading AI Legal Research Tools The first pre-registered test of the retrieval-backed tools sold to lawyers. The two market leaders, both marketed on the promise of grounded citations, still invented answers 17% to 33% of the time. Magesh et al.
    Stanford RegLab, 2024
  2. Large Legal Fictions: Profiling Legal Hallucinations in Large Language Models Asked a direct, checkable question about a real federal case, the models were wrong between 58% and 88% of the time, and could not tell when they were wrong. Dahl et al.
    J. Legal Analysis, 2024
  3. Sanctions order, Mata v Avianca Lawyers filed judicial opinions that did not exist, with quotes that were never written, and stood by them when asked. The court's point was about who pays: the other side spends its money exposing the fake. U.S. District Court, S.D.N.Y.
    June 2023
  4. Ayinde v Haringey and Al-Haroun v Qatar National Bank Two years on, at larger scale. Of 45 authorities put before the court in one matter, 18 did not exist, and several that did exist did not say what they were cited for. The lawyers were referred to their regulators. Divisional Court, England & Wales
    [2025] EWHC 1383 (Admin)
  5. AI Hallucination Cases, a running tally A researcher has been counting the decisions worldwide in which a court found someone had relied on material an AI made up. The count stood at 1,751 when we last read it. Damien Charlotin
    Read 12 July 2026

The last of these is one researcher's database rather than an official register, and the number moves every week. We cite it for the shape of the problem, not as a statistic you should quote back to a regulator.

The clock

What is coming,
and when.

None of this is speculative. The dates are written into law and the penalties are numbered. Several have already passed. This is the calendar your compliance officer is already working to.

  1. EU AI Act, Article 19: automatically generated logs A high-risk system has to keep the logs it produces by itself, and keep them for at least six months. The duty sits with the provider. A log you cannot prove is intact is not a log. European Commission
    Reg. 2024/1689
  2. EU AI Act, Articles 99 and 113 The high-risk classification obligations apply from 2 August 2027. The Act's top penalty tier runs to €35 million or 7% of worldwide annual turnover, whichever is higher. Both numbers are in the Act's own text. Official Journal of the EU
    Reg. 2024/1689
  3. Digital Operational Resilience Act (DORA) Financial entities across the EU have been inside it since 17 January 2025. Incident reporting, and the evidence behind the report, are now the supervisor's business. ESMA
    Reg. (EU) 2022/2554
  4. NIS2, network and information systems directive Member states had to write it into national law by 17 October 2024, and it has applied since the day after. It reaches a long way past the old critical-infrastructure list. EUR-Lex
    Directive (EU) 2022/2555
  5. Predetermined Change Control Plans for AI-enabled devices A manufacturer can pre-clear how an AI-enabled device is allowed to change, so a later modification needs no fresh submission. The plan becomes the record, and it only holds if you can show the device stayed inside it. FDA
    Docket FDA-2022-D-2628
  6. Generative AI Profile (NIST AI 600-1) Published 26 July 2024, the cross-sectoral companion to the AI Risk Management Framework. Guidance rather than law, so it carries no deadline and no fine. No excuse either. NIST
    2024
  7. ISO/IEC 42001, AI management systems A certifiable management-system standard for AI, published December 2023. Certification is the moment record-keeping stops being a good intention and becomes an auditor's checklist. ISO/IEC
    42001:2023
By vertical

Where the bill lands.

The four failures are not spread evenly. Some industries have already been billed for them. What follows is a hard number per sector, from the regulator, the auditor or the standards body that produced it.

