SWIFT Customer Security Programme (CSP) | KPMG | QM
Share with your friends

SWIFT Customer Security Programme (CSP)

SWIFT Customer Security Programme (CSP)

Organisations that use the SWIFT interbank messaging network must comply with its new cyber security standards and assurance framework by January 2018.


Your team

Also on KPMG.com

Swift, cyber, security, blue, ocean

Is your organisation ready for the new SWIFT Customer Security Programme?

New security standards are being implemented. The Society for Worldwide Interbank Financial Telecommunication’s (SWIFT) Customer Security Programme(CSP) was established to support customers against cyber fraud. In March 2017 SWIFT released cyber security standards with inspections and enforcement beginning in January 2018.


What is the SWIFT Customer Security Programme?

The SWIFT Customer Security Programme (CSP) requires every member organisation to define, document, implement and assess their payment processes and technologies against SWIFT’s set of Objectives, Principles and Controls – including 16 mandatory controls and 11 optional advisory controls.


How can KPMG help?

We can assist SWIFT member organisations to comply with the SWIFT security requirements by providing them with a tailored approach, employing a cross functional team of subject matter professionals in IT audit, assurance and cyber security, who are familiar with and have experience in the financial services industry. We can help with:


  • Conducting targeted information gathering workshops with key payment and wire transfer business, IT, legal, compliance, security, privacy and risk management stakeholders
  • Valuating your readiness to meet the new SWIFT CSP rules and attestation requirements
  • Implemention guidance for new controls and remediation of existing controls within your organisation’s payment and wire transfer processes
  • Attestation services including Service Organisation Controls (SOC) reporting
  • Other advisory services such as cyber security awareness training, penetration testing, phishing exercise and cyber maturity assessments.


Download our publication to find out more about the new requirements and how we can help you to be compliant.


We would be delighted to discuss these new requirements further, if you would like to arrange a meeting please contact the team. 

Connect with us


Request for proposal