Javier Pérez Tasso, chief executive, Americas & UK region, SWIFT, and one of the Executive sponsors of the Customer Security Programme (CSP), set out the detail of the CSP in the opening plenary of the chairpersons’ meeting. “The CSP will only be a success, if we join forces,” he stressed. “This involves not only collective action around SWIFT’s initiatives, but acting together with our customers, overseers and third party vendors as well as leveraging the strength of our national member and user groups.”
Pérez Tasso outlined the architecture of the core security standards, applicable to all SWIFT customers, which focuses on three objectives supported by eight principles and 27 specific controls, 16 of which will be mandatory. To support fraud prevention and detection, from December, SWIFT will also make available daily validation reports to users through a secondary channel, allowing them to check for unusual and suspicious behaviour. “By working in collaboration on the CSP, I truly believe we’re going to come out stronger as an industry,” he said.
The collective responsibility of the community as a whole was acknowledged by a panel bringing together four community chairpersons – Isabelita Papa (Philippines); Pascale Augé (France); Natalia Dirks (Russia) and Ted Rothschild, (USA) – in a session moderated by Steve Gilderdale, head of the CSP, SWIFT. Papa noted that cyber-crime efforts that had previously focused on counteracting ‘retail’ fraud such as ATM skimming required broader attention in the wake of the well publicised cyber-cases involving local infrastructure. “There was a need to review our market infrastructure and security guidelines,” she said.
Through the national SWIFT user group, the central bank asked the chief security officers at all local banks to review their procedures and provide a timeline for plugging any perceived gaps and vulnerabilities.
Cooperation among the local SWIFT community and with the central bank was identified as a key feature in securing the industry as a whole. “We have to share information so we can help each other going forward,” said Rothschild.
Dirks, meanwhile, pointed out that in Russia, in 2008, only 2% of bank fraud was committed in cyberspace. “In 2015, 98% of these crimes were committed by cyber-criminals,” she said. “The topic of cyber-security has moved from the IT department to the top managers.” While the focus had been on securing customer-facing internet solutions, she said, “we are now concluding that correspondent banking must be urgently addressed.”
For the French community, Augé warmly welcomed the CSP initiative. He noted that France has the largest community of corporate users on the SWIFT system. “We have to make sure we are all up to speed,” he said.(News source:SWIFT)
