plenaries work session summaries swiftlab networking
TRANSCRIPT
Operations Forum Europe
28-30 November 2018 | Hotel Okura | Amsterdam Netherlands
WRAPndashUP REPORT
Explore SOFE
PRESENTATIONS (swiftcom login required)
PHOTOS
(Smugmug)
CLOSING VIDEO
(YouTube)
Plenaries
Work session summaries
SWIFTLab
Networking activities
CSR
Thank you
SOFE in numbers
SOFE in the news ndash Finextra Save the DateSWIFT OPERATIONS FORUM EUROPE ndash DAY I REPORT
SWIFT OPERATIONS FORUM EUROPE ndash DAY II REPORT
SWIFT OPERATIONS FORUM EUROPE ndash DAY III REPORT
27-29 November 2019Hotel Okura Amsterdam
SOFE2018
360+DELEGATES
108ORGANISATIONS
40PARTICIPATING
COUNTRIES
10EXHIBITORS AND
SPONSORS
48WORK
SESSIONS
Accelerating transformation
22
Change will never happen this slow againrdquo
Keeping up with exponential change
The opening plenary session kicked off with a presentation from Stephen Gilderdale SWIFTrsquos Chief Platform Officer He began by recalling the quote ldquochange will never happen this slow againrdquo and noted that this is a particularly relevant thought when applied to the financial services industry Technology is the catalyst for this and as it becomes possible to do and automate things that were not possible before technology continues to evolve and business transformation follows
The increasing rate of change is exponential Gilderdale said In the payments business this facilitates new market entrants These are digital natives with no legacy infrastructure to hold them back who are catalysing the adoption of new technologies and changing the marketplace Artificial intelligence (AI) is one of the buzzwords of 2018 and Gilderdale noted that we are still in the early days of seeing the benefits that this technology can offer The potential it has is undoubtably exciting The way that banking has been digitised in the past 10 years is incredible and it has had a major impact on the customer experience
Welcoming 360+ delegates from 40 countries to the SWIFT Operations Forum Europe (SOFE) 2018 Leo Punt Head of Support and Services EMEA SWIFT described the event as a chance for customers to hear how SWIFT is accelerating transformation to respond to the pace of change happening in the industry
This year SOFE 2018 had a theme for each day Innovation in financial services and the application of new technologies dominated conversation on day 1 of the SWIFT Operations Forum Europe 2018 The second day explored security and day 3 looked at the shape of the future for banking
Accelerating transformation
Introduction
Plenaries
Day I Innovate
33
Community collaboration is critical to tackle the cyber threatrdquo
Gilderdale also drew attention to the new business models that are emerging pointing to PSD2 and Open Banking as allowing third parties to build on top of or complement existing offerings in the market ushering in a new era of competition and collaboration
Cyber crime is also forcing change on the industry It is changing ways that banks manage their businesses while also making the community as a whole think about how the entire ecosystem is managed Gilderdale said that the lsquoprotecting my own four wallsrsquo way of thinking is no longer sufficient and that community collaboration is critical to tackle the cyber threat
SWIFT is also evolving Legacy can also be an asset said Gilderdale who made the point that one key asset for SWIFT is the ecosystem that is already there and accessible through a single window He highlighted that even on FIN messages are delivered within seconds and cost low level eurocents while at the same time retaining security and resilience
In terms of SWIFTrsquos innovation focus Gilderdale explained that a growth and acceleration plan agreed earlier in the year
included a commitment to greatly accelerate work on the SWIFT global payments innovation (gpi) and APIs as well as to step up innovation on ISO 20022 data analytics and the Customer Security Programme (CSP)
On gpi Gilderdale said that over 300 banks are now committed to implement it representing some 80 of SWIFTrsquos cross-border payments In 2019 the tracker will be made available to all users while by 2020 it will be mandated that all payments must have a confirmation Gilderdale said that the development of gpi is to ensure that the whole community benefits from its capabilities
During the opening plenary we also heard from Craig Young Chief Information Officer at SWIFT who outlined some of the steps the organisation is taking to derive benefits from new technologies Looking at SWIFTrsquos API strategy he noted that an open dialogue with the developer community is essential Young went on to shared SWIFTrsquos technology roadmap for 2020-2022 looking at the aspirations for the future state
A panel discussion followed the initial presentation Conversation turned to the cloud with Young saying that cloud is a major area of focus for innovation in the industry The cloud represents an opportunity to rebuild products and services in a way fit for the future and he commented that SWIFT applications could move to the cloud as they continue to be developed and deployed
Plenaries
