In the wake of the $81 million Bangladesh Bank hack, Swift is prepping a new tool designed to help banks pick up on fraudulent transfers by sending them daily reports of their payment message flows.
The Daily Validation Reports, to be offered to clients from December, will be based on Swift's records of customers' messages, providing an independent means of verifying messaging activity and spotting unusual patterns and fraud attempts and boosting the chances of cancelling bad transfers.
The reports will be provided "out of band", through a separate channel, so that firms will have access to independently sourced information even if their own systems or staff have been compromised, says Swift.
The new service comes as a response to a host of cyberattacks on Swift members. In the Bangladesh Bank hack, crooks deleted records of fraudulent Swift messages sent from the bank's terminals, meaning that the theft took days to discover.
Stephen Gilderdale head, customer security programme, Swift, says: "A key step in the modus operandi in recent wire fraud cases at customer firms involves the attackers concealing their fraudulent messaging activity on customers’ local systems. Smaller institutions, in particular, are currently dependent on the accuracy of the data on their own systems, but in the event of a security breach, their locally stored payment and reconciliation data may be altered or unavailable.
"Daily Validation Reports will provide a reliable and independent source of information, providing such institutions with an activity lens to help them quickly detect fraud - whether perpetrated by external attackers or by malicious insiders."