Deadline to re-attest is 31 December 2019
The deadline to re-attest against the Customer Security Controls Framework (CSCF) v2019 is 31 December 2019, by which time all SWIFT users must self-attest compliance with the mandatory controls set out in the 2019 version of the CSCF.
Once your self-attestation data has been submitted, SWIFT will publish your submission securely, which can then be consulted on by other customers and used in their counterparty risk management processes.
Institutions failing to meet the deadline for re-attestation and compliance will be reported by SWIFT to their respective local supervisors.
The presence of the self-attestation and its validity will be visible to all KYC-SA users, but the contents will not be shared without the owner’s explicit permission.
The KYC Security Attestation (KYC-SA) application for CSCF v2019 became available on 4 July 2019 and customers should attest their level of compliance against this baseline using this tool.* The CSCF v2019 is available here (SWIFT login ID required).
*If you have submitted an attestation (to SWIFT or to your approver) before or on 4 July 2019, then you have attested against CSCF v2018 and must re-attest against v2019 (and the new mandatory controls set out there) before 31 December 2019. You can do so by editing your current attestation; the new version will then automatically be loaded into the tool.
How to check against which version of the CSCF you have attested:
As a submitter/approver, go to the bottom of your attestation and verify the baseline that was used. If it says anything other than ‘Using baseline 2019.x’, then you have not yet attested against v2019.