SWIFT users are also already using public cloud software to connect and run services Gilderdale said In the long-term most users are moving to cloud connections He noted that SWIFT has a new cloud platform in the pipeline but that at the same time some customers will still want to use their own infrastructure Being able to demonstrate the security and confidentiality of data is critical
44
opens up questions for banks with regards to what kind of information and how much of the process they want to expose to their end customers
Josserand closed by saying that the gpi porlet is an example of a solution that is ready to be deployed but that is pending feedback from the community before moving to the next stage
The innovation plenary finished with a video message for SOFE delegates from SWIFTrsquos CEO Gottfried Leibbrandt He underlined that innovation is vital to the organisation as it is a technology company and that he wants to support the companyrsquos customers There is a big focus on innovation of systems and
Leibbrandt was keen to stress that SWIFTrsquos existing footprint and systems allow for a quick ramp up of new solutions such as gpi which he noted as an example of innovation at the core of the banking system
Leibbrandt closed by saying that the big challenge with innovation in financial services is to ensure that it is relatable to what banks actually have and what they are doing today rather than simply innovating for innovationrsquos sake
Plenaries
Innovation plenary
The afternoon of day 1 kicked off with the Innovation plenarywhich included a case study highlighting the type of work done by the SWIFTLab Claire Josserand SWIFTLab amp innovation manager gave delegates a preview of solution that is being developed right now but has not yet gone to market
Josserand described plans for a gpi portlet ndash a way to integrate gpi into a bankrsquos web portal in a way that brings information directly to their end customer All of the information provided is seen directly through the bank screen once the customer has logged into their online banking and the view of the tracker is customisable for every institution She made the point that this
55
Today cyber criminals are much more likely to attack institutions through social engineeringrdquo
Keeping up with exponential change
Day II Secure
Jamie Woodruff director of MetricsCloud and a renowned ethical hacker gave an entertaining and eye-opening keynote presentation on cyber crime to kick off day two of SOFE While therersquos a certain media perception of who a hacker is Woodruff noted in reality it is much more likely to be a disgruntled current or former employee that is seeking to compromise your institution
Woodruff then ran through how cyber crime has evolved starting with viruses such as malicious code and trojans through ID theft and then on to the opportunistic nature of botnets Today cyber criminals are much more likely to attack institutions through social engineering and the threats are certainly much more financially motivated than in the past where defacing or closing a website was the main goal for hackers
Once a hacker has compromised your systems the prospect of a lsquosmash and grabrsquo raid is generally not that likely they much prefer to sit in the system and monitor activity and the movement of data In many ways data is more valuable than simply removing money from an account
Woodruff explained how it is possible to buy ransomware ndash similar to the infamous WannaCry software ndash for around $10000 It is undetectable and also comes with your own account manager They can also offer lsquocustomerrsquo service support essentially talking the victims of such an attack through the process of how to buy and send the crypto currencies required to release their computers or systems from the attack
This is one example of the growth of organised business cyber crime Woodruff spent some time describing the organisational structure of a typical organised cyber crime operation before going on to explaining his approach to social engineering that allows him to facilitate the ethical hacks he is hired to perform Having defined the end goal or motivation of the hack he will engage in online reconnaissance of the business as well as profile physical and human targets Once the information gathering is complete he will select the specific attack vectors to use and launch the attack
Woodruff explained that even though companies may have very strict data security policies they can still provide hackers with vital information from some surprising and unintentional sources He used the example of a job advertisement that sets out the specific software requirements the organisation requires from candidates To any hackers seeing the advertisement they now know that specific software runs somewhere in the organisationrsquos systems and can set about targeting that
Plenaries
66
Addressing the cyber threat
The afternoon plenary on day two was a panel discussion on cyber security for which Woodruff was joined by Petra Hielkema director of payments and market infrastructure at the Dutch Central Bank and Karel De Kneef SWIFTrsquos global head of security operations The discussion was moderated by Saskia Devolder head of Western and Central Europe at SWIFT
