Swift CSP 2024: Overview of the updates for this year

Considering the sophisticated cyber-attacks on Swift users, Swift CSP 2024 (Customer Security Programme) was developed to aid financial institutions with updated and effective defenses. This program maintains appropriate cyber security hygiene of the wider financial network and reduces the financial impact of fraudulent transactions.

Swift CSP 2024: Overview of the updates for this year

Underneath this program, users must submit an attestation application against advisory and mandatory security protocols outlined in the CSCF (Customer Security Controls Framework). These protocols may undergo annual updates to promote transparency and encourage a collective effort among peers. So, let’s explore the necessary controls that we must adhere to in order to secure ourselves from cyber attackers.

What are the mandatory and advisory controls of Swift CSP 2024?

The primary purpose of mandatory security controls is to establish a fundamental level of security across the financial community, mitigating the risk of cyber-attacks. All the Swift users are entitled to follow the rules outlined in the Customer Security Controls Framework (CSCF). These mandatory controls set pragmatic objectives for achieving immediate and measurable security improvements, contributing to risk reduction.
However, advisory controls are recommendations for the best practices that apply to all users. These controls may change over time due to the evolving threat landscape, new technologies, security-related regulations in significant jurisdictions, advancements in cybersecurity practices, or user feedback. Consequently, some advisory controls may transition into mandatory status while new controls may be introduced.
All controls are structured to align with three overarching objectives:
  • Secure your Environment

  • Know and Limit Access

  • Detect and Respond

Objetives and Principles

This year, the Swift CSP 2024 contains 32 security controls of which 25 mandatory controls and 7 advisory controls. Given the dynamic nature of the cyber-threat landscape, these controls play an indispensable role in addressing and mitigating the cyber-security risks inherent in the Swift user environment. After all, the goal is to effectively tackle these identified risks.

Overview of CSCF changes with Swift CSP 2024

The Swift Customer Security Controls Framework incrementally builds on last year’s version to maintain the system’s integrity and continuously assist all Swift users.
Control 2.8 (Outsourced Critical Activity Protection) has been made mandatory and subjected to minor clarifications to support the endorsement of outsourcing and cloudification within Swift. Moreover, to promote the phase of making Control 2.4 A (Back Office Data Flow Security) into a mandatory control, several modifications/amendments have been implemented to identify accurately:
Moving forward, some minor adjustments have been made to controls, enhancing the application’s risk appetite and understanding of the framework, such as.
Overview of CSCF changes with Swift CSP 2024
The persistence of cyber-attacks underscores the importance of exercising prudence and maintaining diligence to establish a barrier against cybercrimes. As the cyber threat landscape evolves, so does the CSP. The controls mentioned above have been updated through continuous cyber-threat analysis, aligning them radically with existing information security industry standards. Users are responsible for securing their environments and Swift services access to uphold a secure economy.


ECS Fin leverages over a decade of expertise in delivering comprehensive compliance services tailored for banking and financial clients. We possess a profound understanding of the intricate cybersecurity challenges prevalent in this domain. Our commitment extends to supporting you through every phase, ensuring a seamless and successful attestation for SWIFT's Customer Security Programme (CSP). Know more about Swift CSP Assessment!/ Let ECS Fin help you reinforce the security of your systems