SWIFT Security Attestation Has your organisation conducted an independent assessment in 2025? BackgroundSWIFT has revised counterparty requirements to include an independent assessment as part of the annual counterparty attestation process.A SWIFT attestation is an assessment that ensures organisations meet satisfactory compliance levels against the SWIFT Customer Security Controls Framework (CSCF) as part of the mandated Customer Security Program (CSP), founded on industry accepted principles (PCI-DSS, ISO27001 and NIST)All counterparties must attest before the expiry date of the current control's version, confirming full compliance with the mandatory security controls no later than 31 December each year.The independent assessment can be performed internally by qualified (e.g., QSA, CISSP, CISA, etc.) internal individuals and/or external SWIFT CSP Certified Assessor(s). Download Steps to complianceProtiviti’s Certified Assessors and SWIFT professionals can help your organisation address the SWIFT independent assessment with our experience in working with various SWIFT counterparties locally and internationally. Protiviti can assist you in steps 1, 2 and 3 of the following key steps towards SWIFT CSP controls compliance. How Protiviti can help Secure Your Environment Perform an independent or joint assessment in step 3 of the lifecycle. To analyse current control environments to determine if controls satisfy SWIFT CSP requirements and allow customers to submit their Know Your Customer – Self Attestation (KYC-SA). Strategy and implementation Assist SWIFT counterparties with remediation of identified gaps in mandatory controls or implementing best practice advisory CSP controls within their SWIFT environment and strategic transitions. Independent or co-source assessment Perform the independent assessment leveraging an outsourced or co-sourced delivery model. Leadership Hirun Tantirigama Hirun is a managing director and Protiviti Australia's technology consulting lead with 18 years’ experience in providing risk and regulatory advisory services across a variety of clients and industries. He has led complex, transformational programs across areas such as ... Learn More Shane Silva Shane leads Protiviti Australia's Canberra office, overseeing national technology assurance, project confidence, and data governance. With 20 years' experience, he advises government departments on system transformation and manages federal accounts across social ... Learn More Featured insights Year one insights: SEC cybersecurity incident management disclosure rules BLOGS 9 min read Navigating sanctions compliance through the transition to ISO 20022 WHITEPAPER 16 min read NIST Releases Version 2.0 of Its Cybersecurity Framework (CSF): What This Means for Your Organisation FLASH REPORT 7 min read Emerging tech and the future of payments with Swift’s Head of Oceania, Suresh Rajalingam PODCAST 3 min read ISO 27002 Is Changing: What You Need To Do BLOGS 5 min read