Woodruff expanded on his earlier point about disgruntled employees as a potential weak link To identify someone like this he said they will often disassociate themselves from the organisation they work for They may also enjoy taking company property home for example Woodruff noted that certain patterns of behaviour can be identified and that this is a field where AI can be particularly helpful
Hielkema made the point that institutions need to test what hackers do when they get into their systems and that the focus cannot simply be on keeping them out She added that there are two types of companies those who know they have been hacked and those that donrsquot
One way to prevent getting hacked is to ensure you are on the latest software version so make sure to patch De Kneef commented Patching is very important as it is a good foundation As he put it donrsquot invest in fancy technology if you keep the back door open
Hackers will sit and watch you not just in your system but physically in person and they are prepared to wait Woodruff said that organisations need to be aware of this The incursion doesnrsquot have to
happen in the finance department De Kneef noted it could happen anywhere from HR to marketing
Having spent many years looking into the security that organisations have on their data Woodruff said that lsquoBig Pharmarsquo is more secure than any other industry he has seen He added that financial institutions are generally more secure than corporates who may lack the budget for robust cyber security De Kneef noted that over the past three years the response in financial services to cyber threats has been tremendous from the regulatory side to the institutions themselves
Answering a question from the audience about how robust cloud security is Woodruff recommended that institutions adopt a multi-cloud approach if they havenrsquot already Essentially
this breaks up information that is valuable into several different pieces on different clouds Individually the information is useless and therefore unusable by a hacker He used the example of dividing up credit card details ndash every four numbers from the main number the expiry date the CVV number etc ndash into different cloud storage
Communication is a vital element in addressing any type of hack both internally and externally the panel agreed Woodruff said that the reporting of a system compromise comes down to people Some will be scared to report when they accidentally click a compromised link on their computer in case they are disciplined by management Organisations need to foster a culture where staff members are encouraged to report the slightest of suspicions they may have
Additionally companies and institutions themselves need to communicate to the market when they identify a hack on their systems Hielkema said that organisations should have a communications strategy in place before anything like this happens so that they can react quickly ndash she noted that unofficial accounts can drop on social media really quickly so it is vital that companies can get out ahead of this
Plenaries
77
Dr Markos Zachariadis ndash who is associate professor of Information Systems Management and Innovation at Warwick Business School University of Warwick and also a fintech research fellow at CDI University of Cambridge ndash gave a keynote presentation on the future of banking with particular reference to open APIs and the digital economy
Starting by looking at what drives change in financial services Dr Zachariadis identified regulation demand technology and organisational and market structure as four key drivers that both impact and are impacted by each other
Today there is a regulatory context in open banking ndash from the second
Payment Services Directive (PSD2) and Open Banking in the UK The whole idea is to open up access to data in order to improve market outcomes At the same time technology has developed at an extremely rapid pace particularly when it comes to APIs Dr Zachariadis said that banks need to not only think of APIs as technology but also to conceptualise them as a product that can be priced managed and promoted
He noted how APIs have led to a rapid growth in platforms citing Applersquos iPhone with its iOS and apps as a key example Apple was quick to push APIs to the public and the iPhonersquos foundation as a platform made the difference
Day III Shape the future
Industry platformification
The platform concept has opened up and is now seen in many industries said Dr Zachariadis using Uber Airbnb Facebook and Instagram as prime examples Most people are now familiar with the quote about Uber being the largest taxi company but not owning any cars Airbnb as the largest hotel chain without owning any property and so on What all of these businesses have in common is that they connect people ndash service providers and service buyers
What platforms do differently is that they sell reductions in transaction costs not products It is a business model that creates value by enabling interactions between external producers and consumers Platforms can also scale more efficiently and quickly by eliminating the gatekeeper They can unlock new sources of value creation and supply
Dr Zachariadis then went on to talk about the network effect which is the value that is created when more and more people join
