In response to the emerging threat of quantum computing, Singapore has issued a directive to financial institutions (FIs) to address and mitigate potential cybersecurity risks associated with this advanced technology. Quantum computers, leveraging the principles of quantum mechanics, have the capability to solve certain mathematical problems at an exponentially faster rate than conventional computers. However, their potential to compromise widely used encryption and digital signature algorithms raises significant concerns in the realm of cybersecurity.

The Monetary Authority of Singapore (MAS) has expressed that the security of financial transactions and sensitive data processed by FIs could be jeopardized with the arrival of cryptographically relevant quantum computers (CRQCs). To counteract this, MAS advocates for the implementation of ‘crypto agility’ within FIs, allowing them to transition away from vulnerable cryptographic algorithms.

MAS further emphasizes the importance of monitoring ongoing developments in quantum computing for potential cybersecurity threats and risks that could impact financial services. The advisory suggests exploring quantum security solutions, including post-quantum cryptography (PQC) and quantum key distribution (QKD), to enhance the security posture of FIs.

In addition to building internal capabilities, MAS recommends that FIs collaborate closely with third-party IT vendors to assess potential risks in their IT supply chains stemming from quantum threats. The directive also encourages engagement with relevant industry groups, research bodies, or Information Sharing and Analysis Centres to collectively address and mitigate systemic risks associated with quantum computing.

This advisory builds upon MAS’s previous notices and guidelines to banks in Singapore, reinforcing the necessity for highly reliable IT systems and controls to safeguard customer information against unauthorized access or disclosure in the face of evolving technological threats.