23 to 25 November 2016
Berlin, Germany

SWIFT Operations Forum Europe 2016

Cyber security and innovation take centre stage at SOFE 2016

Peter DemetsenaereAddressing over 350 participants from 36 countries to the SWIFT Operations Forum Europe 2016 (SOFE) in Berlin, Peter Demetsenaere, Head of EMEA Customer Support, SWIFT, welcomed delegates, thanked the sponsors and exhibitors for their support and introduced the three day programme for the event. In response to requests for even more operational and technical content at SOFE, this year’s packed agenda featured 64 work sessions on 22 different topics. “With cyber security high on the agenda and our Customer Security programme now well underway, you will see that we have a number of work sessions dedicated to this topic,” he said. Operating under the theme “Operations, Collaboration, Excellence', De Metsenaere explained that operational excellence is a key differentiator for banks as they grapple with powerful disruptive forces, including cyber threats, new technologies and new entrants.

Following Demetsenaere’s welcome remarks, Gottfried Leibbrandt, Chief Executive Officer, SWIFT also spoke about the importance of security in the wake of a series of successful cyber attacks on Swift member banks. Leibbrandt said SWIFT "continues to see cases where criminals invade banking systems and obtain credentials" and that it is “no coincidence that we are seeing the emergence of cyber threats at the same time as we are seeing tremendous technology change.” To help the financial industry rise to the cyber security challenge, SWIFT has launched the Customer Security Programme. The programme sets out a package of proposals aimed at increasing industry's defences, from trigger alerts in interface devices, to mandatory self-assessment programmes and random security audits, alongside the proposed delivery of Daily Validation Reports based on SWIFT’s records of customers' messages. Leibbrandt explained that feedback from self-assessment procedures and the introduction of common-sense security measures such as two-factor authentication and virus protection should constitute the “basic hygiene” for the industry, which coupled with an industry-wide information sharing programme should steer things in the right direction. "This is an industry challenge that we all have to deal with. It will be a multi-year effort," he stated.

Read the full report:

SOFE 2016
Last update: 
19 December 2016

SOFE 2016 wrap-up report

Cyber security and innovation take centre stage at SOFE 2016
PDF iconDownload (587.31 KB)
  • Events



SOFE in the press - Finextra


The cyber security theme continued throughout the conference, with James Lyne, global head of security research at Sophos opening Thursday morning with a keynote address on the latest trends in hacking and exploitation. A self-professed "massive geek", Lyne spends his time conducting penetration tests of business computer systems to look for loopholes in IT security. He explained, with examples, how easy it can be for hackers to gain access to banks’ systems using social engineering techniques and how high collaboration is amongst cyber criminals. With 350,000 new pieces of malware being released every day and a very active market place for all things cyber crime related on the Dark Web, the levels of sophistication and organisation of cyber criminals have never been higher. Lyne also commented on the low level of security deployed for devices connected to the Internet of Things, but stressed that the most common breaches take advantage of basic operational failings and that it is essential that institutions implement basic security practices, constantly work on security awareness training and fine tune their incident response processes.

The innovation plenary on Thursday afternoon saw former Level39 head Eric van der Kleij talk about the potential of blockchain, or distributed ledger technology (DLT). His consultancy DV2C was most recently involved in mentoring startups and corporate partners for the Swiss Kickstart Accelerator, an initiative of DigitalSwitzerland which saw six of the 30 small firms selected walk away with engagements for proof-of-concept trials from the likes of UBS, Credit Suisse, Swisscom and Raiffeisen Switzerland. He explained how far things have come since the days when fintech start-ups were viewed as intruders that were trying to cannibalise the business of banks, and the crucial role that fintech incubators such as Level39 have played in achieving a far more collaborative relationship between banks and fintech companies. Van der Kleij also praised SWIFT's involvement in the Hyperledger open source blockchain initiative and its own internal programmes to explore the application of distributed ledger technology for member banks.

SOFE 2016 ended where it began, with a panel discussion on the ability of the world's banks to combat an escalating cyber threat. The session was moderated by Leo Punt, Head of EMEA Services and Support, SWIFT, and featured contributions from Miriam Sinn, Senior Oversight Expert at Deutsche Bundesbank, Stephen Gilderdale, Head of SWIFT’s Customer Security Programme, and SWIFT’s Chief Operations Officer Marcel Bronmans. To kick things off, Punt asked the audience of whether they considered cyber threats as one of the top concerns for the financial industry. In a digi-vote, a resounding 86% said yes. Sinn said the most worrying aspect from an oversight perspective was that many institutions hadn't "internalised" their threat defences. "It's a question and culture change that has to be addressed throughout the institution from top to bottom and across all departments," she said. For Bronmans, it was a question of "not if, but when you will be hacked".

