Faced with what feels like a sudden onslaught of attacks, SWIFT may be looking to pull the plug on member banks with cybersecurity that is not sufficiently strong.
According to SWIFT Chief Executive Gottfried Leibbrandt, sophisticated cyberhacking enterprises have “chang[ed] the game completely.”
“We could say that, if the immediate security around SWIFT is not in order, we could cut you off. You shouldn’t be on the network,” he told Financial Times. “There are pros and cons to that. The pros are that it provides clarity that, if you are on the SWIFT network, you need minimum standards. I think the con is if you do it too heavy-handed, you could drive people to unsafe channels.”
That statement comes just a few days after details of new security measures were released, which itself follows in the wake of a run of high-profile bank hacks.
Those measures include tougher security and operating guidelines and new auditing and certification processes for the management of SWIFT messages at a customer’s site. The new rules, however, did not include expulsion or suspension as a threat for banks that did not come up to the new standards. The assumption earlier this week was that counterparty banks and international regulators would be the “police force” for these additional rules.
Liebbrandt’s remarks seem to indicate that SWIFT is preparing to take a tougher stance with its member banks as it tries to restore confidence in its network.