  1. Regulated financeTwenty-six firms to pay more than $390 million to settle recordkeeping charges The charge was not fraud. It was failing to keep the messages. Twenty-six firms paid $392.75 million between them because the record of who said what was not there to produce. SEC
    Press release, 2024
  2. Regulated financeSR 11-7: Guidance on Model Risk Management Fifteen years before anyone said "agent", US banking supervisors already required an internal audit function to assess whether the model-risk framework actually worked. A model whose output cannot be re-derived cannot be audited. Federal Reserve & OCC
    2011
  3. Clinical and life sciences21 CFR § 11.10(e), controls for closed systems US law already requires it of regulated electronic records: a secure, computer-generated, time-stamped audit trail that independently records the date and time of every operator entry and action. Independently is the word doing the work. FDA
    Code of Federal Regulations, Title 21
  4. Research integrityMore than 10,000 research papers were retracted in 2023, a new record Retractions passed 10,000 in a single year for the first time. The driver was not bad science so much as manufactured science: papers, reviews and citations produced to order. Van Noorden
    Nature, 2023
  5. Manufacturing and supply chainCounterfeit Parts: DOD Needs to Improve Reporting and Oversight 526 suspect counterfeit-part reports reached the shared government database in five years, and the auditor's own finding was that the reporting was incomplete. You cannot count what nobody logged. GAO
    GAO-16-236, 2016
  6. Manufacturing and supply chainEcodesign for Sustainable Products Regulation (EU 2024/1781) Most physical products sold into the EU will have to carry a machine-readable digital product passport: materials, origin, compliance. A passport nobody can check is a sticker. Official Journal of the EU
    Reg. (EU) 2024/1781
  7. Public sectorSelected Agencies Need to Fully Address Federal Electronic Recordkeeping Requirements Of 17 federal agencies reviewed, three had no records management program at all, and most of the rest had gaps in the controls over their electronic records. GAO
    GAO-20-59, 2020
  8. InsuranceThe Impact of Insurance Fraud on the U.S. Economy $308.6 billion a year, and the first update to the national estimate in 27 years. Fraud at that scale is a documentation problem long before it is a detection problem. Coalition Against Insurance Fraud
    with Colorado State University, 2022
  9. MediaDigital News Report 2025 Asked about news made by AI, audiences put it 18 points below human journalism on trustworthiness. Provenance stopped being an editorial question and became a commercial one. Reuters Institute
    University of Oxford, 2025
At scale

The volume argument.

One fabricated citation is an embarrassment. The case for checking every record is arithmetic: machine-made actions are multiplying far faster than anyone's capacity to read them, and the fabrication rate is not going to zero.

  1. Detecting and Correcting Reference Hallucinations in Commercial LLMs and Deep Research Agents Across 221,111 citations produced by commercial models and deep-research agents, between 3% and 13% of the cited URLs had no record in the Wayback Machine and, on the authors' reading, never existed. Rao, Wong & Callison-Burch
    arXiv preprint, 2026
  2. GhostCite: A Large-Scale Analysis of Citation Validity in the Age of Large Language Models A wider sweep of the same question, across 13 models. Every one of them fabricated citations. The rate ran from 14% to 95% depending on which you asked. Xu et al.
    arXiv preprint, 2026
  3. ReliabilityBench: Evaluating LLM Agent Reliability Under Production-Like Stress Conditions Rephrase a task without changing what it asks, and multi-step agent success falls from 96.9% to 88.1%. No tool failed. No input was corrupted. The wording moved. Gupta
    arXiv preprint, 2026
  4. Can AI-Generated Text be Reliably Detected? Detection is not the way out. Paraphrasing degrades both watermarks and classifiers, and the authors prove a bound: as machine text converges on human text, no detector can hold. Sadasivan et al.
    TMLR, 2023
  5. The 2026 AI Index Report: Technical Performance On OSWorld, which tests agents on real computer tasks, success went from roughly 12% to 66.3% in about two years. That is within six points of a human. Stanford HAI
    2026
  6. The 2026 AI Index Report: Economy And yet real agent deployment is still in the single digits across nearly every business function. The capability landed first. The volume is still in front of us. Stanford HAI
    2026
  7. Is a compute crunch coming? Token demand is growing by roughly 10× a year, around three times faster than the compute built to serve it. Every one of those tokens is a claim somebody may later have to stand behind. Emberson & Sevilla
    Epoch AI, 2026

Three of the seven above are preprints and have not been through peer review. We label them, because a page about invented citations does not get to be careless about its own.

Bring us a record you doubt.

We will re-derive it in front of you. If it holds, it holds. If it does not, you will see exactly where.