a network There is a positive effect when users join and enlarge a network The benefits increase for everyone ndash the more companies that join a platform the more value they can extract from the network
Plenaries
88
Context for financial services
How does the platformification disruption seen in other industries relate to banking Dr Zachariadis noted that APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clients The question is how to do that He pointed out that while banks need to sell lower transaction costs they still need to sell the trust and reassurance to the customer that the banking business relies on
Dr Zachariadis ran through four types of platforms in the financial services world that have emerged since PSD2 These arendash Incumbent bank platformsndash Challenger bank platforms
which do brokering much better according to Dr Zachariadis Examples of this include Starling Bank and Revolut
ndash API aggregator platforms which connect banks to fintechs
ndash Account aggregator platforms and services
Following his presentation Dr Zachariadis was joined on stage by Leo Punt head of EMEA Services and Support at SWIFT for a short QampA on some of the issues that had been raised Punt began by asking whether there is room for utilities in the financial services market of the future
Dr Zachariadis said there is but he is unsure for how many saying that there may be some consolidation for banks that go this route to undertake He made the point that utilities in this space are not platforms but that they can be very profitable
Touching on the key theme from day two at SOFE Punt then asked if the platformification development in financial services is being hampered by cyber threats Dr Zachariadis agreed that in a modulated environment this is an issue that may delay the launch of more open business models He did also note that there is an opportunity for banks
if they can be an early adopter and can demonstrate a stable platform they can get a huge first mover win The sooner banks can cut transaction costs the sooner they can earn more customers
Dr Zachariadis closed by offering two key takeaways to the SOFE delegates1 Think about what you could
offer to customers that isnrsquot in your value proposition right now Look at things built outside that you can offer to customers
2 Everything starts from sharing data The biggest value of being a platform is access to more data than ever How can you use this to bring more value to yourself as well as to your customers
Plenaries
APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clientsrdquo
When SOFE 2019 begins in 12 monthsrsquo time it will be fascinating to see how far financial services has come in the digital transformation journeyrdquo
99
Work session summaries
Business amp ComplianceFinancial crime compliance in the real-time world
This work session considered the challenges faced by institutions in meeting their financial crime compliance obligations in an increasingly fast-paced world and how SWIFTrsquos Financial Crime Compliance (FCC) portfolio can help institutions respond ndash today and in the future The session discussed the challenges associated with the rate of regulatory change how gpi is increasing the speed and volume of correspondent payments the dynamic rate of change of lists and screening requirements for sanctions compliance and the increasing fraud risks faced by institutions with the adoption of real-time payments SWIFTrsquos FCC solutions allow customers to manage the complete compliance life-cycle with solutions forbull Know Your Customer
The KYC Registry provides a secure shared platform for financial institutions to exchange standardised know your customer information
bull Anti-Money Laundering The Compliance Analytics portfolio pinpoints compliance risks and gives a new way to monitor your correspondents to identify activities indicative of money laundering
bull Sanctions Compliance Provides fully-managed securely-hosted screening of your customers and transactions against the latest sanctions and PEP lists with instant alerts of any matches Provides up-to-date sanctions lists and capabilities to test your own filters
bull Fraud Prevention Payment Controls helps you manage your payment policy and identify unusual or uncharacteristic payment risk that may be indicative of fraud and provides an independent snapshot of your SWIFT transaction activity
The session considered how these solutions can help institutions be more operationally agile in terms of deployment and response to changing regulation through the use of hosted utility based solutions why understanding of counterparts and their behaviour improves trust and helps streamline STP how quality and effectiveness of systems and data is key to process payments quickly and efficiently and how institutions can best defend themselves from new patterns of cyber-fraudwwwswiftcomcompliance
How SWIFT Business Intelligence solutions support your gpi journey
During this yearrsquos Business Intelligence sessions at SOFE the team delivered in depth presentations on SWIFTrsquos Business Intelligence (BI) for gpi solutions which consist of the Watch and gpi Observer portfolios combined with BI services These solutions are specifically designed to support customerrsquos gpi business cases prioritisation strategies and help identify business development opportunities They demonstrated how these BI solutions provide tangible and unique insights that bring value and a competitive advantage to customers as well as to their customers The recently launched gpi Observer
