CONTACTS


Payment Networks


paymentnetworks@tasgroup.eu

Sign up for our newsletter!



SWIFT reinforces the security of the wider ecosystem

 

SWIFT Customer Security Programme

 

The current assault of cyber security attacks, including those on local infrastructures of SWIFT participants, has driven the member-owned cooperative in April 2017 to create and formalize a Customer Security Programme (CSP) for its participants.

The CSP defines specific requirements for all connected participants. The goal is to improve information sharing within the SWIFT community and ensure a high level of security for the local SWIFTNet infrastructure of participants.

For all members using the SWIFT global network, SWIFT requires their compliance with the CSP by January 2018 and annually thereafter by conducting and submitting a self-attested compliance. In addition, SWIFT may conduct additional assessments on individual participants, assigning an internal or external auditor.

SWIFT will list on its KYC Registry all members’ status of noncompliance. Counterparties can then chose to refuse to exchange SWIFT messages with noncompliant members or with those who do not share their compliance status.

As a final recourse, SWIFT may opt to disable the noncompliant member’s SWIFT services.

 

The  Programme

 

The Customer Security Programme (CSP) is based on existing SWIFT security guidelines and on the most important best practices standards, including ISO/IEC 27002, PCI-DSS and others.

It is guided by 3 elements:

  • Participants must secure and protect their environment;
  • Participants must take measures to detect and prevent fraud in
    commercial relationships;
  • Participants must continuously share information and collaborate
    to better prepare for future cyber-attacks.

The control framework consists of a set of 16 mandatory and 11 advisory security controls establishing a security baseline for the entire SWIFT community.

 

What TAS Group can offer

 

TAS Group has been working with SWIFT for decades. We continue to develop software products and services for the SWIFT world with experienced teams of experts qualified as SWIFT Certified Specialists.

TAS Group assists banks, financial institutions and service providers offering the following assessment programs.

 

SWIFT Readiness Assessment

A package offering the support of a SWIFT certified expert from TAS for the purpose of:

  • Provide an active consultancy an management for security reviews of all customer’s systems connected to the SWIFT network with respect to the CSP requirements;
  • Gap analysis between current status of the systems involved in the review and CSP requirements;
  • Preparation of the application required by the SWIFT CSP;
  • Preparation of the possible action plan for resolving any gap identified during the activity of assessment.

Estimated duration:

From 3 to 4 weeks of elapsed time, partially at customer site and partially remotely.

 

SWIFT Compliance Confirmation

A package offering the support of a SWIFT certified expert from TAS for the purpose of:

  • Assist the customer for the annual confirmation of compliance to SWIFT CSP requirements;
  • Preparation of the application required by the SWIFT CSP;
  • Preparation of an action plan for resolving possible gaps identified during the assessment.

Estimated duration:

From 1 to 2 weeks of elapsed time, partially at customer site and partially remotely.

 

 Ask our experts for more details