The Society for Worldwide Interbank Financial Telecommunications (SWIFT) has put forth a security framework under its Customer Security Program i.e. SWIFT CSP for all of its users to address the growing needs of security and transparency as a community to combat the increase in the cyber fraud. SWIFT being the widest international payment network has been suffered from the consequence over the years with the advancement in the technology and hence to combating the growing threat profile, SWIFT has defined a set Objectives, Principles and Controls under its Customer Service Control Framework (CSCF)
Who is SWIFT CSP for?
Any organization that makes use of the Society for Worldwide Inter bank Financial Telecommunication (SWIFT) interbank messaging network needs to comply with the new cybersecurity standards - as well as a related "assurance framework”.
As per the new update, any organization that required to be SWIFT qualified needs to undergo the following steps:
Self-assessment as per the SWIFT Customer Security Controls Framework (CSCF) :
- Annual assessment of local environment against 19 mandatory and 10 advisory controls as per best practices.
Self-attestation as per the SWIFT Customer Security Controls Policy:
- Each user is required to submit a self-attestation of their compliance against the controls defined based on the assessment results before the annual deadline.
The Customer Security Control Framework comprises of 3 Objectives, 8 Principles& 29 Controls ( 19 Mandatory& 10 Optional )
Customer needs to perform assessment as per the defined framework, applicability, &timeframe depending on their architecture type and to be done yearly.
QRC offers hassle free and cost-effective assessment & consulting service for their clients to gain compliance as per the SWIFT guidelines.
As per the guidelines, SWIFT assessments are categorized as
SWIFT Mandatory: Applicable to sample users, to be assessed by externally.
Community Standard: Applicable to all users, can be assessed internally or externally.
QRC’s approach can summarized as into:
SWIFT has implied mandatory yearly attestations for all SWIFT customers, the results of those will be shared to all the partners of the SWIFT community as per the community policy. Complying with the standard CSP framework, the financial institutes can:
Free Security Check for upto 10 ips on first order
30% off from all standard rates on web application scans
Complimentary training programs from industry best trainers