Stephen Gilderdale, Head of UK, Ireland and Nordics, and Tony Wicks, Head of AML Initiatives, discuss how SWIFT’s Customer Security Programme and financial crime compliance services portfolio are helping members bolster cyber security for themselves, their counterparties and the community.
Stephen Gilderdale (SG): SWIFT launched its Customer Security Programme (CSP) in May 2016 as part of a strategic, community-wide response to evolving cyber security threats and specific cyber incidents affecting member banks. The CSP focuses on three mutually reinforcing areas: 1) the need for you as a SWIFT member institution to secure and protect your own environment; 2) the importance of managing your relationships with your counterparts; and 3) the need for you to share information within the SWIFT community about (potential) threats.
Over the past year we have made strong progress in supporting our members in all three areas. We have made it easier for banks to secure their environments by bolstering cyber protection within our core products; this will continue with new releases of Alliance Access (release 7.2) and AMH (release 3.6). In addition to making logical security more robust, we have developed a Customer Security Controls Framework which is compatible with international standards such as NIST, PCI-DSS and ISO 27002. We have complemented this framework with a Customer Security Controls Policy which applies to all customers.
To help members manage counterpart relationships effectively, we are providing advice around payments best practices and RMA management, for example. The overlap between financial crime compliance and cyber becomes clearer, as Compliance Analytics enables a data-driven, risk-based approach to RMA management and cleanup.
Information sharing is being spearheaded by SWIFT’s new Information Sharing and Analysis Centre (ISAC), a secure portal that shares intelligence bulletins and other cyber-security related information. This initiative is led by SWIFT’s Customer Security Intelligence (CSI) team, which analyzes reported incidents to help customers to protect themselves against similar attacks. The CSI team studies the modus operandi of the attackers, develops indicators of compromise, and provides the information back to the financial community through a security notification service in anonymized form.
How does SWIFT’s financial crime compliance portfolio address fraud?
Tony Wicks (TW): SWIFT’s compliance portfolio is divided into three key areas: Sanctions, Know Your Customer (KYC) and Compliance Analytics, with this latter area being expanded to also include AML and fraud. As part of the CSP, SWIFT has introduced two new fraud solutions. Daily Validation Reports, available now, help smaller financial institutions enhance existing fraud controls by providing an independent daily snapshot of SWIFT transaction activity. Activity reporting allows institutions to verify their payment message activity against SWIFT’s own record – which is critical if customer environments are compromised. Risk reporting allows an institution to focus on changes in activity that may indicate significant payment risks, provides aggregated transaction totals by counterparty, and flags new correspondent relationships.
In 2018 SWIFT will introduce Payment Controls to provide in-network screening of payment messages before they are sent, enabling institutions to identify, investigate, block and prevent fraudulent or out-of-policy payments in real time.
What is SWIFT’s Customer Security Controls Framework?
SG: The Customer Security Controls Framework provides a security baseline in the form of a detailed description of mandatory and advisory customer security controls. To complement this, SWIFT has published a Customer Security Controls Policy which defines how institutions must attest that they meet the baseline requirements. A new Security Attestation application will enable banks to exchange security attestation information with their counterparties in the same way that they already exchange KYC information using The KYC Registry. Banks will be able to upload their attestation information and request to view attestation data from their counterparts starting in July, and must complete the self-attestation process by the end of 2017. This will help our members expand risk-based approaches to the area of cyber risk.
Compliance, cyber security and fraud prevention are at the heart of the payments evolution. What role will SWIFT continue to play in this area?
SG: A multitude of factors, from technology, to new entrants to cyber and compliance concerns are redefining the payments landscape. Banks and their customers have higher expectations in terms of speed, security, trust and transparency. SWIFT will continue to drive and facilitate positive change by providing a secure, global payments infrastructure, supporting effective, efficient compliance, and increasing transparency through our global payments initiative, gpi. SWIFT gpi is revolutionizing the industry by combining real-time payments tracking with the speed and certainty of same-day settlement for international payments. Our solutions around financial crime compliance, fraud prevention, cyber security and gpi are helping banks to keep pace with changing customer service expectations and regulatory requirements while remaining competitive in an ever-changing world. We will continue to work with customers, industry groups and other third parties to address these challenges and help make compliance and cyber risk management a position of strength and a support to good business activities.
Banks and their customers have higher expectations in terms of speed, security, trust and transparency. We will continue to work with customers, industry groups and other third parties to address these challenges and help make compliance and cyber risk management a position of strength and a support to good business activities.
How do anti-fraud and cyber security solutions fit into SWIFT’s compliance services roadmap?
TW: Financial crime compliance and cyber security are cornerstones of SWIFT’s 2020 strategy. Although cyber-related regulation is still in its infancy, we anticipate that it will increase, implying the need to develop standards and best practices that support effectiveness and manage cost and risk. In this context, cyber security is no longer simply an IT question, and institutions are addressing it by integrating and aligning different organisational functions, including operations, security and risk.
SWIFT is uniquely positioned to deliver in-network fraud prevention solutions and enable its customers to leverage their global SWIFT traffic data to monitor and address potential fraud and compliance risks. We are supporting the evolution to a more holistic approach to compliance and cyber risk by developing an interconnected compliance utility platform to deliver sanctions and payment controls alerts, integrate Compliance Analytics data with other utility services such as The KYC Registry, and provide case management to provide a global overview of compliance and risk.
SWIFT is uniquely positioned to deliver in-network fraud prevention solutions. We are developing an interconnected compliance utility platform to deliver sanctions and payment controls alerts, integrate Compliance Analytics data with other utility services such as The KYC Registry, and provide case management to provide a global overview of compliance and risk.
In parallel, customers can act now by learning more about SWIFT’s Customer Security Programme and joining related Customer Security Work Sessions in their region, preparing for self-attestation, and reviewing their approach for fraud detection and prevention, including using Daily Validation Reports if relevant for their business.
“Combatting cyber fraud in correspondent banking” is the title of a recent article by Tony Wicks in ACAMS Today magazine. The piece examines the current cyber context, how to prevent and detect attacks, the importance of establishing a strong cyber security foundation, and practical steps banks can take to protect themselves, their correspondents and the community.
Read the ACAMS Today article in its entirety.