Skip to main content
Header logo

The global provider
of secure financial messaging services

  • English
    Discover SWIFT
  • Español
    Descubra nuestros contenidos en español
  • Français
    Découvrez notre contenu disponible en français
  • 中文
  • 日本語

Independent assessment

All SWIFT users have to attest to their level of compliance with a set of mandatory controls as described in the Customer Security Controls Framework (CSCF).

As documented in the Independent Assessment Framework (IAF), all SWIFT users have to perform a Community Standard Assessment to further enhance the accuracy of their attestations. SWIFT mandates that attestations submitted under CSCFv2020 (i.e. as from mid-2020) are independently assessed through either an external or an internal assessment. The option to self-attest will remain available in 2020 and onwards but will be considered as non-compliant.

If you opt for an external assessment, this has to be performed by an independent external organisation. You must ensure that the assessor has existing cybersecurity assessment experience, and that individual assessors have relevant security industry certification(s). For detailed requirements, see section 5 in the IAF.

Independent Assessment Framework


SWIFT also reserves the right, for a cross-section of users, to mandate that an external assessment be undertaken. These are called SWIFT mandated assessments.


A CSP Assessment Providers directory is available to help you find an external assessor.


Consult the CSP Assessment Providers directory


Log in to CSP applications and portals

Find the dedicated login links to KYC-SA application, Attestation support page and ISAC portal