The opinions expressed here are those of the authors. They do not necessarily reflect the views or positions of UK Finance or its members.

Last year saw 30 leading banks announce their collaboration with Swift to integrate DLT into the global financial infrastructure.

The UK's Digital Securities Sandbox (DSS) is facilitating testing of distributed ledger and blockchain technologies as we move towards a more concrete regulatory framework for crypto and tokenised assets.

Meanwhile, the Bank of England and the FCA have established their Artificial Intelligence Consortiumto assess how AI is and may be used across UK financial services.

From risk management and fraud detection to payments, settlement and Real World Asset (RWA) tokenisation, it's clear that these technologies are rapidly reshaping how financial services operate.

However, as these technologies integrate into the core of our financial infrastructure, they expose firms to a new era of cybersecurity and confidentiality risks. The challenge for 2026 is not just how to innovate, but how to do so without compromising client data or market integrity.

The risks: Data hunger, data transparency and evolving threats

AI requires massive datasets to be effective

Financial AI models need access to vast amounts of high-fidelity propriety data, including transactional, behavioural, client profiles, market signals and operational data.

This appetite for sensitive data raises concerns around leakage or misuse and governance of the model itself.

Blockchains are transparent by design

To function as a shared source of truth, public or semi-private ledgers typically require data to be visible to validators, exposing sensitive data like trade intent and strategy or asset valuation and ownership.

This transparency supports auditability and trust but can conflict with the confidentiality requirements of firms, regulators and consumers alike.

A new era of cyberattacks

Simultaneously, cybersecurity threats are evolving; malicious actors are themselves using AI to automate and accelerate cyberattacks. The rise of harvest now, decrypt later (HNDL) strategies - when attackers harvest encrypted data now to decrypt later via quantum computing - are leading many firms to prioritise exploring post-quantum defences.

Privacy as an enabler of innovation

To innovate responsibly, and future-proof cybersecurity measures, firms must protect data across its entire lifecycle, including when it is in use. This is where Privacy Enhancing Technologies (PETs) come in.

PETs make it possible to use data responsibly, keeping consumers protected while still delivering the analytical and operational power AI promises, or the efficiencies and new markets that blockchains offer.

Techniques such as secure Multi-Party Computation (MPC), Fully Homomorphic Encryption (FHE) and Zero Knowledge Proofs (ZKP) allow firms to deploy AI models, securely collaborate on encrypted data or verify credentials on blockchain without exposing the underlying information, maintaining confidentiality and regulatory requirements.

The ICO's DLT guidance is explicit that blockchain deployments must take a data-protection-by-design approach, including considering which PETs can improve the privacy and security of any on-chain processing.

No single PET is a silver bullet; each technique has different strengths, limitations and trade-offs. Responsible adoption and deployment require careful evaluation; understanding which PET fits which use case, how it complements existing security controls and where operational or regulatory considerations apply.

The responsible path forward

As AI and blockchain adoption accelerates, UK financial services firms can take a structured approach:

• Assess data exposure across AI, analytics and DLT initiatives, identifying where sensitive information is at risk
• Align innovation with regulation, embedding privacy and governance from the outset rather than retrofitting controls
• Evaluate PETs pragmatically, focusing on use cases where they materially reduce risk
• Collaborate across the ecosystem, working with regulators, technology providers and industry peers to establish standards and best practice

Innovation and trust are not opposing forces. With the right safeguards in place, AI and blockchain can strengthen the resilience, efficiency and competitiveness of UK financial services.

The year ahead will be defined not just by who adopts new technologies fastest, but by who does so most responsibly, ensuring progress without compromise.