Visit our knowledge center and find out about news, tips, studies and exclusive research that RISCCO develops for the public.
Enhance the skills of your company's staff in handling leading risk management tools.
Visit our knowledge center and find out about news, tips, studies and exclusive research that RISCCO develops for the public.
Enhance the skills of your company's staff in handling leading risk management tools.
SWIFT Customer Security Controls Framework (SWIFT CSCF) is a set of “mandatory” and “recommended” requirements that the nearly 11,000 financial institutions that are part of the network have to meet. In April 2017, the first version of SWIFT CSCF v2017 was published. Subsequently, five updates to said document have been published, the versions of which are: CSCF v2019, CSCF v2020, CSCF v2021, CSCF v2022 y CSCF v2023.
The current version is CSCF v2023 and all financial institutions must do a compliance assessment no later than December 31, 2023.
SWIFT has established new guidelines regarding the compliance assessment process of the CSCF v2023 framework that SWIFT users must do every year between the months of July and December. Until December 2020, the self-assessment of compliance with the CSCF framework could be carried out by the first line of defense in the Bank/Organization.
As of 2021, the concept of “Community-Standard Assessments” is created, which is mandatory and establishes that an “Independent” compliance assessment be carried out with internal or external advisors. The internal advisor can be the Internal Audit or Risk areas. The external advisor may be companies that are listed in the “CSP Assessment providers directory” published by SWIFT. RISCCO is part of such Directory.
Disclaimer
SWIFT does not certify, warrant, endorse or recommend any service provider listed in its directory and SWIFT customers are not required to use providers listed in the directory.
SWIFT Customer Security Controls Framework (SWIFT CSCF) is a set of “mandatory” and “recommended” requirements that the nearly 11,000 financial institutions that are part of the network have to meet. In April 2017, the first version of SWIFT CSCF v2017 was published. Subsequently, four updates to said document have been published, whose versions are: CSCF v2019, CSCF v2020, CSCF v2021, CSCF v2022 and CSCF v2023.
The current version is CSCF v2023 and all financial institutions must do a compliance assessment no later than December 31, 2023.
“Gap Analysis” between the organization's controls and the SWIFT Customer Security Controls Framework. We can carry out a "Gap Analysis" of the existing controls in the organization against the objectives, principles and controls of SWIFT CSCF. This service will allow you to identify areas of non-compliance and receive practical recommendations to comply with the mandatory requirements. As an extension of this service, RISCCO can also monitor the correct and timely implementation of the given recommendations.
“External independent Assessment” of compliance with the SWIFT Customer Security Controls Framework.
RISCCO can perform the "External Independent Assessment" of compliance with SWIFT of the objectives, principles and controls of the framework.
Organizations must submit the results of the SWIFT v2023 Assessment to SWIFT no later than 31 December 2023.
Compliance review of the SWIFT Customer Security Controls Framework and associated operational controls. In addition to reviewing compliance with SWIFT CSCF requirements, jointly, you can assess the effectiveness of operational controls, processes and procedures related to money transfers via SWIFT. This comprehensive approach adds a lot of value because the organization, in addition to the technical review, receives recommendations on how to improve the controls of the money transfer operating process via SWIFT.
Disclaimer
SWIFT does not certify, warrant, endorse or recommend any service provider listed in its directory and SWIFT customers are not required to use providers listed in the directory.
The practical experience of our resources allows us to provide recommendations with business sense, that add value and, above all, are pragmatic. We evaluate the best way to adopt the best practices and theories, without creating unnecessary bureaucracies in our clients' operations.
At RISCCO we specialize in providing services only in technological risk management, information security, expert reports on computer crimes and internal auditing. That is what we do and will continue to do. It is precisely our specialization, which allows us to provide recommendations and solutions quickly.
Our fees, by themselves, are more accessible than other alternatives on the market.
RISCCO is an independent regional company dedicated exclusively to helping organizations meet their GRC challenges (Governance , Risk & Compliance) and ESG (Environmental , Social & Governance); made up of professionals with the knowledge and credibility necessary to translate highly technical aspects into simple language with business sense. Thirteen (13) years after starting operations, RISCCO has in its client portfolio private companies and institutions of the Panamanian State, leaders in their field.