Bringing dramatic and game-changing increases in capability and computing, QITs are poised to raise significant questions about the future of financial services in the areas of security, competition and policy. An FCA workshop heard the views and proposals from experts in both technology and finance.
What is QIT?
Quantum Information Technology (QIT) refers to the broad fields of quantum computing and quantum communications that are developing computer technology based on principles of quantum mechanics (which explains the properties of nature on the atomic and subatomic levels) and quantum information science. Classical computers of today use ‘bits’ to encode information in the values of 0 or 1, while quantum computers use ‘qubits’ (quantum bits). These qubits rely on exceptional abilities of subatomic particles to be in two (or more) states at the same time – a phenomenon called quantum superposition. In computing terms, they can be both 0 and 1 at the same time, thus enabling a wide range of computing capability and potential when connected with other qubits through quantum entanglement.
Importantly, QIT’s inherent abilities allow them to address problems which are currently intractable using classical computing. Evidenced by the ongoing debate between Google and IBM on whether quantum supremacy has been achieved (defined as when a quantum device solves a problem that no classical computer can solve in any feasible amount of time), demonstrates the indisputability of QIT’s potential. However, it is important to note that there is no consensus on when this potential will be realised, with predictions varying widely from 3 to 10 years on when the use of quantum computers will become commonplace.
Even with the innate complexities of these technologies, more and more organisations are realising that quantum capabilities could help solve major challenges in the financial services industry, from better forecasting and prediction to inform firm and regulatory strategy to tackling the manifold optimisation issues that exist.
So, what did we do?
To better understand the potential impacts of QIT on financial services, the FCA organised a virtual workshop with the UK Quantum Computing & Simulation Hub (QCS). The workshop consisted of more than 25 different stakeholders including the FCA, the Bank of England, six leading UK universities, the UK Quantum Communications Hub (QCH), the Engineering and Physical Sciences Research Council (EPSRC), the National Cyber Security Centre (NCSC) and the National Quantum Computing Centre (NQCC). The aim of the workshop was to raise awareness of QIT, educate relevant stakeholders on its key potential impacts, and identify key areas of focus for financial regulators.
A wide range of views emerged from the workshop, but participants identified three key issues that QIT will raise: security and encryption; competition in financial services; and policy and regulatory challenges. Possible actions to address all these issues were also suggested.
Security & Encryption within QIT
QIT poses a potential existential threat to the many encryption methods used today. Although these risks are not yet crystallised and the timelines are uncertain, attendees of the workshop agreed that QIT poses a threat to the integrity and stability of financial services. They also agreed that there was a fundamental lack of education and awareness of the quantum encryption risk for financial services. The National Cyber Security Centre (NCSC) has previously warned that organisations should already be considering how to protect their data from quantum-powered threats. Despite this, attendees agreed that the industry is not as proactive or engaged on this topic as it should be.
Currently, the main threat scenario to firms is their data being captured and stored now, and decrypted later, when more advanced quantum algorithms have been developed. Attendees suggested that firms should think about assessing the value and lifetime of their data and focus on protecting what is most valuable and be prepared to implement new security to react to future threats and developments. Many firms already struggle with their data lifecycle and evaluation processes; therefore, it is crucial that firms start looking at this in the near future.
The workshop also pointed to the challenge security will pose to regulators in various sectors, including the FCA, who will need a coordinated and joined-up approach to security and QIT. With so much uncertainty about how soon QIT will become a reality, regulators may have time on their side, but attendees agreed regulators need to join the debate now if they are to help shape the progress of QIT, particularly on the development of international standards.
QIT Potential Impact on Competition in FS
Due to the novelty of QIT and quantum-inspired approaches, the likely impact on firms is still not clearly understood. As firms realise new quantum advantages over time, questions may arise over whether early adopters will develop mature capabilities and gain significant competitive advantage over other players in the market. Some financial services firms are already working on QIT and developing Proofs of Concepts (PoCs). However, with such a new technology and with natural commercial sensitivities involved, it is difficult to prove and verify such work.
When compared to other technological approaches, a breakthrough within QIT could lead to greater advantages over shorter timescales. For example, if we broadly compare QIT with artificial intelligence (AI), we see that in AI the focus is on incremental, small improvements to known algorithms. However, within QIT, it is possible that entirely new algorithms and techniques will be discovered, and that problems which were previously unsolvable will be solved. In this event, the differences in certain capabilities between companies could become significant, at least in the first-mover time frame. This will also reflect on talent and skills, with firms that are already building quantum talent from a limited candidate pool having a much higher in-house capability to develop their QIT portfolio over the short to medium-term.
It is widely expected that most QIT users, including in financial services, will access resources over cloud-style shared quantum servers, rather than owning their own quantum computing resources. This “democratisation” of access could remove some barriers to competition and barriers to entry and reduce competitive advantage. However, the counterargument is that smaller firms might not have the necessary foundational capability and talent to work with these emerging technologies leading to a two-tier market.
