Cyber security

The discussion around post-quantum cryptography (PQC) has been running for several years, and the often-cited 2035 horizon can give the impression that there is still plenty of time for banks to prepare. In practice, the window for an orderly migration is narrower than it appears, and banks that leave the work until later in the decade are likely to find the exercise more difficult and more costly than it needs to be.

Two recent developments are worth noting. On the technical side, research published by Google Quantum in 2025 suggested that breaking one of the most widely used data encryption standards may require materially less computing power than previously thought¹, and Google has since brought its own internal PQC migration deadline forward to 2029.

On the regulatory side, the G7 issued a coordinated PQC roadmap for the financial sector in January 2026², and in Hong Kong PQC now sits within the HKMA’s Fintech 2030 roadmap, supported by a new Quantum Preparedness Index intended to benchmark readiness across the sector³. Hong Kong banks are beginning to receive questions on how they are identifying quantum-at-risk assets.

For banks, the more important point is what preparation actually involves. In our experience, the most demanding part is understanding where cryptography sits within the business in the first place. Most banks do not yet have a complete picture of which applications, data sets, keys and certificates rely on which forms of encryption, or how those dependencies extend into their third-party relationships. 

Building that inventory takes time, and it is a prerequisite for any credible migration plan.There is also a nearer-term consideration that deserves the board and senior management’s attention. Sensitive data with a long shelf life such as client records, contracts, certain categories of transaction data, is arguably already exposed, because an adversary could capture it now with a view to decrypting it at a later date. For banks holding long-lived client information, this is a reason to prioritise the protection of the most sensitive data ahead of a broader migration.

If quantum is the slower-burning issue, the impact of AI on cyber attacks is more immediate, and recent developments have made the point clearer.

The announcement of Anthropic’s Mythos AI model in April 2026 showed that AI is now capable of finding previously unknown security weaknesses and combining them into a working attack in ways earlier generations of technology could not. Instead of a public rollout, Anthropic is limiting access to a small number of organisations to use defensively, allowing them to scan their networks and patch problems before the flaws become public knowledge.  

While this controlled deployment highlights the potential for AI to strengthen defences, it also illustrates a troubling trend: the time between a vulnerability being discovered and its active exploitation is shrinking dramatically, from roughly a year in 2021 to something in the order of hours in 2026. The practical implication for banks is that the pace of defence needs to keep up and banks should work on the assumption that similar capability may soon be available to organised criminal groups.

It is worth keeping the picture in perspective. Current AI models remain relatively weak against the operational technology that underpins physical infrastructure, expensive to run at scale, and not especially good at avoiding detection. The direction of travel, however, is clear, and banks need to plan for where the capability is heading rather than where it sits today.

Alongside the external threat picture, banks will also need to think about a development they are, in many cases, introducing themselves: the AI agent. KPMG’s Cybersecurity Considerations 2026 report notes that 61% of US companies are not yet comfortable with autonomous agents⁴ and will require human-in-the-loop oversight – a useful indication that governance questions are arriving well ahead of full adoption.

Globally, regulators are increasingly taking note of AI agent risk. In its April 2026 letter to the industry, the Australian Prudential Regulation Authority (APRA) identified that identity and access management capabilities have not yet adjusted to non-human actors such as AI agents, and specifically called out controls over agentic and autonomous workflows as an area requiring attention⁵. The reason this matters is that some AI agents can decide which data and which systems to access, which shifts the bank’s risk profile in a more fundamental way than most new technologies do. An agent authorised to carry out something as routine as a reconciliation could, if given manipulated inputs, access restricted information, override approval workflows or share confidential data externally — and do so at a speed and scale that would be difficult for a human insider to match. The practical question for banks is how to bring this new category of activity within the control framework that already governs people and systems.

In our view, the answer is to treat AI agents as part of the existing risk and control environment rather than as a separate experiment. That involves maintaining a clear inventory of the agents in use, setting firm boundaries on the actions they are permitted to take, retaining human oversight where decisions carry real consequence, and ensuring that monitoring and incident response are suited to an environment in which a meaningful share of activity is initiated by software rather than by people. Banks that allow agent adoption to run ahead of governance are likely to find themselves retrofitting controls later, which tends to be more difficult than setting sensible guardrails at the outset.

The HKMA’s approach to cyber risk is developing alongside the threat picture. Rather than focusing solely on preventing attacks, the regulator is placing greater emphasis on cyber resilience — recognising that banks need to be able to respond to, contain and recover from incidents as well as defend against them. A new cyber resilience testing framework is in development, drawing on international approaches but adapted for the Hong Kong context, with the HKMA currently engaging the industry to shape how it will operate in practice.

The common thread running through PQC, AI-driven attacks and AI agents is that meaningful preparation takes time. Cryptographic inventories, refreshed vulnerability management programmes, governance frameworks extended to 

AI agents, and resilience embedded into day-to-day operations are multi-year journeys rather than quick exercises and banks must allocate their investments in a targeted way.

Financial Results