SWIFT can confirm that our core messaging services, our cloud connectivity services and our customer-installable SWIFT products are not, and never have been, exposed to the OpenSSL vulnerability (CVE-2014-0160). The same applies to all other value added services provided by SWIFT, such as Sanctions Screening, Accord and Euro1/Step1. SWIFT.com, as well as SWIFT internal applications, tools and data, are also fully protected from the vulnerability.
SWIFT has processes in place to monitor and treat security threats, including new vulnerabilities such as the present OpenSSL issue. We remain vigilant and actively assess risks to SWIFT, our services, products and users.