
FINMA (Swiss financial authority) conducted a survey of 60 institutions vs quantum risks in Jan 2026. While 70% (~40) agree that quantum risks would affect their institution in under 7 years, only 20% have already started post-quantum security work and 8% more made strategic decisions in regard. What's interesting is a) this survey was done before the Google Quantum paper and the US EO14412, so I wonder how different next iteration results would be. b) FINMA's guidance on PQC migration explicitly lists crypto-agility - ensuring that systems are built and adapted such that changing cryptographic algorithms doesn't require major rearchitecture, something I have been preaching for months. It is the failure to be agile and signature-agnostic has led blockchains and digital asset services (like MPC custody) to the migration mess we're witnessing today.












