SWIFT CEO reveals Customer Security Programme at Industry Conference


Brussels – SWIFT CEO Gottfried Leibbrandt delivered the keynote address at the 14th annual European Financial Services Conference in Brussels today. During the speech, Leibbrandt announced SWIFT’s five-part Customer Security Programme to reinforce the security of our shared, global financial system.

The five part-plan, includes initiatives to:

  • Improve information sharing among the global financial community;
  • Harden security requirements for customer-managed software to better protect their local environments, enhance our guidelines and develop security audit frameworks for customers;
  • Support banks’ increased use of payment pattern controls to identify suspicious behavior; and
  • Introduce certification requirements for third party providers.

Please see as follows for Gottfried Leibbrandt’s full speech (as prepared for delivery).

Hello and thank you for having me here today.

Cyber security is serious. It’s a critical issue for the financial system – and it’s a critical issue for SWIFT. Cyber concerns are not new to us at SWIFT. Indeed, ever since I took on this job, cyber risk has been the main thing to keep me awake at night. We work very hard at improving the cyber security of our network; every day we wake up and go to sleep thinking about, and protecting against that threat. It is hard work and never done. And rightly so for SWIFT. After all, we are trusted by our clients to carry billions of high value payment messages a year. This requires a network that meets the highest standards in terms of: Confidentiality, Integrity and Availability.

Our network was designed to meet these challenges. Cyber security is part of our DNA – it is not an afterthought. Not just hardware and software, but people, processes, procedures, checks, in fact a whole organisation for whom “failure is not an option”.

So, as we’ve said a few times before these past few months, let me repeat: SWIFT, our network, software and our core messaging services have not been compromised. Ensuring that remains the case is, and always will be, SWIFT’s top priority.

But the financial industry, as a community, has to be clear that cyber risk is big; there will be more cyber attacks. And inevitably some will be successful. Acknowledging this doesn’t mean we are resigned to it. Rather, it means that we must work even harder at our collective defensive efforts.

Recent Cyber fraud events are a watershed event for the industry

Let me turn to the recent fraud at Bangladesh that has caught multiple headlines. I think it will prove to be a watershed event for the banking industry; there will be a before and an after Bangladesh. The Bangladesh fraud is not an isolated incident: we are aware of at least two, but possibly more, other cases where fraudsters used the same modus operandi, albeit without the spectacular amounts. The banks were compromised, credentials to payment generation systems were obtained to send fraudulent payments and the statements/confirmations from their counterparties were obfuscated.

So this is a big deal. And it gets to the heart of banking.

Keeping money secure is core business for banks. So these events are a problem on at least two fronts.

First it’s a problem because banks that are compromised like this can be put out of business. It’s not like retailers losing credit card details or telcos losing customer details. Telcos and retailers will take reputational hits, and may face some financial liabilities, but things will move on. When banks lose control of access to their payment channels, it’s different. In the recent cases, thieves were able to move just some of those banks’ overseas assets. As a result, for the banks concerned, the events haven’t been existential. The point is that they could have been.

Second, it’s a problem because the financial system is hugely interconnected and it operates on trust.

What about SWIFT?

At this point two questions pop up for SWIFT, at least they have in the press: 1. Isn’t SWIFT in the middle of all of this? 2. What are you going to do about it? Let me answer both in turn, since the answer to the first forms the basis of the second.

As I said above, SWIFT, our network, software and our core messaging services have not been compromised. In Bangladesh and the other cases, the thieves compromised the IT environment and worked their way to the bank systems where the SWIFT instructions are generated and the confirmations received. And while we (and other providers) give tools and software to our customers, our customers run these in their own environment and need to keep them secure. We cannot secure our customers’ environments and cannot assume responsibility for that.

At the same time, we play a crucial role in the global payments system, and the events form a direct threat for that system. We therefore very much want to be part of the solution. We think we can be and we have to be.

The need to share information

Over the past weeks and months, we have already stepped up our efforts, notably on sharing information.

The gravity of this threat is the very reason that all of us in the global financial community have to be willing to share that information. Through trusted channels, of course; but we have to share.

Banks can learn from one another about the modus operandi and put better preventative measures in place; entities like SWIFT can serve as the information sharing channel, and we can develop indicators of compromise to help those banks improve their detective capabilities. We are doing so.

But information sharing needs to get better, much better. It is critical that the global financial community works together to bolster our mutual security.

We are calling for a collective effort in our global financial community to reinforce the security of our entire, shared system.

Our security is our collective mission and can only be strengthened through a collaborative approach which includes SWIFT, third party suppliers, policymakers, regulators and our users, big and small.

And particularly the large clearing banks – many of whom I see here today – have a really important role to play; your networks of relationships means that you can have a truly global, viral effect.

And we are going to do much more. We are the global bank-owned cooperative at the heart of the global payment system, a system that is facing a persistent threat. We are stepping up to the plate as our owners and overseers expect us to.

Customer Security Programme

Indeed, we are working with our community on a five-part customer security program that we will announce later this week; five big initiatives that mutually reinforce each other. We are reaching out to customers to discuss with them in more detail and answer any questions.

First, as I just mentioned, we aim to drastically improve information sharing among the global financial community. We will demand more information of our customers, and share that back with the community. The ambition is to do on an international scale what banks in several countries are already doing domestically. We will do it in a confidential way that uses the data while protecting the identity of the institution and customers.