"We see a different level of readiness of how to deal with a breach or even where to begin to start. This is particularly worrying because each bank operates in an ecosystem where everything is connected.” All panellists agreed that the industry is facing a multi-year threat, in a rapidly evolving technology landscape, that requires banks to adopt a continuously evolving approach to security.

Gilderdale explained the part that SWIFT is playing in helping the industry address the threat. He delineated the key components of the Customer Security programme and, as a number of others had done before him, stressed the importance of information sharing across the SWIFT community.

In his closing remarks, Demetsenaere reflected on the key takeaways from the three days spent together and thanked all participants for their contribution to the success of the conference.

Work session summaries


  • Work sessions

Work sessions are a key feature of SOFE and offer a wealth of information about the latest and upcoming developments in SWIFT’s products and services.

We increased the number of work sessions at SOFE once again this year to make sure that we covered as many topics as possible and offered something on the agenda for everyone. We hope that you found the information that you were looking for and were able to share your feedback wherever you wanted to. Thank you for your participation!

  • New offering for banks: Watch Banking Analytics Premium 

SWIFT’s Business Intelligence (BI) continues to widen its scope to support operational efficiency, business development and regulatory reporting across multiple market segments.

During our session at SOFE, we covered the full Watch portfolio with a deep dive on our new offering ‘Watch Banking Analytics Premium’ and how this new tool can be leveraged to support business development and operational efficiency. We also covered the enhanced functionalities available in the Watch tools including new interactive visual dashboards.

During and after our session we had several discussions on how SWIFT’s data available in the Watch tools can enhance operational efficiency and support network management. We were also pleased to capture some ideas to shape the future of BI products and services.

  • The SWIFT global payments innovation (gpi) initiative

With the global payments innovation initiative, SWIFT is setting a new standard in cross-border payments. Announced in December 2015, over 85 of the largest transaction banks have signed up. They will provide their customers with same day value of funds, transparency of fees, and end-to-end payments tracking similar to international parcel shipping companies. Transforming their words into action, 15 of the initiative member banks - representing more than 30 percent of cross-border payments – have already upgraded their systems and successfully tested the design and core functions of SWIFT gpi. In addition, there is a vision and pragmatic roadmap to digitally transform cross-border payments.  In this session, in collaboration with some of the gpi member banks, we explained why your bank cannot miss out on this game-changing initiative.

  • Discover R&D@SWIFT: Distributed Ledger Technology

This very popular session gave you the opportunity to learn more about SWIFT’s latest R&D activities around distributed ledger technology. We also showed you the latest proofs of concept developed in the SWIFTLab.

  • Operational dashboards and Business Intelligence services – are you getting what you need?

The BI Services session focused primarily on Operational Dashboards and RMA analysis. We had around 60 participants in total, with good interaction and questions from the audience. We also had the opportunity to meet with our customers and introduce them to  new features and services. The sessions were attended by delegates from banks of all sizes and we were very pleased to be able to reach a new audience that does not use SWIFT BI yet. We captured some ideas to shape the future of BI products/services and enhance our capabilities, especially from an operational angle as well. It was great to share some concrete case studies of what SWIFT BI can provide in terms of Consulting Services, focusing on Operational and Corporates Business development dashboards, Peer benchmarking and RMA analysis.

  • Why financial institutions need an ISO20022 implementation strategy now

The workshop focused on three main considerations for Financial Institutions implementing ISO20022:

  • What is happening across the world in ISO20022 terms
  • How SWIFT is helping the global industry harmonise the use of ISO20022
  • Which factors may be taken into consideration to create an ISO20022 adoption strategy, or to complement an existing one.

As result of the session, participants gained a broader appreciation of the industry’s journey towards ISO20022 adoption, how global groups like HVPS+ are working together to create global industry standards, and common principals. Tools such as Alliance Message Hub and MyStandards continue to support the community, as ISO20022 becomes more common standard within the payments industry.

  • Regain control of your standards management with MyStandards 

MyStandards provides a golden source of Standards information and comprises smart functionalities, such as the version comparison, to improve your Standards Release management process. In this session, we explained how his industry-wide collaborative platform can help you in customer-facing situations (onboarding, documentation, support), internal implementation projects (integration, implementation and testing) and day-to-day operations (repairs).

