Problems with using a non-reserved top-level domain for local DNS resolution

A network administrator at my organization (let’s call him "Bill") wants to configure an internal DNS with the live top-level domain (TLD) .int for internal IP address resolution (for Active Directory, internal websites, etc.). For example, the domain would resolve to the some internal site that isn’t visible to the public. Our organization has not registered these domain names with a registrar. Now I know that this is bad practice, but Bill remains unconvinced that this shouldn’t be done.

What are the problems with using a live top-level domain for internal name resolution? Specifically, what are the security implications? In addition, does this somehow conflict with some fundamental way on how DNS and name resolution is supposed to work?

Note: I originally asked this question on Network Engineering SE and was kindly referred over to this site as a better place for this question.