Swift to 'name and shame' banks who fail to meet security standards
28 September 2016 | 8152 views | 1
Interbank co-operative Swift is promising to name and shame banking members who fail to measure up to a new set of core security standards that are set to be introduced in Q2 2017.
The standards will be mandatory for all banks, who will be required to demonstrate their compliance annually against 16 mandatory controls set out in an 'assurance framework'.
Although banks are merely required to provide 'self-attestation', Swift says it will perform random spot checks, and urge counterparty banks to do likewise.
Inspections and enforcement will begin on 1 January 2018, when banks' compliance status will be made available to their counterparts. Firm's who fail to achieve the required standards may not only find themselves locked out by their counterparts, but will also be reported to their regulators.
Swift chairman Yawar Shah says: “We recognise that this will be a long-haul, and will require industry-wide effort and investment, as well as active engagement with regulators. The growing cyber threat requires a concerted, community-wide response.”
The detailed objectives and controls will be made available to Swift customers late next month he says.