SWIFT Bank Tool Responds to Cyberattacks

The organization’s new Daily Validation Reports aim to warn banks about unusual activity and prevent fraud

By Colleen Morrison

With a series of cyberattacks casting a shadow over the SWIFT network, the organization is fighting back with a new tool for financial institutions.

Created as a way to validate SWIFT transaction activity, the new Daily Validation Reports enable financial institutions to detect unusual payment flows or significant changes in messaging patterns that represent a risk. They target inbound and outbound message traffic by counterparty, country and currency, providing increased visibility. Monitored SWIFT message types include MT 103, MT 202, MT 202COV, MT 205, and MT 205COV.

According to Tony Wicks, head of AML initiatives at SWIFT, Daily Validation Reports are tailored to meet the needs of smaller financial institutions. Many community banks depend on the accuracy of the data stored on their local systems, and that data may be missing or compromised in the event of a cyberattack. SWIFT delivers Daily Validation Reports through a separate channel, leveraging out-of-band access to address this issue.

Seamless introduction
SWIFT also designed the reports to integrate seamlessly for community banks. They work as a cloud-based utility service with near-instant switch-on.

“Smaller institutions will not face expensive project deployment or intrusive changes,” says Wicks.
One potential downfall: The reports aggregate information from the previous day’s activities. This lag time may mean losses for financial institutions, but Wicks notes, “Even next-day identification provides significant opportunity to react to fraud and recall funds.”

That may not be enough, says Jane Hennessy, head of external alliances at G2 Web Services, a Bellevue, Wash.-based provider of payment risk management solutions.

“Any measures like this are going to be useful in some regard,” Hennessy points out. “But, like a lot of things in banking, it’s a backward look. If you are going to have a robust solution, you’re going to need real-time data, because fraudsters are astute and find these vulnerabilities.”

Need for vigilance
Cyberattacks in the first part of 2016 resulted in the launch of SWIFT’s Customer Security Program, and Daily Validation Reports emanate from that program. The attacks, wherein hackers used banks’ local message systems to move millions of dollars out of accounts, caught the attention of the community, and in June 2016, the Federal Financial Institutions Examination Council issued a joint statement warning financial institutions to safeguard interbank messaging and payment networks.

The reports were developed in consultation with the community, and SWIFT has soft-launched the system with select financial institutions. The organization has plans to evolve them based on user feedback. The reports became available in December 2016. Financial institutions can subscribe by contacting their SWIFT account managers or emailing DVR@swift.com. While pricing was not set at press time, Wicks assures us the cost will be accessible for smaller institutions.

Colleen Morrison is a freelance writer in Virginia.