SWIFT announces new payment controls service to bolster customers’ fraud and cyber-crime controls
12 April 2017
New solution is a major milestone in SWIFT’s Customer Security Programme, a suite of initiatives designed to increase security and trust within the global financial community.
Interbank messaging service SWIFT, which is used to transfer trillions of dollars between banks every day, will launch a new tool to spot fraudulent messages, seeking to restore trust in the system after millions of dollars were stolen in cyber raids. Last year $81 million was stolen from Bangladesh's central bank after thieves hacked into its SWIFT system and sent instructions to the Federal Reserve Bank of New York to pay money from Bangladesh Bank's account to parties in Asia.
SWIFT was criticised last year by some users and industry players for failing to beef up security on its system even as the risk of cyber attacks increased and the network expanded to include smaller institutions with more lax security procedures. Though SWIFT launched a range of new security measures and services in September, the latest product -- due to be introduced early next year -- will "red-flag", or put on hold, payment instructions that exceed limits set by clients or are deemed anomalous by the system's learning software.
Brussels, 12 April, 2017 – SWIFT today announces a new real-time payment controls service to complement and strengthen its customers’ existing fraud controls. The new fraud and cyber-crime prevention service will enable SWIFT customers to screen their payment messages according to their own chosen parameters, enabling them to immediately detect any unusual message flows before transmission.
Customers will be able to integrate the service directly into their SWIFT messaging flows, thereby significantly enhancing their ability to control their messaging activity, enabling the timely detection of unusual or uncharacteristic payment patterns, and improving their ability to prevent fraudulent transfer requests. They will also be able to define and control their screening parameters according to their own risk and compliance policies, and choose whether to set the review permissions for the alerts centrally, or at individual access points.
Initially targeted at smaller financial institutions and central banks, the service will be launched as a hosted utility solution, which will allow SWIFT users to access it instantly, with no hardware or software installation or maintenance. The service will develop a profile of each SWIFT user’s message traffic based on its specific business activities and the countries, counterparties and currencies it is typically involved with.
The launch of the new payment controls service marks an important milestone in SWIFT’s Customer Security Programme. The Customer Security Programme, which launched in May 2016 and is being overseen by SWIFT’s Board, is designed to reinforce and evolve the security of global banking, consolidating and building on existing SWIFT and industry efforts.
Yawar Shah, Chairman, SWIFT said: “The new payment controls service is a direct response to our community’s request for additional services to complement and strengthen existing fraud controls. Through the development of new products, like the payment controls service and the roll out of the broader Customer Security Programme, SWIFT is demonstrating its commitment to delivering innovative community-based solutions that significantly enhance risk-management in cross-border payments.”
The new secure, in-network service will provide a payment message monitoring service that will:
- Help to mitigate fraud by ‘red flagging’ out-of-policy payment messages, or activity that may indicate risk;
- Learn individual SWIFT users’ transaction patterns;
- Spot anomalies and generate real-time alerts;
- Give customers the option to hold messages that do not conform to policy;
- Provide secondary and independent protection complementing customers’ own systems;
- Ensure best practice for payment risk management by using community-defined risk indicators;
- Be based on a hosted utility, eliminating the need for onsite deployment and maintenance;Reduce the cost of ownership with transparent SWIFT community pricing.
The payment controls service further expands SWIFT’s growing portfolio of community-inspired financial crime compliance solutions and complements SWIFT’s Daily Validation Reports tool. The Daily Validation Reports are already being used by smaller institutions to supplement their existing fraud controls and provide an independent daily overview of their SWIFT transaction activity. Other SWIFT tools and services that can help to reduce transaction and financial crime compliance risks and costs include: RMA Plus, Sanctions Screening, Name Screening, Sanctions Testing, The KYC Registry, Compliance Analytics and the Payments Data Quality Service.
Luc Meurant, Head of financial crime compliance services, SWIFT, added: “Combatting fraud and cyber-crime is a top priority for SWIFT and its customers. Our new payment controls service is an important step in delivering a full suite of hosted offerings that address our customers’ needs in the fraud and cyber-crime prevention areas, as well as in the sanctions, Know Your Customer (KYC) and Anti-Money Laundering (AML) compliance domains.”