SWIFT announced Monday (May 22) that it is setting global customer security standards and boosting its overall transparency on cybersecurity among users of the SWIFT network.
In a press release, SWIFT said in April it published the Customer Security Controls Policy, which lays out the terms in which self-attestations must be submitted. The policy also provides a security baseline for the SWIFT community and describes the procedures governing how access will be granted to view consenting counterparties’ attestations, it said in a press release.
“One of the key principles of the self-attestation process is to create momentum to drive improvements in security and risk management. Soon you will be able to request to view your counterparties’ self-attestations to support your cyber-risk management processes and business decision-making,” said Stephen Gilderdale, head of SWIFT’s Customer Security Program in the release.
According to SWIFT, the Customer Security Controls Policy contains further information on the requirement to self-attest against SWIFT’s mandatory security controls; the process and timelines for submitting self-attestation data to the KYC Registry Security Attestation application; the process for viewing counterparties’ self-attestation data via the KYC Registry Security Attestation application and follow-up actions in cases of late submission and non-compliance.
SWIFT said it strongly urges members to consult the documents and that self-attestations should be submitted via SWIFT’s KYC Registry Security Attestation application, which will be open for the submission and consumption of self-attestation data from July 2017 onwards.