Q. (gtnews): What changes have been made to the SWIFT Shared Infrastructure Programme and what does it mean for service bureaux?
A. (SWIFT’s Filip Versluys): SWIFT Service Bureaux (SSBs) are very important to us. During the past few years bureaux have increasingly connected clients to the SWIFT network. There are almost 3,500 SWIFT BIC 8 clients that are connected through a SSB [a BIC 8 identifies a financial or non-financial institution in a country or a location -Ed]. Due to the fact that SSBs sit between SWIFT and our customers, we developed the Shared Infrastructure Programme (SIP) to govern them. The programme was originally updated last year to reflect the position bureaux have in the overall SWIFT community and more additions have just been made this year.
The most recent updates, which came into effect in April 2013, cover a number of key requirements with which a SSB will have to comply across three dimensions, covering:
- and Operational issues.
In the past, SWIFT described some of the requirements and the service bureaux operators were asked to comply with the Shared Infrastructure Programme. We will strengthen this requirement with regular compliance checks across the three key areas in the future, covering legal, financial, and operational issues. For example, on the financial and legal side we will look for confirmation that elements of the bureau operator that are available in the public domain, such as ownership and leadership.
We will also validate the financial elements of a bureau and gain, on behalf of our community of users, a better understanding of the financial position of the bureau operator. Ultimately, we want to ascertain that SSBs are properly incorporated and financially sound.
The legal and financial elements of a bureau represent areas of potential risk and some of the recent changes we have instigated in the SIP initiative are driven by risk considerations.
The operational side covers the numerous technical components that are required in order to connect to SWIFT. Again, we have looked at the risks that are associated with running these technical components [i.e. resiliency and standardisation -Ed] and have described what we believe are the minimum, standard and premier operational practices required to connect to SWIFT. We have documented these requirements, as we did in the past, and have looked anew at a number of elements such as physical connectivity and the know-how needed to operate that infrastructure.
Q. (gtnews): What has driven the changes?
A. (Filip Versluys): There are two main drivers – risk mitigation and transparency. SWIFT understands that across the three key dimensions, covering legal, financial and operational issues, there will be risks. Because of the importance of SSBs as a way of connecting users to the SWIFT network, we want to actively mitigate any risks and ensure consistently reliable SWIFT connectivity from these bureaux. By checking against the three levels of best practice [covering a minimum, standard and premier operational practice: see Figure 1], SWIFT believes it can help to mitigate risks.
The other driver is transparency. There are more than 100 active SSBs in operation and any new users looking to connect to SWIFT via a service bureau will benefit from the Shared Infrastructure Programme (SIP). Its requirements are rigorously defined and service bureau are checked and certified against one of three SIP certification levels [see Figure 1]. The certified service bureaux are then published in the online SWIFT service bureaux directory.
Figure 1: The three different criteria for SWIFT Service Bureaux (SSBs) under SWIFT’s revised Shared Infrastructure Programme (SIP), covering minimum, standard and premier operational practices, are detailed below.
Q. (gtnews): How will compliance checking take place?
A. (Filip Versluys): Checking will take place across the three levels of operational, financial and legal requirements. The financial and legal checks will include some of those we currently do for SWIFT users. We will deploy a SWIFT team who are familiar with validation checking and will reuse some of our current processes. For the operational level, we will combine a number of processes, including remote checking as well as onsite follow-up checking. The checks will be conducted every three years. It is important that we strike the right balance between actively checking compliance versus over-engineering the programme. We have built-in capabilities to increase the frequency of checking if we identify a risk element within a bureau.
Q. (gtnews): What does SWIFT hope to achieve with the new certification?
A. (Filip Versluys): One key element for SWIFT is risk mitigation. We have a very strong brand and position in our community and want to ensure that the SSB offering is very strong. We want anyone connecting to SWIFT via a service bureau to have a very good understanding of what the requirements are and have a high comfort level that SWIFT has put a programme in place that governs the bureaux space.
Q. (gtnews): What impact do you think the changes will have on existing SSBs and any organisations planning to offer a bureaux?
A. (Filip Versluys): We have had a very positive reaction from service bureaux since we shared our plans with them. The SSB community understand the rationale behind the changes and certain bureau operators should not have been surprised by a number of the requirements as they are evolutions of the Shared Infrastructure Programme. Moreover, checking for compliance against the SIP requirements is very logical.
I think there will be a reflection among SSBs about how they position their own service offerings and how they plan to differentiate themselves. They will be thinking about how they can go beyond the standard operational practice within the SIP. This should be a positive development for end users.
Q. (gtnews): What impact do you think the changes will have on existing users of SSBs and corporates planning to use a bureau?
A. (Filip Versluys): These changes will help end users to choose a SSB and also help them to understand the type of service they can expect. There are more than 100 service bureaux in operation today and among that community there is a wide variety of service offerings being made available to end users. A number of years ago, pure connectivity in itself was the main driver for service providers and bureaux. Increasingly, SWIFT connectivity has become commoditised and it has become more important for end users to understand what types of tools are available, as additional services are added on top of SWIFT connectivity.
Users will find it more straightforward to differentiate between the different levels of service offering and can therefore focus their attention on the additional capabilities they require as SWIFT users.
Q. (gtnews): What happens next?
A. (Filip Versluys): The changes to the Shared Infrastructure Programme were agreed by the SWIFT board at the end of last year. We are now in the roll-out phase and are engaged with service bureaux in a very active upgrade programme since the April unveiling.
It is early days, of course, and we have also not locked ourselves into change overnight. We appreciate that there may be some significant upgrades SSBs will have to make so we have given them a window in which to do that [It is, however, likely minimum compliance will be necessary in time for the Sibos 2013 show in September in Dubai, UAE, in-line with other previous changes -Ed].
Overall our objective is to provide clear governance of the bureaux space on behalf of the SWIFT community and mitigate any risks that may be there.
- This feature is taken from the 2013gtnews SWIFT Service Bureaux (SSB) Buyer’s Guide. To see the other features and the entire 40-page pdf document please click HERE.
Many banks around the world, large and small, continue to experience major security failures. Biometric systems such as pay-by-selfie, iris scanners and vein pattern authentication can help.
Despite all the automation and improvements that digital banking has the potential to achieve, customers and their needs still form the very core of the banking sector.
Banks might feel justified in victim blaming when fraud occurs, but it does little for customer confidence.
Politicians have united in urging the Reserve Bank of Australia to lend its backing to the digital currency by officially recognising it.