As of this year, you can subscribe to a dedicated MT Standards Release Portal, to test compliance of your actual messages. All of this will bring efficiency; you will save time and effort in your end-to-end maintenance process. Register on Mystandards.swift.com and stay up to date with the latest Standards Release information and much more!

  • Mandatory Migrations Alliance 7.2, SNL/Gateway 7.0.50

The intention of this session was raise customer awareness around the two planned mandatory release upgrades (SAG 7.0.50 / SWP 7.0.70 and Release 7.2) and the SWIFT’s Updated Release Policy. The first part of the session focused on the security enhancements implemented in SAG 7.0.50 / SWP 7.0.70 and the reason why the release became mandatory by the end of quarter one 2017.

For the Release 7.2 overview, the main focus was to explain the impact of this release on customers’ infrastructure and the workload this release upgrade will generate within the 15 months available upgrade window. We also gave a brief overview of the implementation services offered by SWIFT for Release 7.2 to make customers aware of the fact that they can reach out to SWIFT for assistance during the upgrade process.

The last part of the session covered the changes in the SWIFT’s upgrade policy, highlighting the two year lifecycle and one years migration time frame of new releases. The new quarterly security release (without functional update) cycle process was introduced and we explained how this fits into the two year life cycle of every release.

Feedback received during the sessions

SAG 7.0.50 / SWP 7.0.70

  • Customers understood the reason of this new release once we had explained the different security updates that it includes
  • Some customers questioned the short migration period, but in general all customers understood the rationale behind it and what SWIFT is trying to achieve for the coimmunity
  • To avoid locked user after the upgrade, customers were advised to bring the current implemented security setting in line with the new setting which is enforced at installation time. Some questions were raised on the technical aspect, but in general this advice was well perceived.
  • A remark was made that SWIFT should create their own TOTP code generator tool as most freely available tools are not supported in the banks.

Release 7.2

  • There were no questions about the rationale for this release
  • Multiple customers questioned the readiness of the third party software providers. SWIFT’s answer was that earlier this year all specifications were provided, multiple information sessions were conducted and two months before the GA release ITB will be made available for End to End testing. Customers were advised to contact their providers for release timelines of their products.
  • More customers than we expected highlighted that they will move towards a new Operating System (mainly from Solaris to Linux). As a result SWIFT will pay more attention (possible automation) to the migration tools and internal SWIFT processes to support these OS migrations.
  • AIX users showed their dissatisfaction on the enforced migration path (which is common for all Operating Systems) as AIX provides a direct Operating Systems upgrade migration path. This in contrast with all other Operating Systems providers, which don’t support an upgrade path to SWIFT’s mandatory versions and only a fresh install on another host is possible.
  • A lack of Release 7.2 hardware requirements makes budgeting difficult and SWIFT’s high level recommendation is seen as insufficient.
  • On general request of the customers SWIFT will release “Draft” tagged documentation +/- two months before GA release date. 

Updated Release Policy

  • After having explained the impact of the new policy no real concerns were raised
  • The new possible quarterly security updates (without functional enhancements) are not questioned by the customers.


  • Financial Crime Compliance: What’s new?

The SWIFT Financial Crime Compliance portfolio of products and services is growing. We have just introduced our Payment Data Quality Module which will help you check the compliance of your payment messages with the FATF 16 recommendation.

We are also about to launch our Name Screening Service (NSS) to complement our very successful Sanctions Screening Service. In this work session, we presented each of these new initiatives and answered your questions.

  • BCBS248: what is the status and how can SWIFT help?

The core of the presentation was to highlight the main drivers behind intraday liquidity, the main challenges institutions are facing while implementing the regulatory metrics and how they can be addressed. Banks can leverage new SWIFT offerings, such as SWIFT Scope for ILR, GPI to build not only the reporting capabilities but also manage their intraday risk more efficiently. SWIFT’s vision was presented to the audience to demonstrate SWIFT’s true leadership and ability to innovate in the correspondent banking space.

  • The KYC Registry and SWIFTRef: Manage your correspondent network in compliance with KYC requirements

Users appreciated the organisation of a combined session on SWIFTRef & The KYC Registry. We found that customers were mainly interested in the product roadmaps for our solutions and they confirmed that the interlinkage between Bankers World Online and the KYC Registry is a good step. As The KYC Registry was new to most of the attendees it was certainly worthwhile to provide a very practical demo on how it works. For next  year we will investigate the possibility of also integrating our sanctions solutions, so that we can deliver a good overview of the roadmaps for SWIFTRef, KYC and Sanctions.

