Changeflow GovPing Banking & Finance Steps for Conducting Quantum-Safe Payments Risk...
Routine Notice Added Final

Steps for Conducting Quantum-Safe Payments Risk Assessment

Favicon for www.nacha.org NACHA News
Published
Detected
Email

Summary

NACHA published an article outlining steps for payment stakeholders to assess quantum computing risks to their cryptographic infrastructure. The guidance recommends updating risk management plans to address quantum threats affecting external-facing applications, conducting vendor risk assessments of third-party processors and solution providers, and providing regular reporting to senior leadership and boards on inherent risks and mitigation controls.

View original document View source feed page

What changed

NACHA's Payments Innovation Alliance published guidance on quantum-safe payments risk assessment, identifying quantum computing as an emerging threat to payment systems' cryptographic infrastructure. The article recommends that organizations update risk management plans to address quantum vulnerabilities in all external-facing applications and their connectivity to internal systems such as online and mobile banking.

Payment stakeholders should incorporate quantum risk assessment into their regular risk assessment processes, evaluate third-party processors and vendors for quantum-safe cryptographic readiness before selecting solution partners, and establish regular reporting to boards and senior leadership on inherent risks and mitigation controls to acceptable residual levels.

What to do next

  1. Review quantum computing risks to payment application cryptographic infrastructure
  2. Update risk management plans to incorporate quantum threat mitigation
  3. Conduct vendor risk assessments of third-party payment processors

Archived snapshot

Apr 14, 2026

GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.

Posted on

April 14, 2026

Share post

Payment applications are categorized as critical because they generally operate 24/7/365. Today, most if not all, payment stakeholders regularly perform risk assessments. The quantum risk assessment, specific to your cryptographic infrastructure and that of your providers, can identify vulnerabilities that quantum computing could exploit.

Your organization’s risk management plan should be updated to incorporate the quantum threat, addressing solutions for all external-facing applications, and their connectivity to internal applications (e.g., online or mobile banking).

Robust evaluation of your third-party processors and vendors who enable or provide your current payment and cryptographic infrastructures is essential, as is conducting a thorough vendor risk assessment before choosing quantum-safe solution vendor partners.

The last step of any risk assessment process should always be providing regularly scheduled reporting to your board of directors and senior leadership addressing the likelihood and impact of identified inherent risks, and controls designed to mitigate risk to an acceptable residual level.

Learn more about quantum-safe payments in the paper, " Protecting Payments
in the Quantum Era: Setting a Course for Action," published by the Nacha Payments Innovation Alliance Quantum Payments Project Team.

Go to the Quantum-Safe Payments Blog Series

Related Content
Payments Innovation Alliance Blog

How is Quantum Computing Used in Everyday Life?

April 14, 2026

Payments Innovation Alliance Blog

How Can Your Organization Build a Quantum-Safe Payments Readiness Plan?

April 14, 2026

Payments Innovation Alliance Blog

Are Your Assets—and Their Weak Points—Ready for a Quantum Future?

April 14, 2026

Payments Innovation Alliance Blog

Why Should Payments Industry Stakeholders Begin Quantum-Safe Strategic Planning?

April 14, 2026

Accreditation Press Release

Inaugural National Nacha Accreditation Day Honors Nearly 6,000 Payments Professionals

February 10, 2026

Phixius by Nacha and Kinexys by J.P. Morgan Integration Goes Live, Expanding Multi-Responder Account Validation Network

February 5, 2026

Blog

From New Rules to a New Accreditation and More, a Busy 2026 Ahead at Nacha

January 29, 2026

Nacha Operating Rules Risk Management Blog

Next Steps for the New Nacha Risk Management Rules

April 3, 2026

Related changes

Favicon for www.nacha.org Quantum Computing Powers Daily Payments Security
Routine Apr 14, 2026 NACHA News Banking & Finance
Favicon for www.nacha.org Quantum Computing Threatens Payment Industry Cryptography
Routine Apr 14, 2026 NACHA News Banking & Finance
Favicon for www.nacha.org Build Quantum-Safe Payments Readiness Plan Now
Routine Apr 14, 2026 NACHA News Banking & Finance

Get daily alerts for NACHA News

Daily digest delivered to your inbox.

Free. Unsubscribe anytime.

Source

Favicon for www.nacha.org
NACHA News nacha.org/news
Banking & Finance

About this page

What is GovPing?

Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission

What's from the agency?

Source document text, dates, docket IDs, and authority are extracted directly from NACHA.

What's AI-generated?

The summary, classification, recommended actions, deadlines, and penalty information are AI-generated from the original text and may contain errors. Always verify against the source document.

Last updated

Press inquiries →

Classification

Agency
NACHA
Published
April 14th, 2026
Instrument
Notice
Legal weight
Non-binding
Stage
Final
Change scope
Minor

Who this affects

Applies to
Banks Investors Healthcare providers
Industry sector
5221 Commercial Banking
Activity scope
Cryptographic infrastructure assessment Third-party vendor risk evaluation Risk management planning
Geographic scope
United States US

Taxonomy

Primary area
Cybersecurity
Operational domain
Risk Management
Topics
Financial Services Data Privacy

Browse Categories

Agriculture & Food Safety 64 AI Regulation 3 Banking & Finance 291 Consumer Protection 44 Courts & Legal 361 Data Privacy & Cybersecurity 73 Defense & National Security 51 Education 19 Energy 100 Environment 86 Environmental Regulation 7 Financial Regulation 2 Government & Legislation 279 Healthcare 136 Housing 16 Immigration 8 Insurance 58 Labor & Employment 113 Pharma & Drug Safety 104 Public Health 2 Securities & Markets 103 Securities Regulation 6 Tax 65 Telecom & Technology 47 Trade & Sanctions 135 Transportation 57

Get alerts for this source

We'll email you when NACHA News publishes new changes.

Free. Unsubscribe anytime.

You're subscribed!