2026 FinTech Predictions: Insights from Shaun Hurst of Smarsh

We spoke with Shaun, Principal Regulatory Advisor at Smarsh, about the shifts reshaping financial services as we head into 2026. With the EU AI Act coming into force and quantum security threats becoming more immediate, Shaun shares his perspective on where the industry needs to focus its attention.

Over to you Shaun - my questions are in bold:

What's the biggest shift you expect across financial services in 2026?

Next year, financial services firms will shift from rapid experimentation with technologies such as AI to demanding measurable return of investment (ROI), with pressure mounting to prove those investments. A study from the Massachusetts Institute of Technology's (MIT) highlighted this, finding that 95% of enterprises currently see zero return on AI investments. As such, boards are moving away from proof-of-concept success towards questions of total cost of ownership, accountability and long-term value, particularly as many AI initiatives still struggle to demonstrate measurable returns.

While model and Application Programming Interface (API) costs continue to fall, organisations are finding that the real expense lies in deployment complexity, governance, auditability and ongoing compliance. This shift will only accelerate as the EU AI Act's main provisions come into force in August 2026, requiring firms using high-risk AI systems to evidence transparency, human oversight and documented controls. As a result, AI will move out of experimentation and into core regulated infrastructure, where it must compete for investment on the same terms as any other critical system. In doing so, businesses will likely be driven toward specialist vendors rather than internal builds, as compliance and security risks become increasingly apparent.

Which emerging technology will have the most practical impact on banks and the FinTechs that support them?

AI is rapidly reshaping the financial services industry, particularly in customer-facing roles, but the next great wave of innovation and change will be driven by AI Agents. Employees in the financial services industry have rapidly adopted AI for daily tasks, with recent research from Smarsh showing that over a third (37%) of employees in financial services often use public AI tools like ChatGPT or Microsoft 365 Copilot. Equally, the Financial Conduct Authority's (FCA's) ambitious proposals for AI innovation and its upcoming AI live testing service to support firms in implementing consumer-facing AI tools, demonstrates the massive shift towards AI-driven use, both internally and externally.

Quantum computing remains years away from widespread commercial use, but it has the potential to transform the sector, surpassing computer limitations and automating complex decision-making processes. Whilst still at an early stage of commercial readiness, financial services firms face an immediate quantum security threat in 2026. The harvest now, decrypt later risk means firms must begin transitioning to post-quantum cryptography far ahead of formal mandates. Much of the data banks protect today must remain secure for decades, making early action unavoidable. This requires mapping cryptographic systems, updating standards, and developing expertise in a field where specialist skills are scarce, with around three times as many quantum security job openings as qualified candidates, making early action essential.

What risks or blind spots do you think the industry is underestimating as we move into 2026?

As AI continues to develop at an unprecedented rate, the need for safe, responsible and compliance implementation is often overlooked and is riddled with challenges. Closing the explainability gap by prioritising transparency as a design requirement will be enforced. Under legislation, such as the Equality Act 2010, AI products or services must undergo continuous testing, quality assurance and clear processes to spot and correct where vulnerable customers may be treated unfairly. Evolving alongside these technological advancements, the FCA and other regulatory bodies are increasingly emphasising the need for robust governance frameworks that ensure AI systems are transparent, accountable and aligned with ethical standards. This regulatory focus is not merely a bureaucratic hurdle but a necessary step to foster trust and security in new and upcoming AI-driven solutions. The next wave of adoption will see AI move beyond efficiency into compliance and conduct monitoring, transforming how firms detect risk and protect consumers. The focus for regulators will be on tracking companies' AI in line with compliance measures, emphasising transparency, consistency and accountability.

Additionally, there is also a continued tendency to underestimate quantum-related security risk. Many firms still treat quantum as a distant research topic, despite the reality that encrypted data captured today could be compromised in the future. Delaying preparation until regulatory expectations are explicit increases exposure and compresses already complex transition timelines, often resulting in rushed and costly remediation.

If you were advising a bank's leadership team today, what strategic priority should they focus on to stay competitive in 2026 and beyond?

Leadership teams should treat compliance-led AI deployment and quantum security preparedness as strategic priorities rather than technical side projects. For AI, this means embedding governance, transparency, human oversight and energy considerations into system design from the outset, instead of retrofitting controls after deployment. Firms that take this approach will be able to scale AI responsibly while maintaining regulator and customer trust.

In parallel, banks need a clear and actionable plan for post-quantum cryptography. This starts with understanding where cryptography is used across the organisation, assessing exposure and engaging specialist partners where internal capability is limited. Firms that prepare now will be far better positioned to meet regulatory expectations and avoid disruptive, last-minute change.

Thank you Shaun! You can connect with Shaun on his LinkedIn Profile and find out more about the company at www.smarsh.com/about-us.