SWIFT CSP Compliance Audit & Assessment

Let us help you strengthen your cyber defences and comply with SWIFT Customer Security Programme (CSP)


In 2016, the Bangladesh Central Bank cyber-attack saw the attackers compromise the banks systems and sent payment instructions totalling $951M, of which $101M were processed by the Federal Reserve Bank of New York. This attack shocked the global financial ecosystem and remains the biggest bank heist in history.

To help reinforce the security of the global banking system, The Society for Worldwide Interbank Financial Telecommunication (SWIFT) launched SWIFT’s Customer Security Programme (CSP) to help financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF), before attesting their level of compliance annually.
With solid attestation and compliance rates, the CSP reflects a community of highly engaged users committed to stopping cyberattacks in their tracks. And, as the cyber threat landscape evolves, so too does the CSP.

There are three levels of compliance: Self-attestation, internal audit, or third-party review.

As of 2021, all SWIFT users are required to undergo “independent assessment” for their compliance with the SWIFT CSCF to support their annual self-attestation.



Our Proven Experience and Certified Experts

As a member of SWIFT, Enovise is recommended to perform external attestations of any other member and offers comprehensive compliance audit and assessments.

We have performed numerous SWIFT CSP assessment engagements across multiple territories and industries. This is reinforced by our team consisting of distinctive skills and subject matter expertise in cybersecurity which brings you unparalleled technical excellence and quality service.

As your chosen auditor, we will help to reduce complexity in the compliance process and relieve the pressure on your internal resources.

SWIFT CSP Attestation Audit

Engaging Enovise as an external specialist will not only ensure you meet SWIFT’s mandatory compliance requirements, but also deliver an additional level of assurance in the security of your SWIFT-related infrastructure.

An attestation audit identifies where risk drivers from the SWIFT CSP are, or are not, met. Our clear report meets requirements for SWIFT IAF supporting documents, provides insight and tailored advice on how to address non-conformances to achieve attestation, and guides you through submission of a fully compliant attestation via the SWIFT KYC-SA application.

SWIFT CSP Gap Analysis/Audit

Your first external assessment may highlight more non-conformances than previously identified by internal assessments or self-attestation. As such, it may be beneficial to undergo a gap audit before an attestation audit.

Enovise’s SWIFT CSP gap audit is an analysis of your organisation’s SWIFT-related infrastructure to understand what you need to do to meet SWIFT’s mandatory compliance requirements. Our Certified Experts shall interview relevant staff, review your current policies, SWIFT architecture type, procedures, and practices, then produce a detailed gap audit report which defines your current compliance levels and highlight any areas that need to be addressed, and provide tailored recommendations to achieve compliance against the SWIFT CSCF controls

Ready to get started?

Our security experts are available to help you answer questions about our services

Call: +254 714 370 253 or 727 950 013 (KE) • +250 787 856 970 (RW) • +44 7810 402477 (UK) • +267 737 011 41 (BW)