KPMG's AI Report Full of Fake Citations: What Went Wrong

A major KPMG report on how businesses are using AI contained only 5 real citations out of 45 total. The rest were either completely made up, incorrectly attributed, or had wrong titles — a failure rate of roughly 89 percent. The finding comes from GPTZero, a research group that investigates AI-generated content.

The Financial Times broke the story, with Finextra reporting that the report contained made-up claims about AI use at UBS. TechRadar and City A.M. published their own accounts on 12 June 2026, citing GPTZero's investigation.

Why this matters beyond a simple editing mistake: citations in professional reports exist so that clients, regulators, and others can verify the claims being made. When a citation is fabricated, anyone who tries to track down the source discovers nothing — and worse, they're misled into thinking a reference exists when it doesn't. For a Big Four consulting firm whose entire reputation rests on accuracy and rigour, an 89-percent citation failure rate is a serious problem.

The pattern GPTZero identified fits what AI researchers have documented for years. When large language models (generative AI systems like ChatGPT) are used to write research summaries without being anchored to real sources, they sometimes fabricate plausible-sounding references. The hallmark: the citations look right typographically — proper author names, dates, journal titles — but the underlying documents don't actually exist.

Here is where the timing becomes interesting. When citation errors surfaced in a different KPMG report earlier, the firm blamed human error rather than AI, according to Going Concern (October 2025). That explanation has become harder to defend. Whether this current report was written by humans or AI, the hallmark pattern that GPTZero describes — fabricated source strings, garbled attributions, wrong titles appearing repeatedly — is not what human researchers normally produce when checking their own footnotes.

The broader context here matters. Consulting firms and professional service companies have moved quickly to use generative AI in their research, writing, and synthesis workflows. The pull is obvious: AI compresses the time from project start to draft completion dramatically. But here's the risk: large language models can sound confident even when they're wrong, and without additional safeguards — like restricting the AI to a verified set of sources, or requiring humans to double-check every citation — fake references can slip into client documents.

This was not a minor internal draft. It was a published KPMG report on AI adoption, presumably reviewed before release.

Fixing this technically is straightforward. Teams can use a technique called retrieval-augmented generation (RAG), which essentially requires the AI to pull information only from approved, verified sources, combined with a final step where software confirms that each citation actually points to a real, accessible document. Neither step is novel or difficult. The harder part is organizational: making sure that pressure to finish quickly doesn't weaken the verification process, particularly when the draft looks polished and the citations are formatted correctly.

There is an unavoidable irony worth noting: a report specifically intended to guide clients on AI governance was itself undermined by the exact kind of AI failure that responsible AI use is supposed to prevent. It's also the worst possible context in which such an error can surface. The report's credibility rests on understanding AI risks; that credibility erodes when the very risk appears in the report itself.

As of the reporting date, KPMG had not published a public correction. GPTZero's full investigation is available at gptzero.me.