Analytics solution was central to the discussion and as the team explained these cutting-edge insights provide all the payments routing intelligence and data for gpi members to see where to optimise or adapt their existing payment routings leading to lower costs and faster payments The sessions also highlighted how financial institutions that deploy the new solution are gaining speed benchmarking capabilities and are able to now act upon fact-based information to steer their cross-border payments strategy through improved operational and market analysis
1010
ISO 20022 for managers ndash the time is now
ISO 20022 for beginners ndash what you really need to know
As announced in September in 2021 SWIFT will begin migrating all cross-border and many-to-many payments onto ISO 20022 This decision comes after large scale community consultation that took in feedback from a wide variety of stakeholders We want to ensure the entire SWIFT community is well informed and prepared for the migration The session provided information about the approach we are taking and what it means for you
We have aligned the start date of our migration in 2021 with the adoption of ISO 20022 of the Eurozonersquos high value payments systems The migration will cover MT categories 1 2 and 9 and will impact correspondent banks as well as other users of these messages including securities players A four-year co-existence
The workshop focused on the following key aspectsbull What is ISO 20022 and how it
constitutes a single approach for financial standardisation initiatives
bull SWIFTrsquos involvement and unparalleled expertise in ISO 20022 adoption
bull Status on ISO 20022 implementations around the globe and how ISO 20022 has become the dominant language of financial transactions
bull The importance of Market Practice and zoom on HVPS+ (High-Value Payment System+) the ISO 20022 global market practice for Payment Market Infrastructures
bull A new challenge ISO 20022 migration for cross-border payments as a result of the September 2018 Board decision
phase will allow all members of the SWIFT community to make the switch
SWIFT will work closely with the community to formulate and refine market practice guidelines In tandem with the Payments Market Practice Group (PMPG) we have created the Cross-Border Payments and Reporting Plus (CBPR+) working group to develop global usage guidelines We will invite our community to review and give feedback on these guidelines as they mature
We will also provide a central translation service to ensure successful community migration and to facilitate the co-existence phase This service will also implement the rules formulated by CBPR+ and all users will be automatically enrolled
As result of the session participants gained a broader appreciation of the industryrsquos journey towards ISO 20022 adoption how global groups like HVPS+ are working together to create global industry standards and common principals
Work session summaries
Optimise your back-office functions with SWIFTRef the must-have global reference data utility
In this session we explained the new files including Standing Settlement Instructions (SSI) National ID History and National ID Format Account Number Format and the gpi directory We also presented the recent Entity Plus product and a revamp of our Bankers World Online tool (live on 15 December) and gave you some insight into our planned future developments of APIs
Finally we discussed the impact of the BIC migration to the new version of the ISO 9362 standard on SWIFTRef From March 2019 it will no longer be possible to derive the connectivity of an organisation from the 8th character in the BIC nor the time-zone from the 7th character This information is now reflected in dedicated data elements in the SWIFTRef portfolio As a consequence all
current BIC Directory customers need to migrate to the BIC Plus or BIC Directory 2018
More information on the SWIFTRef portfolio can be found at wwwswiftcomswiftref
1111
Work session summaries
Innovation
DLT e-Voting solution ndash A proof of concept with SWIFT and Slib
In this session SWIFT shared its vision on the role it can play related to DLT technology when the technology matures and strong use cases emerge SWIFT can become the market place for DLT-based services that are provided by third parties and deployed on the SWIFT network This can be achieved by leveraging existing infrastructure and services The eVoting proof of concept fits into this vision Slib acting as provider of a DLT-based service has developed an application for distributing shareholder meeting notifications and collecting votes from shareholders SWIFT has provided the DLT sandbox on which this application has been deployed
Evolution of SWIFTrsquos cloud platform
SWIFT AI ndash How to get structure out of your unstructured data
