Skip to main content
  • English
    Discover SWIFT
  • Español
    Descubra nuestros contenidos en español
  • Français
    Découvrez notre contenu disponible en français
  • 中文
    了解我们提供的中文内容
  • 日本語
    日本で入手可能なコンテンツをお探しください
This content is not available in the selected language

Attest to increase community transparency

Submit an attestation annually

All users have to attest before the expiry date of the current controls version, confirming full compliance with the mandatory security controls no later than 31 December, and must re-attest at least annually thereafter.

Re-attestation has to be done between July and December each year. New joiners need to attest before going live on the Swift network.

Security Attestations have to be submitted via the KYC-Security Attestation application (KYC-SA). A new version of the controls becomes available in the application each year in early July.

A detailed description of the security attestation process and requirements is available in the Swift Customer Security Controls Policy.

What happens if I don’t submit my attestation?

Swift reserves the right to report users that have not attested compliance with all mandatory security controls (or that connect through a non-compliant service provider) to their local supervisors.

You are in breach of the policy if:

  • you don’t have a valid attestation: you either did not submit an attestation, or your attestation is expired
  • you are not compliant with the mandatory controls
  • you connect through a non-compliant service provider
  • you did not complete a Swift mandated external assessment

Guidance on the process

The Security Attestation support page on MySwift provides guidance on how to get started, understand the security controls, assess the impact for your institution, and use the KYC-SA.

The Security Attestation support page provides easy access to the relevant information, how-to videos, training, documentation, and frequently asked questions. We recommend checking that your swift.com password is still valid to continue using the KYC-SA.
 

Independent assessment

 

If you need support to implement the controls, a cyber security service providers (CSSP) directory is available.

 

Consult CSSP Directory

 

Log in to the CSP applications and portals

Find the dedicated login links to KYC-SA application, Attestation support page and ISAC portal

Loading...