top of page
Banner_1.5x.png

Swift’s Customer Security Programme (CSP) helps financial institutions to ensure their defences against cyberattacks are up to date and effective; and to protect the integrity of the wider financial network. SWIFT users evaluate the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF), before attesting their compliance level annually.

With solid attestation and compliance rates, the CSP reflects a community of highly engaged SWIFT users committed to stopping cyberattacks in their tracks. And, the CSP keeps updated to cope with the ever-evolving cyber threat landscape.

Effective each year as from July, Swift releases an updated version of the CSCF and you need to support your attestation with an independent assessment.

The CSCF security controls are based on three overarching framework objectives, supported by seven security principles. The objectives are the highest level structure for security within the user's environment, whilst the associated principles elaborate on the highest priority focus areas within each objective. The objectives and corresponding principles include the following: 

Diagram 1_1.5x.png

The controls help mitigate specific cyber-security risks that Swift users face due to the cyber-threat landscape. Within each security control, Swift has documented the most common risk drivers that the control is designed to help mitigate. Addressing these risks aims to prevent or minimize undesirable and potentially fraudulent business consequences, such as the following: 

  • Unauthorized sending or modification of financial transactions 

  • Processing of altered or unauthorized Swift inbound transactions (that is, received transactions) 

  • Business conducted with an unauthorized counterparty 

  • Confidentiality breach (of business data, computer systems, or operator details) 

  • Integrity breach (of business data, computer systems, or operator details) 

 

Ultimately, these consequences represent enterprise-level risks, including the following: 
•    Financial Risk 
•    Legal Risk 
•    Regulatory Risk 
•    Reputational Risk

Why IGS?

Proven experience in assessing and auditing SWIFT CSP

  • We have conducted many SWIFT CSP audits and assessments in Hong Kong

 

Local and On-site Assessment

  • Our team locates in Hong Kong and Mainland China. We can provide on-site assessment as per customer’s request

 

HK banking and insurance regulatory assessment 

  • Besides SWIFT CSP assessment, we also conduct HKMA-CRAF and HKIA GL20 assessment. We are focusing on the audits and assessments in financial industry

For more information, feel free to reach out to Mr. Tsang at (852) 7010 6469 or via email.

Industry
Register Now
bottom of page