10 years ago SWIFT launched its first cloud platform lsquoAlliance Litersquo Since then the trend to outsource has scaled up significantly and SWIFT has continued to evolve its offering Today SWIFTrsquos cloud solutions (Alliance Lite2 Alliance Remote Gateway and Alliance Lifeline) are highly successful and serve more than 2300 customers In recent years constant change has become the new norm in the financial industry It is therefore important that our cloud solution provide our customers the agility they need to prepare for the future In that perspective SWIFT is developing a brand new cloud platform It is based on state-of-the-art technology offering 24x7 availability built-in resilience highest
This session presented a new SWIFT RampD solution based on artificial intellgence (AI) that can be used in order to get structure out of unstructured data
The goal of this AI research is to bring transparency to data by transforming legacy data into ISO 20022 format The solution can be used as a SWIFTNet API or as an onsite solution It is currently trained in SWIFT premises and is used in order to clean data such as the SWIFTRef data The conversion rate is currently of 95 but as it is a Machine Learning model it learns as it goes and the precision is improving every day
security and larger throughput Another key ingredient is the integration capability not only with the customerrsquos back-office application but also with SWIFTrsquos local archive solution lsquoAlliance Warehousersquo or SWIFT services such as gpi and transaction screening The platform will also have flexible message processing abilities and is being developed with a continuous attention to the user experience The go-live of this new cloud platform is planned for 2020 In addition to an overview of the main values customers can expect from this new cloud solution the session also offered a sneak preview of the graphical user interface More to come in the course of 2019
1212
SWIFTrsquos API strategy SWIFT gpi ndash the new norm in cross-border payments
This session built on the White Paper ldquoAPIs Delivering a global platform for the financial services API economyrdquo (httpswwwswiftcomresourceswift-api) that SWIFT published just before SIBOS 2018 It positioned SWIFTrsquos overall strategy on APIs building on its year-long experience in standardisation leveraging its security and reliability paradigm to the API world Finally both the standardisation and the platform aspects were brought to life by walking through a number of use-cases (including PSD2) There was a lot of interest shown during and after the session by attendees who are already closely involved in API implementations as well as those who will be in the near future
This year at SOFE the SWIFT gpi sessions were scheduled every day and welcomed 100+ delegates and vendors over the three days The sessions covered the features of the existing services (gCCT gCOV and gSRP) the eco-system and future roadmap Throughout SOFE a large screen projected the rapid take-up of gpi more than 105 gpi banks are now live on gpi representing 410+ BICs and covering 140 currencies Gpi sent traffic has grown to over 12 million cross-border payments daily with more than 50 gpi to gpi As a result gpi messages flow across 800+ country corridors representing a value superior to $100 bn daily
Work session summaries
Cyber security and the Customer Security Programme
Cyber intelligence sharing
Cyber resilience
The SWIFT ISAC shares information that customers can use to better protect their environment
After having explained how the SWIFT Customer Security Intelligence team usually performs its forensic investigations we reinforced the necessity for customers to regularly consume the Indicators of Compromise (IOCs) published on the portal
Additional focus was put on automated sharing of IOCs via STIXTAXII which was made available since February 2018 Participants left with a clear understanding of different ways in which SWIFT shares cyber intelligence with the SWIFT Community and of importance of acting on IOCs published on SWIFT ISAC
The voting app and interactions with the audience captured some feedback confirming the growing interest in cyber intelligence exchange within the SWIFT Community
The session on cyber resiliency first set the scene by presenting the evolving cyber threat landscape Cyber-attacks are becoming more frequent and sophisticated The industry is trying to keep pace by implementing security frameworks and moving from a position of control to one of resilience The session discussed the difference between cyber security and cyber resilience whilst for cyber security the focus is set on protecting and surviving a cyber-attack cyber resilience is composed of a broader range of measures taken to bounce back (recover) from a cyber-incident in a timely manner
During the second part of the session the multi-layered security approach taken by SWIFT was discussed and illustrated with resiliency functionalities available at different levels in the SWIFT application stack Finally the different steps in the recovery process after indication of a compromise were covered highlighting the common mistakes financial institutions make
1313
Improving the security of paymentsHow the Shared Infrastructure Programme (SIP) can increase the effectiveness of your risk management
