KYC Security Attestation application

The tool for all SWIFT users to submit their attestation data. Release 3.0 now available

Customer security attestation timeline

What are my obligations?

  • 31 December 2017: All SWIFT customers were required to self-attest their level of compliance against the mandatory security controls  
  • 31 December 2018: All SWIFT users must re-attest and confirm full compliance with the mandatory security controls V1 (2018), dependent on the expiry date of the attestation.

 

  • 31 December 2019: All SWIFT customers must re-attest and confirm full compliance with the mandatory security controls V2 (2019), and self-attest at least annually thereafter. The CSCF v2019 can be consulted as from July 2018 but will only become effective in the KYC-SA, the online repository for customer attestations, in July 2019. All SWIFT users must attest against the mandatory controls of this new version by the end of 2019.
0
White

What happens if I fail to submit
a self-attestation?

SWIFT reserves the right to report the names and BIC of users that fail to comply with the attestation process by the relevant deadlines to their local supervisors..

  • From January 2018: SWIFT reports users that have not submitted a self-attestation on time to their local supervisors.

 
 

  • From January 2019: SWIFT reserves the right to report users that have not self-attested compliance with all mandatory security controls (or that connect through a non-compliant service provider) to their local supervisors.
0
White

What is the attestation timeline?

KYC SAA

0
White

In 2018, customers must re-attest against the SWIFT Customer Security Controls Framework V1 (2018).

  • The KYC Security Attestation application R3.0 is available now for data submission and consultation.
  • By the end of December 2018: all SWIFT users must re-attest and confirm full compliance with the mandatory security controls V1 (2018), dependent on the expiry date of the attestation
  • From January 2019: SWIFT reserves the right to report users that have not self-attested compliance with all mandatory security controls (or that connect through a non-compliant service provider) to their local supervisors.
  • 31 December 2019: All SWIFT customers must re-attest and confirm full compliance with the mandatory security controls V2 (2019), and self-attest at least annually thereafter.
0
White