SWIFT did not monitor weak security practices of its users - report

News by Jeremy Seth Davis

Former board members and senior employees at SWIFT, said the company did not monitor or make attempts to improve the poor security practices of its clients.

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) has a history of failing to address security incidents involving clients of the financial messaging company, according to a Reuters report. More a dozen current and former board members and senior employees, including an executive who was SWIFT's CEO for fifteen years, told Reuters that the company did not consistently oversee or attempt to improve poor security practices of its clients.

Although SWIFT viewed smaller financial institutions as a potential security threat, the company failed to monitor its users' security procedures or track security incidents, according to the individuals. The messaging platform viewed banking regulators as responsible for overseeing the security practices of smaller banks, former board member Arthur Cousins told Reuters.

The financial messaging service platform is at the centre of investigations into cyber-attacks against banks and financial institutions internationally. In recent months, SWIFT has enacted a flurry of new measures following additional scrutiny into the messaging system's security and the practices of its clients.

In June, SWIFT CEO Gottfried Leibbrandt said the organisation was considering notifying banks that have demonstrated weak information security that “you shouldn't be on the network.” Then in July, almost three months after the company discovered that malware had targeted its system in the US$81 million (£61 million) cyber heist of the 
Bangladesh Central Bank, the company announced that it had hired two cyber-security firms to assist its cyber-security group. 

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews