When central banks speak, enterprises listen. So when G7 financial authorities published landmark guidance on quantum technologies and their implications for the financial system, it marked a turning point. Post-quantum cryptography is no longer a topic confined to cryptographers and standards bodies. It is now a documented concern of the institutions that underpin global finance, and that shift carries weight far beyond banking.
Two distinct G7 documents are now in play. The G7 Cyber Expert Group (CEG) Roadmap, published in January 2026 and co-chaired by the U.S. Treasury and Bank of England, focuses on coordinating the financial sector’s PQC transition.
The G7 Quantum Technologies Working Group (QTWG) Report, published in May 2026 and co-chaired by the Banque de France and Bank of Canada, takes a wider lens, covering quantum computing applications in finance and quantum sensing alongside cryptographic security. Together, their message is direct: the timing of the quantum threat is uncertain, but the need to prepare is not.
Why This Guidance Changes the Conversation
For years, the quantum threat has lived in an awkward space. It has been real and serious, and, critically, perceived as years away, which made deferral easy. What the G7 documents do is remove that comfort. When the institutions overseeing trillions in assets reach a shared conclusion about quantum risk, the conversation moves from theoretical to operational.
Both documents name Harvest Now, Decrypt Later (HNDL) as an active threat; adversaries are already collecting encrypted data today to decrypt once quantum capability matures. The QTWG report also surfaces a second, underappreciated threat: Trust Now, Forge Later (TNFL). Where HNDL targets confidentiality, TNFL targets integrity: a quantum computer could retroactively derive a private key from today’s public signatures, enabling backdated forgery of financial transactions or malicious software updates signed as legitimate.
The QTWG report notes TNFL may prove more disruptive than HNDL for financial infrastructure, where non-repudiation is foundational. Enterprise security programs should be planning for both.
For regulated industries, these documents are leading indicators. Guidance from central banks and regulators has a way of becoming examination criteria. Organizations in finance, insurance, and critical infrastructure should expect quantum readiness questions in future audits. But the lesson applies to every enterprise that depends on cryptography.
The Uncomfortable Math: Why Migration Takes Longer Than the Threat Allows
Post-quantum migration is not a patch. For a large enterprise, a realistic end-to-end transition can take well over a decade: cryptographic discovery alone often takes two to three years, and application migration across legacy systems can stretch to eight to ten years.
This risk is captured by Mosca’s Inequality, formulated by cryptographer Dr. Michele Mosca: if the length of time your data must stay confidential (X) plus your migration timeline (Y) exceeds the years until a cryptographically relevant quantum computer arrives (Z), you already have a problem. The QTWG report reinforces the urgency, noting a “non-negligible probability” that a CRQC could emerge within the next decade.
Regulatory deadlines compress the window further. NIST will deprecate quantum-vulnerable algorithms, including RSA, ECDSA, and ECDH, by 2030 and disallow them entirely by 2035. For defense-adjacent or federal enterprises, NSA timelines are tighter still: new acquisitions must support quantum-resistant cryptography from 2027. An organization beginning its program in 2026 has a reasonable runway. One that waits until 2028 or later faces a high-risk scramble. The time advantage belongs entirely to those who start now.
Migration Is an Operational Program, Not an Algorithm Swap
The deepest insight in the G7’s framing is that post-quantum readiness is fundamentally an operational capability, not a cryptographic one. Swapping RSA for ML-KEM is conceptually simple. Doing it across an entire enterprise without breaking systems or missing dependencies is an enormous coordination challenge.
This is why crypto-agility matters so much. An organization that has hardcoded cryptographic algorithms into its systems will experience every future transition as a crisis. One that treats cryptography as a managed, swappable, policy-governed layer can absorb change as routine. The same discovery, automation, and policy-enforcement capabilities needed for shrinking certificate lifespans today are precisely those needed for quantum migration tomorrow.
A credible enterprise program coordinates across several distinct work-streams:
- Certificates and PKI: Every certificate and the PKI that issues it must be inventoried, assessed for quantum vulnerability, and prepared for reissuance with quantum-resistant algorithms. This is the most visible and often the largest single category of cryptographic assets.
- Applications: Software that has cryptography embedded in its code, libraries, and dependencies needs to be identified and remediated. This is frequently the longest and most difficult work-stream because of legacy systems and third-party software.
- Network infrastructure: Protocols, VPNs, load balancers, and the cryptographic configurations across network devices all need to migrate, often while maintaining interoperability with systems that have not yet transitioned.
- Data protection: Long-lived sensitive data must be prioritized early against both HNDL and TNFL, including data already at rest and long-lived signing keys.
- Vendors and supply chain: The G7 roadmap explicitly flags smaller firms reliant on third-party technology providers as particularly at risk, since weaknesses in shared cloud platforms or software libraries ripple across the ecosystem. Vendor PQC roadmaps must become part of due diligence.
- Governance: Executive sponsorship, a cross-functional working group, a quantum risk entry on the enterprise risk register, and sustained multi-year funding are essential. Without governance, programs stall when priorities shift.
Hybrid Cryptography and the Transition Period
The transition will not be instantaneous. For an extended period, classical and post-quantum algorithms will need to coexist. Hybrid cryptography, combining a classical algorithm with a post-quantum one so the connection stays secure as long as either holds, is the leading strategy for this period, preserving backward compatibility while adding quantum-resistant protection where supported.
Cryptographic discovery and inventory should therefore be treated as an effectively permanent program, not a project with an end date. The CEG Roadmap explicitly notes this transition “will certainly not be the last one required”, a signal that crypto-agility, not just algorithm selection, is the enduring objective.
How Encryption Consulting Can Help
The G7 documents make the destination clear. Encryption Consulting helps organizations build the practical path to get there, turning a daunting multi-year mandate into a structured, manageable program.
The first gate is visibility, and CBOM Secure is built precisely for it. Our cryptographic discovery and inventory solution scans your environment to identify every cryptographic asset, certificates, keys, algorithms, and protocols, and flags those that are quantum-vulnerable. It produces the cryptographic bill of materials that the entire migration depends on.
Our Post-Quantum Cryptographic Advisory Services address the timeline and coordination challenge head-on. We help you establish governance, build a risk-based roadmap, classify data by confidentiality lifespan, assess both HNDL and TNFL exposure, and design a hybrid implementation strategy. This ensures your program is structured to meet 2030 and 2035 regulatory windows rather than scramble against them.
On the execution side, CertSecure Manager delivers the certificate lifecycle automation that makes large-scale migration possible, automating discovery, issuance, renewal, and policy enforcement. PKI-as-a-Service provides a modern, crypto-agile certificate authority without vendor lock-in, and HSM-as-a-Service ensures keys are protected with high-assurance hardware isolation as you transition algorithms. Our PKI Services and Compliance Advisory teams round out the program, ensuring your foundation and regulatory alignment are solid.
Whether you are responding to regulatory signals, briefing your board, or ready to begin discovery, contact us to start building your quantum migration program.
Conclusion
The G7’s 2026 publications are significant not because they reveal a new threat, but because of who is sounding the alarm and how clearly. When central banks and finance ministries document quantum risk as an operational priority, and flag both HNDL and TNFL as active concerns, the era of treating post-quantum migration as a distant technical curiosity is over. Regulators will follow, deadlines will harden, and the organizations that started early will be the ones standing comfortably when they do.
The math is unforgiving. Migration takes longer than most leaders expect; the threat is already harvesting data today, and the regulatory windows are closing. The path forward is well understood: gain visibility into your cryptographic landscape, build governance and a prioritized roadmap, develop crypto-agility through automation, and address both confidentiality and integrity threats. The only decision left is whether to begin now, while time is still an asset, or later, when it has become a liability.