Artificial intelligence (AI) continues to advance rapidly, with model performance making new breakthroughs and leading providers expanding deployment options for enterprises. Yet concerns about a possible AI investment bubble are growing as capital spending on computing power and infrastructure far outpaces the revenue being generated by AI applications. At the same time, integration hurdles related to cost pressures and regulatory fragmentation create a more complex environment for adoption.
Key takeaways:
- Intense competition drives rapid improvement in AI capabilities. Breakthroughs across leading AI models in the US (Aa1 Stable) have delivered significant gains in reasoning, multimodal capabilities, as well as tool use for enterprise integration. Open-source models, particularly from China (A1 Negative), are closing the gap with US proprietary systems, raising questions about the monetization prospects of leading AI providers.
- The impact of AI across industries will expand, but value capture will become increasingly uneven. While adoption is broadening, productivity gains vary widely across sectors. AI continues to deliver strong benefits in routine, document-centric, or customer-facing tasks, but complex workflows still face frictions. Even when models perform well in controlled environments, deploying AI into an enterprise’s operations requires the redesign of full processes. As a result, we expect productivity gains to gradually increase but remain highly uneven both across and within sectors.
- AI infrastructure is a critical bottleneck. Demand for computing power has triggered a surge in data-center construction and long-term capacity commitments, while shortages of specialist chips, grid constraints, and power needs are reshaping access to AI infrastructure. Market share consolidation among a small number ofcloud service providers is pushing prices higher and widening the adoption gap between well-capitalized firms and cost-constrained peers.
- Geopolitics, cybersecurity and regulatory divergence are broadening AI risks. Geopolitical fragmentation is redrawing access to chips, compute, and data infrastructure, sometimes forcing multinationals to operate separate AI stacks across regions. Deeper integration of AI into workflows is increasing cyber risk and exposure to operational failures. Diverging regulatory regimes — from the European Union ‘s (Aaa Stable) AI Act to China’s licensing framework — will further raise compliance costs and complicate global deployment.
*Register to access the full outlook. This will be available to all users for a limited time.
Executive Summary
Digital Finance Outlook 2026 – Digital finance links diverse market segments, raising efficiency, risks
Digital finance has entered a new phase heading into 2026, as frameworks for asset tokenization have matured and regulated assets for settlement of digital transactions are emerging. Stablecoins and tokenized deposits gained wider use in payments and liquidity management, while blockchain infrastructure, paired with AI, began reshaping asset servicing and collateral management. The technology underlying digital finance is evolving into a foundational infrastructure layer influencing firms’ capital allocation and market operations.
Key takeaways:
- Shared digital technology integrates once-distinct areas of finance. Blockchain-based rails along with other shared digital technologies are beginning to blur boundaries among transition finance, emerging markets, and private credit, creating a unified digital ecosystem. Digital finance platforms now host tokenized US Treasurys and structured credit products. Use of the new technology will pick up further in the coming year, and will highlight efficiency gains, although operational, regulatory, and cyber risks remain.
- The shift depends on continued infrastructure development. Major financial institutions will continue to pilot blockchain settlement networks, tokenization platforms, and digital custody systems in 2026 to streamline issuance and post-trade processes. Stablecoins backed by cash and Treasurys are being used for cross-border payments and repo transactions, and there is development underway of new foundational blockchain technology that better meets the needs of institutions by making transactions faster, cheaper and more regulated. Plans within the industry suggest more than $300 billion will be spent on technology markets by 2030. As more value moves on digital rails, cyber threats to smart contracts and custody layers are a major risk.
- Digital rails could transform financial cost structures. Tokenized issuance and programmable settlement reduce operational overhead, speed up liquidity turnover, and cut reconciliation work. Digital cash instruments enable real-time settlement, lowering funding and counterparty costs. Realizing these benefits requires regulatory alignment, and recent progress across regions signals a more coordinated global approach. Clear rules on custody, redemption, and disclosures will help digital finance products to scale.
- In 2026 and beyond, markets will favor efficient, secure and interoperable infrastructure. Regulated stablecoins could gain greater prominence in settlements for tokenized funds and digital securities, while digital finance platforms that connect smoothly with traditional systems will enhance liquidity. The gap between digital finance and traditional finance will narrow as institutions adopt on-chain operations.
