Anyone that uses SWIFT will have learned about the swift CSP (Customer Security Program). And we’ll cover the main things you must know.
What is SWIFT?
Behind most international security and money, transfers are the swift CSP system, a messaging network used by banks to quickly, securely and accurately send and receive information such as money transfer instructions.
The Customer Security Program
In 2016, a cyber attack successfully stole over $81 million from a Bangladesh central bank by exploiting vulnerabilities to receive SWIFT account credentials.
During this cyber attack, other banks had sent and processed SWIFT fund transfer requests, because the requests were viewed as a trusted source.
In reality, the cyberattackers were in control of the accounts. As a result, SWIFT has created stronger security measures to ensure that banks and other financial institutions were protected.
Also, SWIFT has launched the Customer Security Program. SWIFT made the program to address the exposure and risk of the network between banks. As part of this program, SWIFT member banks are required to meet the minimum-security standards and comply with the KYC Registry Attestation Application.
On SWIFT’s website, the controls are developed based on SWIFT’s management and analysis of cyber threat intelligence and with user feedback and industry experts.
The three objectives are made up of eight principles, 11 advisory controls, and 16 mandatory controls. The member banks are required to comply with the 16 mandatory controls; the 11 advisory controls might be required later.
All SWIFT users must log in the KYC-SA and submit their self-attestation for their live BIC8s by the end of December 2019.
5 Key Initiatives
Here are swift CSP’s top 5 initiatives:
- Improved intelligence sharing
- SWIFT and additional products to have enhanced security features
- Guidance detailing security controls and requirements. And an assurance framework that ensures compliance and enforces standards.
- Implementing transaction pattern detection tools
- Increasing better financial security by promoting more cooperation amongst SWIFT and third parties that connect to its network.
So Why Create a SWIFT Customer Security Program?
According to SWIFT, it’s because they have an important role in “safeguarding and reinforcing the security of the global banking system. But this is also because information security is an important part of what SWIFT does – on the website they talk about:
- SWIFT is a global member-owned cooperative and the world’s main provider secure financial messaging services.
- The provider of secure financial messaging services.
- SWIFT holds over 5 billion messages a year. Reliable, secure, and fast support for businesses around the world.
With that in mind, any breach to the SWIFT network – even if the network hasn’t been breached, has a huge reputational impact on swift CSP’s brand. Since there are no reported breaches in their system, its safe to say SWIFT is a good security resource for large organizations.
When using swift CSP, you’re protecting your organization from potential payment fraud threats. This means that you have to create your system to comply with their standards to ensure that you’re protected. Conclusively, by following their guidelines, you’ll find it easier to operate your financial organization and reduce the chance of experiencing cyber attacks.