  • Securing your locally hosted SWIFT infrastructure in line with SWIFT’s security standards

SWIFT’s Customer Security Programme (CSP) – a dedicated programme to support customers in reinforcing the security of their SWIFT-related infrastructure - has now been up and running for over six months and significant progress has been made on several aspects of the Programme.

The CSP is articulated around 3 mutually reinforcing areas. Customers will first need to protect and secure their local environment (You), it is then about preventing and detecting fraud in their commercial relationships (Your counterparts) and continuously share information and prepare against future cyber threats (Your community).

A fundamental key message of the CSP is for customers to secure their own local environments, including the physical set-up of their local SWIFT-related infrastructure and to put in place the right people, policies and practices, to avoid cyber-related fraud. In support of this effort, SWIFT introduced a set of core security controls (16 mandatory and 11 advisory) that all customers must meet to secure their local SWIFT-related infrastructure. A two-month period of customer validation on the controls is now open, and feedback is being gathered via National Member and User Groups worldwide via a dedicated questionnaire. The closing date for feedback is December 31 2016.

For documentation on the SWIFT Security Controls Framework see KB tip 5020786. 

SWIFT will require customers to provide detailed self-attestation against the mandatory controls on an annual basis, starting in the second quarter of 2017.  As of 2018, this self-attestation process will be complemented by sampled inspections by customers’ internal or external auditors to verify quality of the responses. 

SWIFT will provide a tool for its users to securely share self-attestation and audit results with their counterparties, as they deem appropriate.

  • Cyber-attacks on customers’ systems – what happened and what can we learn from the attacks?

In this interactive session, we shared the different ways cyber criminals have tried to compromise the infrastructure connecting to SWIFT with the intent to exchange fraudulent transactions. The objective was to explain how different actors set up the attacks and how you can better protect yourself. We also provided details on the Modus Operandi and different TTPs (Tactics, Techniques and Procedures) used in different attacks on financial institutions that have been investigated by the SWIFT Security Operations teams.

  • Efficiency as a Service (EaaS) – the SWIFT Community cloud

In this session, we covered the various solutions offered with the SWIFT Community Cloud i.e. Alliance Lite2, Alliance Remote Gateway, Alliance Lifeline and Alliance Lite2 for Business Applications.

The audience was mainly interested in getting a better understanding of the various options and disaster recovery scenario covered by Alliance Lifeline as well as getting clarification on the main benefits of Alliance Remote Gateway compared to a full on-premises infrastructure. To know more about the offering: swift-community-cloud   

  • Alliance Interfaces 2017 – 2018 Roadmap                                                                 

In this session, our product managers walked you through the updates for Alliance Interfaces for 2017-2018. They also explained how SWIFT will adapt to the changing world of security updates, and show the recent two-factor authentication evolution.

  • Alliance Messaging Hub: Future capabilities

This session highlighted the important benefits that AMH can bring you, walked you through future developments, and explained how we are adapting to the changing world of security.

Between 20-30 people present in all 3 sessions on the direction for and future capabilities of AMH. There was good interaction on the individual points raised, mostly from the growing number of people that are now AMH customers.

  • ERROR 404: Future Not Found

The first session focused on Operational Health. Various solutions to provide continuous visibility on Operational Health were presented. Participants brainstormed and voted on value points that SWIFT should focus on. Top new identified features include the detection of risky user profiles  and increased visibility on business flows.

The second session covered two topics: notifications and mySWIFT. Participants learned about SWIFT’s plans to enhance both, and were able to review and discuss our first mock-ups. The key features they wanted to see were mostly around personalisation and transparency.

The third session explored the idea of subject pages which would work like a landing page to collect resources and content about a specific subject to provide quick and easy access to the relevant information. The participants suggested subjects pages for “New Releases”, specific products, themes like “security”, services like “Target”, or messaging services like “FileAct”.

The fourth session summarised the findings from the other sessions, and participants were given an opportunity to vote on the features of operational health, notification, and mySWIFT, and the subject that would bring them the most value.

