v1static450495706700107726224 303b 4a49 9db1 264e4a5b8f3da894e4a9 195d 42b0 b798 8e9fdad0f42d1280x720matchimage
video time: 03:11 video title: Bottomline SWIFT Attestation

So what does this mean for your organisation?

New attestation methodology, introduced in July 2021, stated that all SWIFT users must carry out an independent assessment, which can be completed in one of two ways:

Internal assessment: This is carried out by your company's second or third line of defense, such as your internal compliance, risk or audit departments.

External assessment: Through an independent, external organisation with cybersecurity assessment experience and individual assessors who have the relevant security industry certification. 

Other important information you need to know:

All SWIFT users, including corporates, banks and financial institutions, must attest annually to this framework

Non-compliant customers can be reported to their local regulator

Attestation compliance statuses can be visible to other SWIFT counterparties, which may be used when assessing new vendors

SWIFT customers are responsible for:

  • Reviewing their infrastructure and meeting control standards
  • Completing their due diligence when selecting and contracting cyber security service providers or any other entity offering such services.

The CSP controls change every year in line with evolving threats across the community. What was advisory one year may change to mandatory the next. For example, from 2020 to 2021, one control moved from advisory to mandatory and the new assessment methodology was introduced.

The 2021 framework includes 31 controls, 22 mandatory and 9 advisory.

Secure Administration Illustration

How Bottomline can help you meet and exceed compliance with the CSP

Our independent, SWIFT certified Cyber Security partner will carry out a pre-attestation to help you understand where there might be shortfalls in your current infrastructures and policies ahead of carrying out a full attestation.

It’s essential to start your pre-attestation now as remediation can take anywhere from 3 to 12 months, which could impact your compliance with the programme.

Don’t leave it too late. Speak to us today to help you understand what the new changes mean for your organisation and why it’s important to act now. 

We can also offer solutions in the following areas:  

User Behaviour Monitoring and Transactional Monitoring: Comply with CSP controls 6.4 and 2.9A to help detect and prevent fraud in real-time whilst providing alerts of suspicious activities.

Secure Data in Transit: Assists in compliance with CSP controls 2.4A and 2.5A by verifying and protecting the integrity of messages, files and transactions with a digital signature.

Multi-factor Authentication: Helps you to comply with CSP control 4.3 by reducing unauthorised access with hard and soft tokens.



Want to learn more about Bottomline's solutions?

Give us a call.

Our solution experts are here to help.

+61 2 8047 3700 | SG +65 6508 8088

Chat with us.

Chat with one of our solution experts. We'll recommend the right product to fit your needs.

Let us help drive your business forward.

Tell us a bit about you and your business and we’ll get back to you with all the information you need.

Curved Shape