SWIFT CSP Compliance Audit & Assessment

Let us help you strengthen your cyber defences and comply with SWIFT Customer Security Programme (CSP)


In 2016, the Bangladesh Central Bank cyber-attack saw the attackers compromise the banks systems and sent payment instructions totalling $951M, of which $101M were processed by the Federal Reserve Bank of New York. This attack shocked the global financial ecosystem and remains the biggest bank heist in history.

To help reinforce the security of the global banking system, The Society for Worldwide Interbank Financial Telecommunication (SWIFT) launched SWIFT’s Customer Security Programme (CSP) to help financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF), before attesting their level of compliance annually.
With solid attestation and compliance rates, the CSP reflects a community of highly engaged users committed to stopping cyberattacks in their tracks. And, as the cyber threat landscape evolves, so too does the CSP.

As of 2021, all SWIFT users are required to undergo “independent assessment” for their compliance with the SWIFT CSCF to support their annual self-attestation.



Our Proven Experience and Certified Experts

Enovise has expertise to perform external assessments and offers comprehensive compliance assessments.

We have capabilities to perform SWIFT CSP assessment engagements across multiple territories. This is reinforced by our team consisting of distinctive skills and subject matter expertise in cybersecurity which brings you unparalleled technical excellence and quality service.

As your chosen assessor, we will help in the compliance process and relieve the pressure on your internal resources.

Enovise is listed in Swift CSP Assessment providers directory.*

*Swift does not certify, warrant, endorse or recommend any service provider listed in its directory and SWIFT customers are not required to use providers listed in the directory.

SWIFT CSP Attestation Audit

Engaging Enovise as an external specialist will not only ensure you meet Swift mandatory compliance requirements, but also deliver an additional level of assurance in the security of your Swift-related infrastructure.

An attestation assessment identifies where risk drivers from the Swift CSP are, or are not, met. Our clear report meets requirements for Swift IAF (Independent Assessment Framework) supporting documents, provides insight and tailored advice on how to address non-conformances to achieve compliance, and guides you through submission of a fully compliant attestation via the Swift KYC-SA application.

SWIFT CSP Gap Analysis/Assessment

Your external assessment may highlight non-conformances than previously identified by internal assessments or self-assessment. As such, it may be beneficial to undergo a gap assessment before an assessment of the CSP implemented controls.

Enovise’s Swift CSP gap assessment is an analysis of your organisation’s Swift-related infrastructure to understand what you need to do to meet CSP mandatory compliance requirements. Our team of experts possess internationally recognized certifications such as ISO 27001, CISSP, OSCP, OSCE, PCI- DSS. They shall interview relevant staff, review your current policies, Swift architecture type, procedures, and practices, then produce a detailed gap assessment report which defines your current compliance levels and highlight any areas that need to be addressed, and provide tailored recommendations to achieve compliance against the Swift CSP controls.


What is the Swift CSP?

Swift’s Customer Security Programme (CSP) provides a customer security control framework, improves information sharing throughout the community, helps customers’ to secure their environment. The programme also shares best practice for fraud detection.

When is the deadline for Swift CSP compliance?

Swift users are required to submit an attestation on an annual basis by 31 December. Since 2021, all Swift users are required to undergo an “independent assessment” in support of their annual attestation.

Ready to get started?

Our security experts are available to help you answer questions about our services

Call: +254 714 370 253 or 727 950 013 (KE) • +250 787 856 970 (RW) • +44 7810 402477 (UK) • +267 737 011 41 (BW)