The KYC Registry Security Attestation Application

Driving cyber security improvements and transparency across the SWIFT community

Customer security attestation timeline

What are my obligations?

All SWIFT users must submit a self-attestation confirming their level of compliance with SWIFT’s mandatory customer security controls.

  • July 2017: The KYC Registry Security Attestation application is available for data submission and data sharing.
  • End December 2017: All users must have submitted their self-attestation by no later than end December 2017, and self-attest at least annually thereafter.

What happens if I fail to submit a self-attestation?

SWIFT reserves the right to report the names and BIC of users that fail to comply with the attestation process by the relevant deadlines to their supervisory body, or (in the case of users that are not supervised) to their messaging counterparties.

  • From January 2018: SWIFT reserves the right to report users that have not submitted a self-attestation on time. 
  • From January 2019: SWIFT reserves the right to report users that have not self-attested compliance with all mandatory security controls (or that connect through a non-compliant service provider). 

What is the attestation timeline?

KYC SAA

  • 31st  March, 2017: Publication of the SWIFT Customer Security Controls Framework
  • 22nd May, 2017: Publication of the SWIFT Customer Security Controls Policy
  • July 2017, The KYC Registry Security Attestation Application is available for data submission and consumption
  • By the end of December 2017, all users must have submitted their self-attestation on time
  • As of Jan, 2018: SWIFT reserves the right to report users that have not submitted a self-attestation
  • As of Jan, 2019: SWIFT reserves the right to report users that have not self-attested compliance with all mandatory security controls (or that connect through a non-compliant service provider)

What should I do next?

Please join the KYC Registry Security Attestation Application upon receipt of the welcome email that will be sent to all swift.com administrators, and submit your self-attestation as soon as practicable. You can find details of the process to be followed here: The SWIFT Customer Security Controls Policy.

.

CSP

Customer Security Programme (CSP)

Reinforcing the security of the global banking system

News

SWIFT publishes new Customer Security Controls Policy

Enhancing security; increasing transparency
SWIFTSMART

SWIFTSmart SWIFT Customer Security Controls Policy

Get started with your security attestation and follow-up process, using the KYC Registry Security Attestation Application.

mySWIFT

Quick start information and step-by-step guidance on how to submit and consume attestation data.