The Society For Worldwide Interbank Financial Telecommunication (SWIFT), the network that enables banks to exchange information about financial transactions, moves trillions of dollars around the world every day.
Security in the messaging service is paramount. Customers must adhere to the SWIFT Customer Security Controls Framework (CSCF), described by SWIFT as “a security baseline for the entire community” – yet the messaging service has become a prime target for sophisticated cyber attackers.
There are three levels of compliance: Self-attestation, internal audit or third-party review.
Dionach are qualified, independent SWIFT Customer Security Programme (CSP) auditors, providing assurance for organisations opting for an external assessment as part of the SWIFT Independent Assessment Framework (IAF).
Since July 2020, all SWIFT users have been required to carry out an independent assessment when self-attesting. As a provider of the SWIFT Partner Programme, Dionach fulfil the requirement of an independent external assessment.
As your chosen auditor, we will help to reduce complexity in the compliance process and relieve the pressure on your internal resources.
Engaging Dionach as an external specialist will not only ensure you meet SWIFT’s mandatory compliance requirements, but also deliver an additional level of assurance in the security of your SWIFT-related infrastructure.
An attestation audit identifies where risk drivers from the SWIFT CSP are, or are not, met. Our clear report meets requirements for SWIFT IAF supporting documents, provides insight and tailored advice on how to address non-conformances to achieve attestation, and guides you through submission of a fully compliant attestation via the SWIFT KYC-SA application.
Your first external assessment may highlight more non-conformances than previously identified by internal assessments or self-attestation. As such, it may be beneficial to undergo a gap audit before an attestation audit.
Dionach’s SWIFT CSP gap audit is an analysis of your organisation’s SWIFT-related infrastructure to understand what you need to do to meet SWIFT’s mandatory compliance requirements. Consultants will interview relevant staff, review your current policies, procedures, and practices, then produce a detailed gap audit report which defines your current compliance levels, highlights any areas that need to be addressed, and provides tailored recommendations to achieve compliance against the SWIFT CSCF controls.