SWIFT Customer Security Programme - Stay trusted within the SWIFT network

SWIFT Customer Security Programme

This publication provides an analysis of SWIFT’s Customer Security Programme, which was updated on May 19.

fintech icons

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) released the Customer Security Controls Policy on May 19 – an update to the organisation’s Customer Security Programme (CSP).

CSP aims to reinforce the security of the entire SWIFT ecosystem by improving the local environment security of each individual SWIFT user.

The Customer Security Controls Policy contains further information when it comes to the roles, responsibilities and process details of the CSP’s customer security attestation and follow-up process.

Our latest publication contains the highlights of the SWIFT update, how should a user comply with the requirements and what are the consequences of non-compliance.

What is the impact?

All organisations, not just financial institutions, that use the SWIFT interbank messaging network must comply with CSP, or face being reported to regulators and other SWIFT users.

Is your organisation ready for the new SWIFT Customer Security Program?

The Society for Worldwide Interbank Financial Telecommunication’s (SWIFT) Customer Security Program (CSP) was established to support SWIFT users against cyber-fraud. SWIFT released cybersecurity standards in March 2017, with enforcement beginning in January 2018.

What is the SWIFT Customer Security Program?

The SWIFT Customer Security Program (CSP) requires each user to self-assess their SWIFT infrastructure against SWIFT’s set of Objectives, Principles and Controls – including 16 mandatory controls and 11 optional “advisory” controls.

Subsequently, users are required to report their compliance status to SWIFT via the self-attestation process based on the self-assessment results.

How can KPMG help?

  • Evaluate your readiness to meet the SWIFT CSP rules and attestation requirements.
  • Implement new controls and remediation of existing controls within your organisation’s SWIFT environment, and to the broader Payment and Wire Transfer Processes if required. 
  • Assessment services to comply with SWIFT’s self-attestation processes.

© 2024 KPMG Huazhen LLP, a People's Republic of China partnership, KPMG Advisory (China) Limited, a limited liability company in Chinese Mainland, KPMG, a Macau (SAR) partnership, and KPMG, a Hong Kong (SAR) partnership, are member firms of the KPMG global organisation of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

The KPMG name and logo are trademarks used under license by the
independent member firms of the KPMG global organisation.

For more detail about the structure of the KPMG global organisation please visit https://kpmg.com/governance.


Connect with us

Stay up to date with what matters to you

Gain access to personalized content based on your interests by signing up today