CFT and Expobank to evaluate system compliance with SWIFT security requirements
Center of Financial Technologies and Expobank are implementing a project on attestation of the compliance of the financial institution’s local IT infrastructure with new SWIFT security requirements.
In 2016, SWIFT developed the Customer Security Programme (CSP) in order to increase the level of cyber security of SWIFT customers. Within its framework, all SWIFT customers are required to carry out annual attestation of banking security compliance against 16 controls. These protective measures are aimed at addressing the risk of falsification of financial transactions by intruders and preventing financial losses by banks and their customers.
From January 1, 2018, SWIFT will start reporting to the Bank of Russia on the customers that have not submitted the data on the compliance with mandatory controls, i.e. have not carried out the compliance evaluation of the local infrastructure with the CSP requirements. In addition, starting from January 1, 2019, SWIFT will inform the Regulatory Authority on the users that have not timely completed the annual security attestation procedure.
“CFT has a long-term experience in evaluating the compliance with various cyber security requirements,” says Andrey Visyaschev, Chairman of CFT Board. “Our task as a banking soft developer is to help our partner make the system for transfer of payment information even more secure and eliminate to the fullest the financial and reputational risks.”
“Control of information systems and ongoing monitoring of novelties allow reinforcing the IT infrastructure and providing the highest transaction security. It is important for us and for our customers to have timely and effective business processes,” comments Alexey Sannikov, Chairman of Expobank.
Within the project framework, CFT specialists are carrying out a comprehensive analysis of Expobank’s IT infrastructure security, a review of the bank’s existing IT environment, and an assessment of the customer part of the SWIFT infrastructure installed at the bank, within the SWIFT Customer Security Controls Framework.
To assist banks in carrying out of the security system evaluation and attestation, SWIFT has compiled a list of service providers accredited for implementation of Customer Security Programme (CSP). CFT is included in this list.