Approach to SWIFT Security Assessment

Approach to SWIFT Security Assessment

Customer Security Controls Framework for the SWIFT system

Setting the context

SWIFT (Society for Worldwide Interbank Financial Telecommunications) is a vast messaging network used by banks and other financial institutions to quickly, accurately, and securely send and receive information, such as money transfer instructions.

In Vietnam, we have had a vast amount of opportunity in conducting SWIFT system security gap assessment projects for Vietnamese banks. Through this article, we would like to provide you a short introduction about the Customer Security Controls Framework for the SWIFT system, as well as sharing best practices that the client should consider while implementing and securing the SWIFT system according to SWIFT requirements.

Introduction to SWIFT’s Information Security Risk and Controls

The SWIFT Customer Security Controls Framework describes a set of mandatory and advisory security controls for SWIFT users. Mandatory security controls establish a security baseline for the entire community and must be implemented by all users on their local SWIFT infrastructure. SWIFT has chosen to prioritise these mandatory controls to set a realistic goal for near-term, tangible security gain and risk reduction.

Advisory controls are based on good practice that SWIFT recommends users to implement. Over time, mandatory controls may change due to the evolving threat landscape, and some advisory controls may become mandatory.

Click the link below to view our full article.

Tran Phuong Hong

Tran Phuong Hong

IT Assurance & Cybersecurity
KPMG in Vietnam

Share via:


Are you interested in learning more?  

 Browse our library on topics related to Vietnam economy as well as articles related to Thought Leadership and Technical Updates

 Alternatively, you may explore our list of upcoming ONDEMAND training courses.