Accenture Cyber Compliance for SWIFT CSP

Get fit for SWIFT CSP 2022

Background

Cyber-attacks are becoming more sophisticated all the time, and financial institutions are under enormous pressure to protect their customers and networks from this threat. Recent Accenture research found that there was a 125% year-on-year increase in cyber–attacks in 2021, with banking targeted by 10% of all incidents. Given the rising frequency and sophistication of these attacks, it follows that cyber-crime could be a huge threat to the Society for Worldwide Interbank Financial Telecommunications (SWIFT) system, its more than 12,000 customers, and the processing of the 30 million financial messages which it handles every day.

SWIFT’s new requirements will strengthen the CSP and its vital goal of protecting customers from cyber-attacks.

Key call-outs in CSP 2022

Independent assessments mandatory

SWIFT reserves the right to seek independent external assessment from customers to verify the accuracy of their attestation. A refusal is reportable.

Third-party dependencies

Obtain reasonable reassurances from third parties that outsourced activities and/or externally hosted components comply with security controls.

Changes in controls

There are 32 controls in total: 23 mandatory and 9 advisory, depending on architecture type.

KYC portal’s 'grant all' feature

This improves the operational efficiency of sharing attestation data by allowing data for all pending and new access requests from counterparties.

Compliance by 31 Dec 2022

The deadline is still the end of this year.

Transaction business controls

This control was originally added as advisory only, but due to changes in the payments landscape it has been made mandatory.

Customer environment protection

This new advisory control aims to ensure protection for the ‘customer connector’ and other customer-related equipment.

View All
Image Thumbnail

ACCENTURE BANKING BLOG

The 6 common mistakes banks make in SWIFT CSP
READ MORE

Capabilities

Our Cyber Compliance for SWIFT CSP program helps financial services firms stay compliant. We use assessment tools and adversary simulations to assess how vulnerabilities could be exploited and to determine how to respond effectively in each case.

Flexible approach – basic through to detailed assessments, according to the customer’s needs.

CSP questionnaire and measurements catalogue.

Global team of cyber-security experts with professional certifications.

SWIFT architecture, implementation and product skills covering architectures A1 to B and cloud implementations.

End-to-end knowledge of payment flows, associated risks and industry trends.

Overall implementation recommendations.

View All

How we can help

Accenture can help financial institutions comply with CSP while leveraging our technological and cyber-security expertise and solutions to ensure an additional layer of protection for their revenues and reputations. Our assessment models can be customized to start from a basic assessment of SWIFT CSP controls and progress all the way through to helping with remediation efforts, where necessary.

Our leaders