The Securities and Exchange Board of India (Sebi) is gearing up to shield India’s financial ecosystem from the disruptive power of quantum computing, which could render current encryption methods obsolete. Chairperson Tuhin Kanta Pandey compared the looming risk to the Y2K scare of the late 1990s, underscoring the urgency for early preparedness. The regulator has begun laying the groundwork for a quantum-resilient security framework, targeting completion by 2028–2029.
Speaking at the Global Fintech Fest, Pandey cautioned that the advent of quantum computing could undermine existing data protection mechanisms across the financial sector. “It is being said that if quantum computers come the normal cryptography will break,” he warned. “The traditional cryptography that we do now, with which we make passwords, whether it is 128 encrypted, will break with quantum computing. If it breaks, there will be no security and crypto will go first.”
To address this, Sebi is charting a transition toward quantum-safe computing, exploring solutions such as post-quantum cryptography (PQC) and quantum key distribution (QKD). “We will have to prepare for that now,” Pandey said, adding that the plan involves gradually identifying all password-based systems and replacing them with quantum-secure alternatives over the coming years.
Pandey’s remarks came during a panel discussion moderated by Uday Kotak, founder of Kotak Mahindra Bank, on balancing innovation and risk. The discussion also featured Tuang Lee Lim from Singapore’s Monetary Authority (MAS) and Marlene Amstad, chairperson of Switzerland’s FINMA. Lim emphasized the principle of regulatory consistency, referencing Singapore’s “duck test”: “If it works like a duck, looks like a duck, sounds like a duck, you have to regulate it like a duck.” Meanwhile, Amstad observed that emerging technologies such as AI do not introduce new risk types but rather intensify existing ones.
Pandey outlined Sebi’s multi-year roadmap for transitioning to quantum-safe cryptography, urging collaboration among regulators, financial institutions, and technology providers. Responding to a question on technology neutrality, he noted that “you can have technology neutrality only to an extent,” arguing that once a technology becomes dominant, standardization becomes essential for interoperability and fairness.
This initiative builds upon Sebi’s cybersecurity and cyber resilience framework released in August 2024. Pandey concluded by highlighting the importance of cooperative foresight: “As we enter the next phase of this transformative journey, the collaboration between fintech innovations and regulatory foresight will determine not just how fast we grow, but how safely we grow.”
 is gearing up to shield India’s financial ecosystem from the disruptive power of quantum....){kind=link}