I come from the Financial Services industry. I can’t speak for all financial services companies, but I can share how my company would look at it.
We are very much market driven. If a market segment or an important client needed their financial services provider to be FIPS-compliant, we would very likely choose the FIPS-certified product over the non-certified product.
Otherwise the decision may be based upon
- the company’s political climate
- the company’s risk tolerance
- what information is being protected (i.e., all customer data vs. limited subset of public information)
- the cost comparison
- the vendors’ customer responsiveness and support
- the internal business line’s willingness to absorb any extra costs
I have not (yet) experienced any pressure from regulatory agencies to favor the FIPS-compliant products or services. Our independent auditing firm that qualifies financial statements under Sarbanes-Oxley has not applied any similar pressure.
In summary, for my company the answer is not an automatic ‘yes’ unless it would be vital for customer service.
I hope this helps you.