SWIFT CSP Assessment-Icon

SWIFT CSP Assessment

    • Based on recognized international standards, the SWIFT financial transaction network has published the Customer Security Programme (CSP), which provides a common basis for IT risk management for all companies connected to SWIFT and also covers requirements of the EU Payment Services Directives PSD2 (2015/23669). This Customer Security Programme (CSP) requires SWIFT users to assess and confirm to SWIFT the level of implementation of the security standards. All affiliates must conduct an assessment of the security measures they have in place and have the security of their infrastructure independently audited on an annual basis.


    • As the SWIFT Customer Security Control Framework (CSCF) is continuously being developed, changes also resulted for 2022. The evaluation and implementation of the requirements poses particular challenges for companies.
    • Due to a lack of expertise, it is often difficult to answer questions such as defining the type of architecture, the security zone, and deriving the scope of control.


    • FALK ITAC-assists you in implementing the requirements of the current SWIFT CSP. Here, we accompany you in the submission of a security attestation supported by an independent assessment to declare compliance.
    • Likewise, we can perform the assessment for you and confirm compliance. For this purpose, we perform a comparison of the existing cyber security controls with the requirements of the SWIFT CSCF, assess the adequacy of the implemented controls and propose measures to improve the controls.
    • Our company is listed in the the CSP Assessment providers directory and our designated employees have the corresponding necessary certifications and participate annually in the training procedure prescribed by SWIFT.
    • Disclaimer
    • “SWIFT does not certify, warrant, endorse or recommend any service provider listed in its directory and SWIFT customers are not required to use providers listed in the directory”


    • As a first step, we will provide you with an interim report in English with recommendations on how to meet the mandatory requirements of the SWIFT CSP. You can then implement the recommendations based on the identified vulnerabilities. We then conduct a final independent external assessment and prepare a final report in accordance with the format specified by SWIFT. Included in the report is a management summary.


Hinweisgebersystem/Interne Meldestelle

Willkommen beim anonymen Hinweisgebersystem/der anonymen internen Meldestelle der FALK GmbH & Co KG. Sie haben die Möglichkeit anonyme Meldungen zu konkreten Gesetzesverstößen oder Verdachtsmomenten einzustellen. Jeglicher Kontakt sowie die damit verbundene Kommunikation erfolgt in anonymer Form. Die Herstellung einer Verbindung zu Ihrer Person ist nicht möglich und auch nicht vorgesehen. Bitte vermeiden Sie die Angabe Ihrer personenbezogenen Daten in der Nachricht/im Betreff.

Company Contact Legal notice Data privacy