Executive Summary
Cyber Risk Outlook 2026 – Cyber threats will intensify as AI tools proliferate
Cyber risk will shift into higher gear over 2026 as attackers exploit increasingly effective artificial intelligence (AI) tools to enhance their tactics. While AI-driven attacks are still in their infancy, early signs point to platforms capable of launching large-scale, automated assaults and malware that dynamically adapts to evade detection. At the same time, defenders are deploying AI tools to identify vulnerabilities before adversaries can exploit them. As the technology progresses, it will intensify the ongoing strategic chess match between attackers and defenders, reshaping the cybersecurity landscape.
Key takeaways:
- A new era of adaptive, fast-evolving threats is emerging. AI has already made phishing attacks more convincing. But as enterprises embed AI more deeply into their workflows, existing threats like prompt injection and model poisoning will become more prevalent and pronounced. The rise of agentic AI systems, able to perform a string of autonomous tasks, also adds potential for unpredictable behavior and error accumulation and will complicate cyberthreat detection and response.
- Ransomware’s grip loosens for smaller firms. Ransomware attacks typically have the greatest credit impact because of the severe business disruption they can cause. Successful data encryption via ransomware declined in 2025 among smaller and midsize firms. Larger entities remain exposed, however. Their complex networks make prevention harder and their greater capacity to pay high ransoms increases their appeal to attackers.
- Increasing cryptocurrency theft exposes security weaknesses amid growing institutional adoption. Cryptocurrency exchanges and decentralized finance (DeFi) platforms suffered major breaches and financial losses in 2025. Some cyberattacks targeted applications built on blockchain platforms, exploiting flaws in how transactions and smart contracts are coded. Others happened off-chain, targeting weaknesses in how crypto assets are stored and managed.
- Cloud computing outages highlight systemic risks. Recent outages at cloud service providers AWS (Amazon.com, Inc. , A1 positive) and Azure (Microsoft Corporation , Aaa stable), and at Internet security firm Cloudflare, caused widespread disruption and highlighted the operational complexity of cloud environments. The failures were technical rather than malicious, but they underscore the potential for catastrophic impact if exploited by attackers.
- A global push for harmonized cybersecurity rules faces challenges. The expanding patchwork of cybersecurity rules across jurisdictions is creating operational complexity for global firms as they navigate overlapping requirements and compliance risks. Global initiatives aim to harmonize standards and reduce duplication. Progress, however, is slow.
Executive Summary
Data Centers Outlook 2026 – Capacity growth remains robust as tenants prioritize speed to market
Demand for data center capacity to support artificial intelligence (AI), cloud computing and internet services will continue to rise sharply in 2026. Most of this new capacity is pre-leased to large tech companies, or hyperscalers, limiting the risk of introducing a surplus of unoccupied capacity into the market, while increasing counterparty concentration risk.
Key takeaways:
- A new era of adaptive, fast-evolving threats is emerging. AI has already made phishing attacks more convincing. But as enterprises embed AI more deeply into their workflows, existing threats like prompt injection and model poisoning will become more prevalent and pronounced. The rise of agentic AI systems, able to perform a string of autonomous tasks, also adds potential for unpredictable behavior and error accumulation and will complicate cyberthreat detection and response.
- Ransomware’s grip loosens for smaller firms. Ransomware attacks typically have the greatest credit impact because of the severe business disruption they can cause. Successful data encryption via ransomware declined in 2025 among smaller and midsize firms. Larger entities remain exposed, however. Their complex networks make prevention harder and their greater capacity to pay high ransoms increases their appeal to attackers.
- Increasing cryptocurrency theft exposes security weaknesses amid growing institutional adoption. Cryptocurrency exchanges and decentralized finance (DeFi) platforms suffered major breaches and financial losses in 2025. Some cyberattacks targeted applications built on blockchain platforms, exploiting flaws in how transactions and smart contracts are coded. Others happened off-chain, targeting weaknesses in how crypto assets are stored and managed.
- Cloud computing outages highlight systemic risks. Recent outages at cloud service providers AWS (Amazon.com, Inc. , A1 positive) and Azure (Microsoft Corporation , Aaa stable), and at Internet security firm Cloudflare, caused widespread disruption and highlighted the operational complexity of cloud environments. The failures were technical rather than malicious, but they underscore the potential for catastrophic impact if exploited by attackers.
- A global push for harmonized cybersecurity rules faces challenges. The expanding patchwork of cybersecurity rules across jurisdictions is creating operational complexity for global firms as they navigate overlapping requirements and compliance risks. Global initiatives aim to harmonize standards and reduce duplication. Progress, however, is slow.
