New KYC Security Attestation features

17 April 2019

Bulk Request and Auto-grant features make exchanging counterparty data more efficient

New features in the KYC-SA tool enable institutions to communicate with their counterparts en masse, avoiding the need for multiple and time-consuming communications.

The Bulk Access Request feature allows Requesters to seek access to multiple counterparties’ attestation data simultaneously. The Auto-grant capability meanwhile allows customers to identify counterparties they wish to share their attestation data with up front; they can define them via a "whitelist", thereafter automatically granting them access to view their attestations.

Counterparty cyber security risk management forms a core part of SWIFT’s Customer Security Programme (CSP), which was launched in 2016. To enable this, SWIFT developed a Customer Security Control Framework (CSCF), which both sets a security baseline for the community, and gives customers a benchmark against which to measure themselves and their counterparts.

The CSCF consists of both mandatory and advisory controls. The controls are reviewed annually and customers must attest against the mandatory subset by the end of each calendar year, submitting their attestations to the KYC-SA tool.

Brett Lancaster, Head of Customer Security, SWIFT

“Users should access their counterparties’ attestation data against SWIFT’s Customer Security Controls Framework (CSCF) to enhance their own cyber security risk management. With 94 percent of SWIFT users now attesting against SWIFT’s CSCF, representing 99 percent of traffic, customers’ counterparty data is available and it should be incorporated into their counterparty risk management decisions.” - Brett Lancaster, Head of Customer Security, SWIFT

Through the same tool, customers are then able to exchange their attestation data with counterparties by ‘requesting’ and ‘granting’ access. This fosters transparency and provides institutions with the information they require to manage the cyber risk presented by their counterparts.

Customers can make their risk decisions based on their counterparts’ attested compliance levels against the CSCF, as part of their due diligence and decision-making processes.

For more details about the bulk request and grant functions, please refer to section 1.2.2.1 of the Security Attestation Application 3.0 Release Letter.

Related

  • News
  • Compliance

Leveraging industry collaboration to tackle KYC challenges

  • News
  • Compliance

SWIFT brings KYC data management platform to multi-banked corporates

Compliance

KYC Security Attestation application

The place to self-attest, share and view customer security attestation data.

CSP

Customer Security Programme (CSP)

Reinforcing the security of the global banking system.

SWIFT Insights

  • Discover the latest trends in financial services
  • Keep up with our news updates
  • Read thought-provoking industry reports
  • Explore global events and webinars
Read more