Skip to content Skip to sidebar Skip to footer

Widget HTML #1

Home / computer security / cybersecurity / fintech / information security / quantum computing

Why Banks Can't Wait on Quantum Risk

By Newby

The Growing Threat of Quantum Computing in the Financial Sector

The financial sector is facing a significant challenge that could have far-reaching consequences if not addressed promptly. Industry leaders warn of an impending "Quantum-Day" threat, where quantum computers could potentially break existing cryptographic systems. This poses an existential risk to the security of financial transactions and data.

Vincent Loy, Assistant Managing Director at the Monetary Authority of Singapore (MAS), emphasized the need for swift action. He stated that fast-moving technological advancements require "no regrets moves," starting with the inventory of cryptographic keys and planning for agile system changes. This proactive approach is crucial to ensure that financial institutions are prepared for any potential threats.

Understanding the 'Harvest Now, Decrypt Later' Threat

One of the most pressing concerns is the "Harvest Now, Decrypt Later" threat. Malicious actors are currently stealing encrypted data with the intention of decrypting it in the future when quantum computers become powerful enough. Camilla Bullock, CEO of the Emerging Payments Association, Asia, highlighted this during a panel discussion at the Singapore Fintech Festival 2025.

Bullock noted that the necessary Post-Quantum Cryptography (PQC) algorithms are already available for migration. This means that financial institutions can begin transitioning to more secure systems without delay. However, the process requires careful planning and execution to ensure a smooth transition.

Quantum Readiness as an Existential Issue

Nimish Panchmatia, Chief Data and Transformation Officer at DBS, echoed the importance of quantum readiness. He emphasized that for the bank, trust is its number one proposition, and any compromise in security could have severe repercussions. This underscores the need for financial institutions to prioritize their cybersecurity strategies.

Colin Payne, Head of Innovation at the Financial Conduct Authority (FCA) in the United Kingdom, outlined his organization's strategy to plan, prepare, and guide the industry. He compared the risk of delay to waiting for a car accident, highlighting the potential financial cost of inaction.

"The financial cost of delay would cost roughly 2.5% of the information technology budget over the next few years," Payne said. He projected that this cost could jump to 5% if delayed by three or four years. This projection serves as a wake-up call for financial institutions to act swiftly.

The Complexity of Cryptographic Asset Inventory

Bullock also pointed out the complexity involved in managing cryptographic assets. A simple payment involves approximately 20 encryption points, while complex systems can have over 100. This makes the task of inventorying cryptographic assets a massive undertaking.

The panellists agreed that the technical problem is not overly complicated if companies build systems that allow them to swap encryption quickly. This flexibility is essential to adapt to new threats and technologies as they emerge.

The Potential Impact of AI and Quantum Technology

According to Payne, the most concerning scenario is the alliance of artificial intelligence and quantum technology. This combination could trigger a major disruptive event, as a single actor could weaponize these technologies to cause widespread damage.

This highlights the need for continuous monitoring and adaptation in the face of evolving threats. Financial institutions must remain vigilant and invest in research and development to stay ahead of potential risks.

Final Advice: Start Now

The panellists uniformly stressed the final advice to "start now." Moderator Richard Tong, Co-founder and CEO of Total Neural Enterprises, concluded that the technical problem is not overly complicated if companies build systems that allow them to swap encryption quickly.

By taking immediate action, financial institutions can mitigate the risks associated with quantum computing and ensure the continued security of their operations. The time to act is now, as the consequences of delay could be severe and long-lasting.