SWIFT may prohibit banks with weak security from using its system

SWIFT CEO Gottfried Leibbrandt said the organization is considering whether it will exclude from its network banks that have demonstrated weak information security.

SWIFT may throw out users who exhibit bad security practice
SWIFT may throw out users who exhibit bad security practice

In the wake of a series of cyber heists against banks internationally, SWIFT is considering changes in its process of allowing open access of its messaging service to financial institutions.

SWIFT CEO Gottfried Leibbrandt said the organisation is considering whether it will exclude from its network banks that have demonstrated weak information security, according to a Financial Times report. “We could say that if the immediate security around SWIFT is not in order we could cut you off, you shouldn't be on the network,” he told FT.

The organisation is urging its members to implement consistent security practices, and has recently sought to improve information sharing among its customers. Hackers took advantage of vulnerabilities in SWIFT's member banks to facilitate the cyber-theft of millions of dollars (pounds) from a series of banks, most notably the theft of $80 million (£55 million) from the Bank of Bangladesh.

Speaking to SCMagazineUK.com, one SWIFT spokesperson said that disconnection is only one of the options that the cooperative are considering moving forward: “What we have said is that everything will be considered – including the merits of a disconnection or a suspension as a penalty for customers who have violated any security rules that we might hardwire. All these things - amongst many other things – will be considered and the pros and cons of the different alternatives weighed up." 

The spokesperson added, "customers will of course be involved in and consulted on the further definition of the Customer Security Programme, including decisions on such matters.”