SWIFT CSCF Assessment

The Society for Worldwide Interbank Financial Telecommunications (SWIFT) has put forth a security framework under its Customer Security Program i.e. SWIFT CSP for all of its users to address the growing needs of security and transparency as a community to combat the increase in cyber fraud.

SWIFT's customer security programme (CSP) aims to prevent and detect fraudulent activity through a set of mandatory security controls, community-wide information sharing initiatives and enhanced security features on their products.

SWIFT CSP requires one to submit a self-attestation on an annual basis by 31 December. An independent assessment is required alongside a customers attestations from 31 December 2020 onwards.

There are two forms in which a SWIFT customer can gain an independent assessment 
  • An internal assessment : The internal audit needs to be carried out as per the internal audit function of the customer and independent from the function submitting the attestation.
  • An external assessment : An external audit can be carried out by QRC, an assessment against the CSP controls.

SWIFT’s CSCF V2020 comprises 3 Objectives, 8 Principles & 31 Controls (21 Mandatory & 10 Optional). SWIFT mandatory controls focussed on securing your environment, knowing and limiting access

SWIFT reports all cases of non-compliance and where members have not verified to local regulators. 

In any circumstances, it is necessary to share all relevant information and let SWIFT know there is a problem as soon as possible, in order to protect other organisations in the network.

Customers are required to implement all mandatory controls.However the advisory controls are provided to reduce the attack surface and vulnerabilities, detecting anomalous activity to systems or transaction records, and planning for incident response and information sharing. These controls should be ideally selected after performing risk assessments.

LinkedIn Youtube

We use cookies to enhance your user experience. By continuing to browse, you hereby agree to the use of cookies. To know more; visit our Privacy Policy & Cookies Policy.