v1static450495706700145a359de 8830 4cdd ad19 30506fd5ebf129125a9b b1a5 4ab8 afb0 eed7cbdd7fba1280x720matchimage
video time: 03:41 video title: Bottomline: SWIFT CSP 2022

Here’s a breakdown of how your organisation can comply

New attestation methodology, introduced in July 2021, stated that all SWIFT users must carry out an independent assessment, which can be completed in one of two ways:

1. Internal assessment: is carried out by your company's second or third line of defence, such as your internal compliance, risk or audit departments.

2. External assessment: through an independent, external organisation with cybersecurity assessment experience and individual assessors with relevant security industry certification.

Other important information that your organisation needs to know: 

- All SWIFT users, including corporates, banks and financial institutions, must attest annually to this framework

- Non-compliant customers can be reported to their local regulator

- Attestation compliance statuses can be visible to other SWIFT counterparties, which may be used when assessing new vendors

- SWIFT customers are responsible for:

  • Reviewing their infrastructure and meeting control standards
  • Completing their due diligence when selecting and contracting cyber security service providers or any other entity offering such services.
Secure Administration Illustration

Strength in Numbers:

The CSP controls change every year in line with evolving threats across the community. What was advisory one year may change to mandatory the next. For example, from 2021-2022 one control moved from advisory to mandatory, and a new advisory control was introduced. The new assessment methodology introduced in 2021 is now an annual requirement. 

The 2022 control framework includes 32 control, 23 mandatory and 9 advisories.


Our solutions can also help in the following areas:

Secure Payments for CSP: Detect and prevent fraud in real-time whilst providing alerts for suspicious activities (mandatory controls 2.9 and 6.4).

Secure Data in Transit: Verify and protect the integrity of messages, files and transactions with a digital signature (controls 2.4A and 2.5A)

Multi-factor Authentication: reduce unauthorised access with hard and soft tokens (control 4.3).

The benefits of partnering with Bottomline: 

Clarity & transparency: we’ll keep you informed of the latest SWIFT CSP framework controls and what action you need to take, every step of the way.

No need to wish for hindsight: understand your compliance status each year, ahead of the attestation to help you understand the remediation required, which can take anywhere from 3 – 6 months. 

Experts on hand: whether it’s your dedicated Account Manager or our Cyber Security specialist, we’re here to help you comply to the SWIFT CSP and reap the additional benefits for peace of mind.

How Bottomline Can Help.png  

By joining our programme, we’ll work with you every year to achieve a complaint attestation status. This not only helps strengthen your organisation’s reputation and instils trust and confidence with other swift customers, but you’re contributing to the collective mission of protecting the wider ecosystem. 



Learn how we help our customers

Customer Success Stories

Vattanac CSS

“By completing the independent assessment for all mandatory and advisory controls, Vattanac Bank are well prepared for any changes to the annual SWIFT CSP requirements with the continued support of Bottomline and their approved auditor. Meeting these security controls will help protect our environment and foster a more secure financial ecosystem.”

-Na Sambathchatovong, Head of IT Security and IT Governance

Read Full Story  

“Lion Global Investors turned to trusted partner Bottomline for support as other options were looking very costly. Our existing relationship assured us that the project would run smoothly, and we would remain compliant. The service has been efficient, and we are very happy with the guidance and professionalism provided by Bottomline.”

- Lion Global Investors

Read Full Story

lion global success story mediatext
Glas media text

“Bottomline’s SWIFT CSP Independent Assessment gave us reassurance that we would meet all advisory and mandatory controls and provided us with a deeper understanding of the framework. As the programme continues to evolve, we will continue to partner with Bottomline to ensure GLAS remains compliant and our SWIFT environment is secure now and in the future.”

- Stuart Draper, Chief Operation Officer

Read Full Story


Want to learn more about Bottomline's solutions?

Give us a call.

Our solution experts are here to help.

+61 2 9068 9438 | SG +65 6508 8088

Chat with us.

Chat with one of our solution experts. We'll recommend the right product to fit your needs.

Let us help drive your business forward.

Tell us a bit about you and your business and we’ll get back to you with all the information you need.

footer curve