A new imperative: the evolving SWIFT Customer Security Programme

05 April 2019

With cyber crime becoming more sophisticated, and the cyber threat landscape continually evolving, it is not surprising that the SWIFT Customer Security Programme (“CSP”) is expanding. Security standards are of critical importance to the network, and so the introduction of further both mandatory and discretionary controls for the 2019 attestation cycle has been welcomed by many.

But the expansion is now going one step further, with the announcement at Sibos 2018 that independent assurance over the SWIFT CSP attestation will become mandatory from 2020. Either through an accredited member of an internal function or through formal external assurance, the bar for proving compliance will continue to rise, alongside developments to the framework itself.

Regardless of the complexity of your infrastructure, the attestation is required and will be subject to independent assurance. Using a shared service bureau does not reduce the requirement either, with the majority of mandatory controls still in scope, regardless of the use of a third party infrastructure. This combined with the increasing interest from the Bank of England regarding all network members and their response to the CSP, there is a new imperative for both commercial and financial institutions alike to step up and use this as an opportunity to demonstrate their commitment to tackling cyber crime.

Independent external assurance will subject your security processes and controls to a new level of rigour. That rigour, combined with essential peer insights and recommendations for improvement, lends credence to your attestation; and in a form that can be formally shared with your regulators, network peers and other stakeholders. The journey to assurance, through readiness, design effectiveness and finally operating effectiveness, is challenging and cannot be completed overnight. But ultimately it is an invaluable catalyst for confidence.
For further information, please refer to our SWIFT page, or reach out to us on the contact details below.

David Woerndl

David Woerndl | Global SWIFT CSP Lead
Profile | Email | +44 (0)7809 756281

More articles by David Woerndl

Victoria Back

Victoria Back | Director
Profile | Email | +44 (0)7710 033626

More articles by Victoria Back


Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Comments are moderated and will not appear until the author has approved them.