  • Supporting your project implementations through SWIFT Integration products and services

During the session “Supporting your project implementations through SWIFT Integration products and services”, an outline was provided on SWIFT’s comprehensive integration product portfolio and how these products are complemented by services to form a tailored end-to-end solution. A highlight was the case study from Rabobank regarding a recent project in the area of compliance. The session supported an open dialogue between attendees, who exchanged information on the typical challenges faced by their respective institutions.

  • SWIFTSmart – a new eLearning experience for everyone

SWIFTSmart was high on the agenda with about 90 participants in the sessions and many more using self-demo in the SWIFTLab. As registrations to the SWIFTSmart platform continued to pile up during the event (we reached the mark of 1000 SWIFTSmart users during SOFE, less than 2 weeks after the launch), customers were able to grasp all the benefits of this new delivery channel for Training. Through our interactive sessions, they also raised points about the challenges for rolling it out globally in their institution, mainly related to access management and restricted knowledge. You can easily spread the word to your colleagues by sharing this 1-minute video: Online learning with SWIFTSmart . Finally, do not forget that SWIFTSmart is already open to all users - you can join the learning community on https://swiftsmart.swift.com.

  • SWIFT Support Services: towards more value for more customers        

Where would you invest your $WIFTcoins? In this interactive session, participants spent their ‘money’ on the service offerings which added the most value to their organizations.

SWIFT is embarking on the journey to reshape its current Customer Support offerings to better serve our increasing and diverse customer base. This session offered valuable insights and allowed us to collect constructive feedback from customers on how to streamline value propositions of our portfolio, address evolving market needs, and bring a greater customer experience through a combination of self and assisted support.

  • Shared Infrastructure Program (SIP) – What’s in it for you?

This session explained:

  • The objectives of the programme
  • The requirements service bureaux need to comply with the get SIP certified
  • The methods used to assess this compliance
  • The current state SIP certification status of  the service bureau ‘population’
  • SIP evolution beyond 2016
  • The link with the Customer Security Progamme ( CSP)

Given the important role of service bureaux in connecting customers to SWIFT, the objective of SIP is to mitigate legal, financial and operational risk in the service bureau model.

The session covered the rationale behind the SIP requirements in each control domain. 

The current state of affairs is that 75% of all service bureaux have been certified against the first release of SIP requirements. More than 700 SIP deviations have bene identified and addressed. As of April 2016, a new SIP release (i.e. SIPv2 ) has become effective in response to the increasing scale and sophistication of cyber security threats.

In 2017 all service bureaux will be assessed against SIPv2 and need to meet the SIPv2 requirements of that year. As of 2018, SIP will be fully aligned with CSP.  We have compared both programmes and have highlighted the complementarity of SIP and CSP.

Networking activities


  • Welcome cocktail

Networking is a key component of SOFE and one of your favourite aspects of the event. In addition to the networking time during the coffee breaks and lunches, we also offer opportunities for delegates to spend time together in the evenings, all whilst leaving room for spare time. The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners. Our thanks go to the partners for their participation and support, and to all delegates for making the most of this networking opportunity.

  • Off-site dinner

This year’s off-site dinner took place at the Museum for Communication in Köthener Strasse. The building opened its doors back in 1898 and was known in its early days as the Imperial Post Museum.  We were welcomed at the restaurant following a brief bus ride, and spent the first part of the evening networking over drinks and visiting the museum. Following a welcome speech by one of the museum curators and Christian Kothe, Head of Central & Eastern Europe, SWIFT, we took our places at the tables and continued our evening over dinner, sharing many a story and anecdote and building lasting business connections for the years to come.

And last but not least...

Our thanks go to each and every one of you for your active participation in this year’s SWIFT Operations Forum Europe. We hope that you all had an engaging, thought-provoking, productive, informative and highly collaborative SOFE. As always, should you have any questions about or suggestions for next year’s event, please do not hesitate to contact your account manager or customer support. We look forward to working with you in 2017!


Silver sponsor



Media Partner

Other SWIFT events

22 October 2019

SWIFT Business Forum Madrid 2019

5 to 6 November 2019

SWIFT Regional Conference: Turkey & Middle East

Turkey & Middle East will bring together more than 250 policy makers, industry leaders, regulators and financial experts from across this diverse region in Istanbul to do business and shape the future of the financial industry.


Premium Services Forum


1 min view
26 November 2019

SWIFT Premium Services Forum Europe 2019


SWIFT Insights

  • Discover the latest trends in financial services
  • Keep up with our news updates
  • Read thought-provoking industry reports
  • Explore global events and webinars
Read more