With the ever-looming arrival of the quantum age, especially for encryption, traditional methods are at increasing risk. Quantum computers have the potential to one day break the cryptographic systems that currently protect our global financial ecosystem. In response, the Bank for International Settlements (BOR) has issued an information paper outlining a framework that institutions can use in their journey to transition banks and other institutions toward quantum-safe cryptography.
The framework is timely. Banks, central banks, financial authorities, custodians and other financial institutions are attempting to prepare for a quantum future where sensitive data may be compromised. The BOR emphasizes that the move to quantum-safe cryptography is not strictly a technical issue but a strategic issue. Moving to quantum-safe encryption requires planning, coordination, and collective awareness of risk and a collective understanding of solutions.
Why Quantum Threats Demand Immediate Action
The risk of quantum-enabled attacks may feel distant, but experts warn that the timeline is shrinking. Once quantum computers reach a sufficient level of capability, they could easily break widely used encryption standards like RSA and ECC. This would leave financial data exposed to theft, manipulation, and disruption.
BIS warns that “store now, decrypt later” attacks are already possible. Malicious actors may be storing encrypted data today, intending to decrypt it once quantum capabilities arrive. That makes the case for cryptographic transition even more urgent. Financial institutions must act now to adopt quantum-safe cryptography before the risk becomes unmanageable.
What the BIS Framework Offers Financial Institutions
The BIS paper serves as a solid launch pad for organizations beginning their transition into cryptography. The paper outlines four significant phases: awareness, assessment, implementation, and coordination. For each of these four phases, the paper provides guidance for financial firms to take actionable steps.
In the awareness phase, the BIS expects institutions to understand how quantum computing could affect their systems. For the assessment phase, firms must assess systems that are vulnerable and identify data that could be compromised. Implementation focuses on testing and commissioning quantum-safe cryptography solutions. Coordination encourages information sharing on quantum cryptography and coordination across the financial sector.
Strategic Priorities for a Quantum-Safe Future
The BIS stresses the importance of leadership involvement in this transformation. Chief risk officers, CISOs, and board members must treat financial cybersecurity as a long-term strategic priority. It’s not enough to delegate quantum-related issues to IT departments alone.
In addition, the BIS recommends developing new governance models. These should support the integration of quantum-safe cryptography while maintaining business continuity. Financial firms should also engage with regulators, vendors, and international partners to stay aligned with global best practices.
Global Coordination Will Be Key to Success
The BIS communicates to firms: that no financial institution can make this transition alone. There must be cross-border collaboration. The paper promotes regulatory and private sector collaboration around standards, pilots, and research into quantum-safe alternatives.
Public and private partnerships will be important. Governments need to support research into post-quantum algorithms, and financial firms need to initiate real use case approaches. A more coordinated approach will minimize fragmentation in the industry and facilitate a faster pace of cryptographic transition.
About The Author
