Security upgrades continue at SWIFT as it seeks to assist the banking sector to identify suspicious payments
SWIFT, the Society for Worldwide Interbank Financial Telecommunication, is continuing its efforts to tighten security within the banking community with the introduction of a newtool to spot fraudulent messages that could result in suspicious payments.
It comes after a torrid year in 2016 for Brussels-based SWIFT, and in December it previously disclosed attacks on three banks via the network but said none had been successful.
SWIFT of course was thrust into the security limelight in February 2016, when hackers stole $81 million (£64m) from Bangladesh’s central bank by initiating fraudulent SWIFT transfers from within the bank’s own systems.
SWIFT always insisted the attacks didn’t involve any compromise of the network itself, and said that the attackers had obtained valid credentials from financial institutions and used those to impersonate authorised individuals.
Since then the network has undertaken a number of measures to tighten security. It launched a customer security programme in June 2016 to help tighten security measures and procedures at banks.
Later in July SWIFT joined forces with BAE Systems in July to bolster its cyber security expertise. Then last Autumn it said it would help customers detect fraudulent payments with the introduction of ‘Daily Validation Reports,’ designed as an anti-fraud measure to ‘supplement customers’ existing fraud controls’.
And now SWIFT said it is offering clients a service that will be able to learn a user bank’s messaging patterns so that it can spot if a payment is being made to an unusual counterparty or for an unusual amount.
“The new fraud and cyber-crime prevention service will enable SWIFT customers to screen their payment messages according to their own chosen parameters, enabling them to immediately detect any unusual message flows before transmission,” it said.
SWIFT said the tool was initially targeted at smaller financial institutions and central banks, but the service will also be launched as a hosted utility solution, which will allow SWIFT users to access it instantly, with no hardware or software installation or maintenance.
“The new payment controls service is a direct response to our community’s request for additional services to complement and strengthen existing fraud controls,” explained Yawar Shah, SWIFT Chairman.
“Combatting fraud and cyber-crime is a top priority for SWIFT and its customers,” said Luc Meurant, Head of financial crime compliance services. “Our new payment controls service is an important step in delivering a full suite of hosted offerings that address our customers’ needs in the fraud and cyber-crime prevention areas, as well as in the sanctions, Know Your Customer (KYC) and Anti-Money Laundering (AML) compliance domains.”