Following the wave of cyber-attacks hitting banks via the SWIFT system, Customer Security Controls Framework (CSCF) v2021 has been published to propose a new security baseline for all the SWIFT users.
SWIFT Customer Security Programme is designed to assist SWIFT users in implementing practices and instruments to protect, detect, and fight against financial services cybercrime to execute well-planned and finely orchestrated attacks.
ECS Fin is a certified auditor of the SWIFT CSP in SWIFT’s official director and holds a decade of experience to help financial institutions and corporates verify and protect the integrity of the IT infrastructure with implementing SWIFT’s Customer Security Controls Framework (CSCF) and become compliant. SWIFT published baseline security controls to which SWIFT users had to attest their level of compliance due 31 December. With the option of self-attestation no longer viable, we provide the following services for CSP:
We assess the SWIFT architecture of every business and then propose implementation and assist in compliance with CSP controls covering architectures A1 to B and cloud implementations.
We help all SWIFT members understand the shortfalls in their current infrastructures and abide by the policies and practices proposed by the SWIFT to set up a defensive strategy against any cyber-attacks.
Our assessment models are customized from the primary assessment of SWIFT CSP controls to assess every vulnerability while operating to present progressive measures for a safe and secure payment processing chain.
As per the 2021 SWIFT CSP Framework, all SWIFT users must protect their infrastructure from potentially compromised environments or IT equipment, especially regarding security and storing information.
ECS Fin, an attestation service provider for the SWIFT CSP program, helps corporates and financial institutions stay compliant and secure with SWIFT security standards. We do the SWIFT risk assessment, review current mandatory controls, and provide a prioritization framework with risk management roadmap to assess how vulnerabilities could be exploited and to determine how to respond effectively in each case.
SWIFT holds the right to check users who have failed to attest compliance with all mandatory security controls and will eventually place in the category of non-compliance those who:
ECS Fin are fully covered with cybersecurity experts who have the most noteworthy certifications and recognitions in the market. We have helped Itau Bank, Belcorp, and Ecopetrol Group to comply with 2021 CSP requirements.
Gustavo Gomez, Director ECS fin
Founded in 1999 as a consulting firm, ECS Fin Inc. is headquartered in New York with market share distributed Corporate Credentials globally. We recognized inefficiencies in the way data, money, and securities got processed and moved between customers, service providers, and beneficiaries.
With that objective, we deliver IMS solutions combining processing modules, supporting components, and connectivity services, considering the complete life cycle of a transaction, bringing efficiency and lean in processing while ensuring accountability to every message/transaction of an enterprise.