At the same time, such ‘democratised’ access is usually provided by ‘BigTech’ firms such as Amazon Quantum Solutions and Google Quantum AI. Combined with these global giants’ increasing role in financial services (such as Amazon Lending and Google Pay) and high dependency of the sector on cloud services could lead to market concentration, with a small number of firms dominating the provision of services.
But while the arrival of successful commercial applications of QIT poses challenges, there are also risks of ‘fake claims’ of QIT capability. Some attendees warned some firms might be claiming to be using or developing QIT but are in fact merely using this as a marketing tool. The questions then arise around how exactly misleading these claims are and what their impact are? And to what extent it matters whether it is QIT giving an advantage or any other technology
And so, we come to the policy and regulatory challenges of QIT raised during the workshop.
Policy Considerations of QIT and Emerging Technologies
From the lack of explainability of quantum algorithms to the uncertainty of third-party data processing through Quantum-as-a-Service (as banks will have to use external systems to process data), there are important questions about how policy and regulation should react to QIT in financial services, including whether regulators will be able to remain technologically-neutral in their response.
Developments in QIT often echo the conversations about Artificial Intelligence (AI) and its wider adoption within financial services. The ‘fake claims’ trend mentioned above has also been observed in firms claiming specific AI capabilities whereas, the underlying technology is far less mature.
On the policy side, there is an extensive discussion on the ‘explainability’ of AI across international regulatory jurisdictions. QIT could raise very similar questions due to the complex nature of quantum processes. On the one hand this is a new challenge, while at the same time the workshop discussion suggested lessons learned and solutions developed could be shared between the two fields.
Participants agreed that any regulatory response to QIT should aim for the ‘Goldilocks’ zone between “overkill” – which may stifle innovation and reduce competitiveness in FS – and a laissez-faire approach that may harm consumers and/or catch regulators unaware. This balancing act also touches upon the geo-political nature of technology development and government influence, where international competitiveness might influence roll out of new technologies without enough consideration of the safety and potential risks.
With quantum technology still in its early stages, there is an opportunity to influence the trajectory of QIT-related innovation by addressing its challenges sooner rather than later. One suggestion that emerged was that regulators could consider whether this innovation needs to be directed towards or away from specific areas (i.e. focus it towards particular sectors due to potential benefits).
It is important to note, that with QIT, it will be necessary to identify where relevant regulation needs to be ‘located’. As QIT is, in essence, an infrastructure technology, it will be embedded within other technologies that underpin everyday activities. Its influence will be felt across sectors. One approach would be to regulate from the outset with a dedicated organisation, while alternatives might involve seeing which sectors adopt QIT at scale and respond there. At the very least, workshop attendees agreed that QIT will require a coordinated approach between different sectoral regulators. Some industries will be early adopters, others will come later to the QIT revolution, but many of the issues will transcend sectors.
What could be done?
The view from the workshop was clear – the development of QIT may appear to be far off, but given the magnitude of its potential effects, areas exist where immediate attention should be paid. Four priority areas emerged:
Security-focussed engagement – Financial regulators should explore engaging relevant bodies in the quantum security field such as the National Cyber Security Centre (NCSC), the National Institute of Standards and Technology (NIST), the European Telecommunications Standards Institute (ETSI) and others to better understand the security implications on financial services.
Talent gap - There is currently a lack of talent and skills for the further development of QIT within financial services. There is a limited pool of people that work both on quantum and financial services; this will start to change as more and more people move into financial services through various schemes, but it will take time.
QIT use cases in financial services – There is still a need to gain a clearer view of the potential applications of QIT in financial services and to assess which ones will be more disruptive. There is a consensus that wholesale use cases (e.g. portfolio optimisation) are currently showing the most traction, however, there is a need to see understand these deployments in detail. Without a view of the market activities involving QIT, it will be difficult to understand the applications when they mature and to effectively supervise the market. This also applies to the QIT security risk.
Ongoing monitoring of QIT developments – Financial regulators should continue monitoring developments in this area, engaging with academia and other regulators and mapping out how different companies are engaging with QIT to gain an overarching view of the state of the market.
QIT will potentially provide unassailable advantages to first adopters and disruptive new entrants. Firms will be able to process larger amounts of information, access richer insights and solve a variety of old and new problems in greater depth and speed than is currently possible. They will operate in different ways, meaning that the programming and verification of their applications will require new skills and understanding.
In some ways we have been here before – every technological development from the first computers to the Internet and AI have raised challenges and opportunities for businesses and regulators. Experience also shows that the sooner the challenges are addressed the more effectively the opportunities can be maximised, and the challenges tackled.
QIT may prove to be at least as significant a development as these previous advances and while participants in our workshop held a range of views on many of the details they were unanimous in one thing: it is critical that all parts of the financial services sector start collaborating now to ensure this is a quantum leap for the better and not a stumble into the unknown.