In a significant new measure to tackle increasing cyber threats, SWIFT today announced a new customer security programme - a dedicated initiative to reinforce and evolve the security of global banking, consolidating and building upon existing SWIFT and industry efforts.
SWIFT has recently shared information with its global community regarding a number of fraudulent payment cases that occurred in customers’ local environments. SWIFT’s network, software and services have not been compromised; each case occurred after a customer suffered a series of security breaches within their locally managed infrastructure.
While SWIFT customers have individual responsibility for the security of their environments, we are fully committed to deploying SWIFT’s knowledge and expertise to help customers in the fight against cyber-attacks. As an industry owned cooperative with 11,000 customers worldwide, the security of the global banking ecosystem is our top priority, and we have a leading role to play in reinforcing and safeguarding its security.
SWIFT’s customer security programme will clearly define an operational and security baseline that customers must meet to protect the processing and handling of their SWIFT transactions. SWIFT will also continue to enhance its own products and services to provide customers with additional protection and detection mechanisms, and in turn help customers to meet these baselines.
The programme will focus on five mutually reinforcing strategic initiatives:
Improve information sharing amongst the global community. We will require more information from our customers, and share relevant information back with the community. We will keep our community informed of customer incidents related to SWIFT infrastructure (to the extent made known to us) as well as provide information on best practices and innovation in cyber defence.
Enhance SWIFT related tools for customers. We will further strengthen security requirements for customer-managed software to better protect local environments. At the same time we will continue our efforts to harden SWIFT-provided products. For example, our interface products support two-factor authentication, but we will further expand this and add additional tools. We will also increase remote monitoring capabilities of customer environments. Our approach will be segmented and tailored to cater for the diversity in our customers: global transactions banks, regional and midsize banks, small local banks in advanced as well as emerging economies, market infrastructures, service bureaus, corporates, and investment managers amongst others.
Enhance guidelines and provide audit frameworks. We will further enhance security and operational baselines, and develop related audit standards and certification processes for the secure management of SWIFT messages at customer sites. We will look into if and how customers’ compliance to these baselines can be made transparent to, and enforced by, counterparties, regulators and ourselves. Again our approach here will be segmented to reflect the diversity of our customer base.
Support increased payment patterns control. We will share best practices for fraud detection at the receiving bank, and will explore the feasibility of tools that would detect anomalies on our own network, for example as an ‘opt-in’ service to our customers. We will also explore tools to allow customers to quickly recall fraudulent payment messages, allowing ‘stop payment’ information or enquiries/alerts to reach the right people in a timely manner.
Enhance support by third party providers. A structural enhancement of our customers’ security, as outlined above, requires the extensive support of third party providers: security software and hardware, consulting and training, implementation services, providers of fraud detection solutions, interface vendors, service bureaus, auditors and others. We will help to foster such a secure ecosystem; for example through partner programs, organisation of industry events where such providers can engage with our customers (e.g. Sibos and regional conferences), certification programs and other measures.
Implementation will be phased, with an immediate focus on:
- Communication between SWIFT customers, as well as between SWIFT and its customers
- Cooperation with, and facilitating of information sharing among overseers, banks, law enforcement and cyber-security firms
- Performing forensic analysis on products and services related to SWIFT connectivity at affected banks, so that other users can protect themselves.
To complement the efforts of our customers, we are also continuing to focus and invest in a number of key programs aimed at protecting our own operational environment. In the spirit of cooperation and intelligence sharing outlined above, we also remind SWIFT customers of their obligation to inform SWIFT of any suspected fraudulent use of their institution’s SWIFT infrastructure - and to share findings of any internal investigations into such matters with SWIFT (*).
The security of global banking can only be ensured through a collaborative approach between SWIFT, its customers, overseers, and third party suppliers. We are fully committed to doing everything we can to help keep global banking safe.
To this end, we will work in close partnership with the banking community, and different user segments, on the design and roll-out of this programme. In the weeks and months ahead, we will engage via SWIFT National Member Groups, establish focus groups on the design of the initiatives, and work with customers on best practices for cyber-intelligence sharing. We also plan to offer webinar sessions in each region for customers and will be seeking feedback via a global customer survey. A detailed update on the programme will be made at Sibos, Geneva in September.