Attest Your Level Of Compliance As a Swift User
SWIFT (Society for Worldwide Interbank Financial Telecommunications) is a globally recognised cooperative that provides a secure platform for financial institutions to exchange sensitive information and facilitate transactions.
Requirements for All Swift Users
The users of the Swift network are subject to the Customer Security Programme (CSP), which is an initiative that aims to bolster the security baselines of the entire financial ecosystem and safeguard the broader financial network. As part of the CSP, all SWIFT users are required to attest their level of compliance with the Customer Security Controls Framework (CSCF), designed to protect the confidentiality, integrity and availability of financial messages.
Customer Security Controls Framework (CSCF)
The Swift CSCF is composed of mandatory and advisory security controls, where every Swift users has to submit an annual Security Attestation, showing compliance levels with the controls.
Depending on the architecture level of the organisation, ranging from A1, A2, A3, A4 to B, the number of applicable controls will differ. This is based on the systems components involved, in addition to the organisational aspects (eg: the company or the involvement of third-party) within the perimeter which requires different application of security controls (secure zone).
Annual Security Attestation Period- 1st July to 31st December
Every year, all Swift Users have to attest their level of compliance with the mandatory controls, via the KYC-Security Attestation application (KYC-SA).
The attestations submitted must be supported by an independent assessment which can be conducted either by an internal or/and external assessor, to ensure the accuracy of the attestations. While the option to self-assess remains available, it is considered as non-compliant.
How Privasec Can Help
At Privasec, we can assist your organisation with the preparation of the necessary documentation and conduct an external independent assessment to validate your compliance with the CSCF.
A Team Of Highly Qualified Professional
Our team of highly experienced consultants posses relevant industry-recognised certifications such as PCI Quality Security Assessor (QSA), CISSP, CISA, CISM, CRISC and ISO 27001 Lead Auditor.
Registered Service Provider
Privasec, A Sekuro Company is a registered provider listed in the Swift CSP assessment providers directory.
Start your Security Attestation Now
Demonstrate your level of compliance with CSCF with Privasec.