A single-day quantum-enabled cyberattack on one of the five largest U.S. banks could unleash cascading failures across the financial system and cost the American economy up to $3.3 trillion in indirect losses, according to a new report from the Citi Institute.
The scenario models an attack targeting access to the Fedwire Funds Service—the Federal Reserve’s critical real-time interbank payment network. If quantum computing capabilities become powerful enough to break widely used public-key encryption systems such as RSA and elliptic curve cryptography, authentication mechanisms, digital identities and secure payment channels could be compromised simultaneously.
Citi estimates a 19% to 34% probability of widespread quantum-enabled breaking of public-key encryption by 2034. That probability rises sharply to 60% to 82% by 2044. The risk is not isolated: a successful breach could trigger systemic contagion, disrupting payments, interbank messaging, and identity verification frameworks across institutions.
The modeled GDP-at-risk impact of $2.0–$3.3 trillion equates to a potential 10% to 17% decline in annual real GDP, initiating a six-month recession. Beyond finance, sectors reliant on secure communications—including telecom, healthcare and critical infrastructure—could also face disruption.
The crypto ecosystem is not immune. Citi notes that roughly 25% of Bitcoin, valued at an estimated $500–600 billion, may be quantum-exposed due to vulnerable key structures.
Despite the scale of the threat, Citi emphasizes that solutions exist. Post-quantum cryptography standards are already available. However, implementing them across global financial and digital ecosystems requires large-scale migration, crypto-agile architectures, cloud readiness, and deep vendor coordination.
The report’s core message: the technology to defend against quantum risk exists today—the real challenge is deploying it at scale before Q-Day arrives.
