There are 16 mandatory controls and 11 advisory controls (voluntary best practices which may become mandatory in the future) banks using SWIFT must now follow. The requirements are in light of the string of cybercrimes against SWIFT member banks. Members will now be required to implement features such as multi-factor authentication, continuous monitoring and anomalous behavior detection, security awareness training, and incident response plans.
The SWIFT framework also contains a detailed and transparent model for compliance reporting. Banks will have to sign onto SWIFTs portal and attest to their compliance with the controls framework. Respondents can indicate that they comply with the requirement as stated (and provide a future date for compliance if needed), attest that they will comply with the requirement in a different way, will comply by a future date, will not comply, or the requirement is not applicable to them.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now