Second, we will harden security requirements for customer-managed software to better protect their local environments.

Third, we will enhance our guidelines and develop security audit frameworks for customers.

Fourth, we will look to see what we can do to support banks’ increased use of payment pattern controls to identify suspicious behavior.

And finally, we will introduce certification requirements for third party providers.

This requires Cooperation

This will only work if the industry works together. Banks, regulators, third-party providers and SWIFT. SWIFT is not all-powerful, we are not a regulator, and we are not a policeman; success here depends on all the stakeholders in and around the industry. The security of our network remains our key priority; the security of their own environments has to remain (and, for some, become) banks’ priority.


Let me close by returning to innovation.

The opportunities that innovation has brought banks and their customers are tremendous – technology and connectivity have introduced the sector to cyber risk. Back before mainframes, ATMs, mobile banking and PCs, it was all about men and guns. Now it is about men and hoodies hunkering over keyboards. And as we continue to connect everything to everything, things will get ever more challenging.

We are seeing some really exciting advances in innovation – and that’s great. The banking experience is immeasurably better today than it was a few years ago – inside banks as well as outside. Let’s have more of that. But these amazing technological advances open the door for increasingly complex cyber threats, the problem must become the solution – technology is essential to our cybersecurity.

Now more than ever, we need to see innovation in security – we’re seeing some, after all, the famous AES algorithm was designed less than 30 km away from here, but let’s have more.

You all know what I’m talking about – bring on the next generation of pattern recognition, monitoring, anomaly detection, authentication, biometrics—and a host of innovations we have yet to develop that will improve and preserve the security of our industry.

We need more of these incredible innovations, and just as importantly, our industry needs to use more of what’s already available to us.

The cyber challenge is huge, and demands action, and change, by all stakeholders. And change is hard. Sometimes it takes a crisis. As the saying goes: “a crisis is a terrible thing to waste”; so let’s use this crisis as an industry to come out stronger, better and even more secure.

Most recent episodes

Advantage Treasury

Eleanor Hill is joined in the virtual TreasuryCast studio by Nicolas Cailly and Philippe Penichou (Societe Generale) to look at treasury trend predictions for the remainder of 2022, with a particular focus on virtual accounts. In this deep dive into current and future treasury priorities, our guests consider...


40th Annual New York Cash Exchange: What Can Treasurers Expect?

Ahead of the 40th annual New York Cash Exchange, two of TMANY’s distinguished board members, David Miller and Timothy T. Hesler, CTP, provide TMI CEO, Robin Page, with a quickfire rundown of what attendees can expect from this year’s conference. Our guests share their aspirations for the event,...


Expectation-Beating Inflation Prints Ratchet Up Pressure on Monetary Policy

Welcome to the third edition of Liquidity Link Live, your exclusive market analysis provided by Northern Trust Asset Management, one of the world’s largest cash managers. Tune in each month to discover the very latest insights on the UK, Eurozone and US markets. This edition was recorded on the 9th May...


Making the Sustainable Transition: A Roadmap to ESG in Treasury

Over the last 18 months, Societe Generale has experienced a steady increase in requests from their corporate clients to integrate ESG features in treasury management.  Louis-David Rouyer, Philippe Pougeard, and Emmanuelle Petelle (Societe Generale) provide TMI’s Eleanor Hill with a whistlestop run...


Lift Off for Fed Rate Rises

Welcome to the latest edition of Liquidity Link Live, your exclusive market analysis provided by Northern Trust Asset Management, one of the world’s largest cash managers. Tune in each month to discover the very latest insights on the UK, Eurozone and US markets. This edition was recorded on the 5th of...


Treasury in 2022 and Beyond

Industry experts Bob Stark (Kyriba) and Sebastian di Paola (PwC) join TMI’s Editor, Eleanor Hill, to explore the very latest treasury trends – and to discuss how smart treasurers can get ahead of the game by ...


How BearingPoint Harnessed Data-Driven Forecasting with CashAnalytics and SAP

Listen back to our recent forecasting masterclass, where Group Treasurer Eveline Stam, and Conor Deegan (CashAnalytics) provided TMI’s Eleanor Hill with a comprehensive overview of how consultancy firm BearingPoint achieved company-wide cash forecasting nirvana by combining specialist solutions from...


The 3 T’s of The Future: Tech, Treasury, and Transformation

Over the past two years, an increasingly dynamic environment has not only accelerated technology development – from quantum computing to blockchain technology, and even the metaverse – but also technology adoption, bridging colleagues and breaking down silos in a remote work world. In this podcast,...


Monetary Policy Continues to Drive Markets as Ukraine Invasion Weighs on March Meetings

Welcome to the second edition of Liquidity Link Live, your exclusive market analysis provided by Northern Trust Asset Management, one of the world’s largest cash managers. Tune in each month to discover the very latest insights on the UK, Eurozone and US markets. This edition was recorded on the 3rd of...


Tax Spotlight: How the OECD’s Two-Pillar Solution Impacts Treasury

Aaron Lee and Joseph Lee (DBS Bank) join TMI’s Eleanor Hill to discuss how the OECD’s Two-Pillar Solution aims to address the tax challenges arising from the digitalisation of the economy. Ahead of the 2023 implementation date multinational corporates will have much to consider around these reforms....