G7 banks urge coordinated response to quantum risks
G7 central banks released a report urging coordinated action to assess and reduce quantum computing risks to payments, settlements and market infrastructure.
G7 monetary authorities and prudential supervisors published a report this week calling for coordinated efforts to assess and reduce the risks that advances in quantum computing pose to financial stability and market infrastructure. The document targets regulators, central banks, market operators and private firms.
The report describes how quantum computers could weaken commonly used public-key cryptography, including RSA and elliptic curve methods, which protect payments, securities settlement and interbank messaging. It highlights the risk that encrypted data captured now could be decrypted later if quantum-capable machines become practical, and notes that many financial records are stored long term and could be exposed.
Authors recommend systematic reviews of critical systems to identify where vulnerable cryptography is used. Institutions should create inventories that map cryptographic dependencies across hardware, software and third-party services and prioritize mitigation for the most exposed functions.
Near-term steps include coordinated information sharing and joint exercises to test how market infrastructure would respond to a cryptographic compromise. Longer-term actions call for staged migration to post-quantum cryptography standards, updating contractual terms with vendors and counterparties, and integrating quantum risk into business continuity and incident response plans.
The report advises central banks and supervisors to issue guidance and set expectations for supervised firms, while encouraging private operators of payment and settlement systems to lead technical work on migration pathways. It recommends engagement with international standards bodies to align on accepted post-quantum algorithms and on interoperability requirements for cross-border transactions.
The authors warn that adopting new algorithms will be complex: replacing cryptographic primitives across legacy systems, validating implementations and ensuring interoperability across jurisdictions will require years of planning and testing. The document recommends that market infrastructure operators prioritize authentication, key management and certificate authorities because failures in those areas could cascade across markets.
“Coordinated action is required to assess and mitigate the risks posed by quantum technologies to financial stability,” the report warned, adding that uncertainty about the timeline for quantum capability makes early assessment and planning necessary to avoid rushed or fragmented upgrades.
The report notes that fully fault-tolerant, large-scale quantum computers capable of breaking common public-key methods are not yet available, but says progress in research and investment means the risk cannot be ignored. It urges firms and supervisors to begin inventories, scenario analysis and engagement with standards bodies now to reduce the chance of disorderly or uneven transitions.








