- Customer’s local SWIFT infrastructure architecture type determination (architectures types: A1, A2, A3, A4 or B);
- Defining a list of SWIFT CSP requirements applicable to the identified type of the Customer’s local SWIFT architecture;
- Collecting information about the processes in which international money transfers are implemented;
- Determining the list of information resources that ensure the operation of these processes;
- Identification of personnel involved in the organization of international money transfer processes, maintenance of information resources and compliance with SWIFT requirements.
About SWIFT CSP
Compliance Control assesses the Customer’s local SWIFT payment infrastructure compliance with SWIFT Customer Security Program (CSP) requirements.
SWIFT Customer Security Controls Framework – CSCF includes mandatory and recommended security control elements for implementation by SWIFT users in their local SWIFT-related environment. Mandatory security control elements establish common baseline security for the SWIFT community and must be implemented by all users, including those connecting through a service bureau or provider. The required and recommended control elements list is regularly reviewed to reflect the changing threat landscape.
SWIFT users must confirm their compliance level with mandatory control elements, applicable to their SWIFT connectivity architecture type within CSCF. The attestation results must be submitted and published on the KYC-SA portal (Know Your Customer – Security Attestation).
Compliance Control specialists have got best practices in assessing compliance with the SWIFT Customer Security Program requirements.
The Compliance Control team is composed of certified SWIFT experts in the field of Customer Security Program (CSP) assessment. They have the official right to conduct external infrastructure security assessments according to the requirements of the SWIFT CSP program.
Customers get an additional advice to avoid possible mistakes within SWIFT Customer Security Program requirements implementation and to approach the submitting reports stage to SWIFT with confidence in the maximum possible objective assessment.
Contact us
For a consultation relatively compliance with the SWIFT program requirements and we will contact you within 30 minutes.
Project stages
1
For a consultation relatively compliance with the SWIFT program requirements and we will contact you within 30 minutes.
2
Cybersecurity system compliance assessment with the SWIFT Customer Security Program requirements:
- Customer’s internal organizational and technological documents analysis, related to cybersecurity and compliance with SWIFT CSP program requirements;
- Assessment of the Customer’s cybersecurity processes and procedures compliance degree with mandatory and recommended SWIFT CSCF security controls requirements.
3
Reporting documentation and recommendations development for bringing the cybersecurity system into compliance with SWIFT CSP requirements.
Project results
The reports on the identified cybersecurity measures and the existing cybersecurity system assessment for the local SWIFT infrastructure will be prepared in the official SWIFT templates format on the current audit results basis:
- CSCF Assessment Template for Mandatory Controls;
- CSCF Assessment Template for Advisory Controls;
- Completion Letter to be submitted to SWIFT and reporting information publication on SWIFT KYC Registry portal;
- Internal report.
