SWIFT Customer Security Programme

SWIFT Customer Security Programme (CSP) is a type of framework for financial institutions. It is designed in a way that improves their cybersecurity performance and structure. All SWIFT members must submit an annual self-attestation of compliance with the controls outlined in the framework.

SWIFT has the right to perform random inspections on all members to ensure that they have implemented appropriate cybersecurity controls and documents and reports any non-compliant organisations to industry regulators, such as the UK’s Financial Conduct Authority.


SWIFT CSP compliance advisory services

The SWIFT CSP has three main objectives, that cover seven key security principles and 27 controls (16 mandatory and 11 advisories). The mandatory controls set in the requirements are intended to establish a security baseline for the SWIFT community, while the advisory controls are created based on recommended best practices but could become mandatory in the future.

Our team offers a wide specter of managed security and assessment services to support organisations in the financial sector to meet the requirements of the full spectrum of CSP controls and validate their annual self-attestations.

SWIFT CSP requirements summary

Set of Objectives, Principles, and Controls

Secure your company's environment

1. Restrict internet access and protect critical systems with 2 mandatory controls

2. Reduce attack surface and manage vulnerabilities with 3 mandatory and 6 advisory controls

3. Physically secure the environment with 1 mandatory control

Know and limit access

1. Prevent compromise of credentials with 2 mandatory controls

2. Manage identities and segregate privileges with 2 mandatory and 2 advisory controls

Detect and respond

1. Detect anomalous activity to system/transaction records with 4 mandatory and 1 advisory controls

2. Plan for incident response with 2 mandatory and 2 advisory controls


Tailor-made service

with the flexibility in response time for the needs of the client;

Stellar track-record and methodology

Stellar track-record and methodology for security checking, analyses, and reporting;


Economic efficiency and resource optimization


Combination of independent knowledgable experts who research, analyze and understand hackers’ behavior.

Explore our SWIFT CSP compliance advisory services