This session explored the changing face of cyber-fraud and explained how financial institutions themselves are the new targets for the attackers This represents a significant challenge requiring institutions to protect themselves against these ever-present and changing cyber-fraud risks The attack vectors were characterised as well as why the cyber attackers want you to know nothing see nothing and do nothing
SWIFTrsquos recently launched Payment Controls service helps financial institutions reduce their fraud and reputational risks and build trust This zero-footprint in-network solution offers the ability to protect against the risk of fraudulent payments via real-time monitoring alerting and payment blocking It offers flexible configurable correspondent banking focused models designed in association with the community The capabilities and benefits were illustrated via an interactive hands-on demonstration using the live service showing examples of rule configuration activation and alert management This was followed by a detailed and lively QampA sessionwwwswiftcompaymentcontrols
The session covered the further evolution of the Shared Infrastructure Programme (SIP) in 2019 listed the tangible risk mitigating results of SIP since beginning of last year and provided an overview of the most common hurdles Service Bureaux are struggling with to reach full compliance with SIP 2018
Compliance with the SIP security and operational requirements is not only needed after a one-time assessment but throughout the year It was therefore explained how SWIFT captures the required security configuration data to enable the monitoring of such a continued compliance The session was attended by a very good representation of the service bureau community in EMEA by service bureau customers and their counterparties and by regulators The diverse audience was a unique opportunity to engage in a dialogue and to capture suggestions for increasing the effectiveness of the programme
Understanding your counterpartyrsquos CSP attestation level
Security Controls 2019
By now all SWIFT customers should be checking what the attestation level of their counterparties is and integrating this compliance data into their risk management processes One take away of the session was a need to adapt the cybersecurity risk governance model to support the assessment of counterparty cybersecurity attestation data eg Identify the appropriate representatives from across the organisation for lsquograntingrsquo lsquorequestingrsquo attestation data
The second take way is that KYC-SA attestation data should be viewed as an additional dimension within the institutionrsquos existing counterparty risk management framework Finally the participants confirmed the interest from the community to integrate the KYC-SA attestation data in their risk management system It is currently available by exporting data and in the future it will be done thanks to a new set of API We also spent some time in the session discussing considerations in granting and requesting access to attestation data
As the threat landscape evolves so must the CSP Details of the changes brought by the Customer Security Control Framework (CSCF) 2019 version were shared with the audience leading to very interactive exchanges We took the opportunity in this session to remind customers about(i) their obligation as per the CSP Policy to comply with the mandatory
controls of the CSCF v2017 by the 31 December 2018(ii) about the next upcoming milestones for 2019 and onwards and (iii) about the possibility to leverage the new reporting functionalities in the
KYC-SA application to integrate counterpartiesrsquo self-attestation results in their own risk management potentially along with the financial and legal due diligence aspects already covered in the KYC Registry application
On the risk management integration topic we strongly advised the audience to attend the session lsquoUnderstanding your counterpartyrsquos CSP attestation levelrsquo Finally we provided the attendees with a vade mecum of tactical actions to undertake to mitigate cyber risks This yearrsquos session was complemented by the opportunity for hands-on demos of the KYC-SA application at the SWIFT Lab
Work session summaries
1414
Alliance portfolio ndash Whatrsquos new whatrsquos next
In the session we took a look at the various key trends observed in the market ndash cloud UX data APIs ISO 20022 and cyber security ndash and presented to the audience the Alliance Portfolio plans to embrace those new trends The session started with a presentation of the new cloud platform that SWIFT is building The new cloud platform provides a fully managed interface and connectivity to SWIFT with improved availability resiliency and scalability It also comes with a completely new user experience with amongst others a very intuitive graphical user interface
The same team of user experience experts at SWIFT helped to design the Alliance Warehouse the brand new solution from SWIFT for long-term message archive with powerful search and investigation capabilities which was also presented during the session Finally we covered a brief introduction to APIs ISO 20022 and cyber security and looked at their impact on the Alliance portfolio
Work session summaries
Operational Excellence
Alliance interfaces roadmap 2019-2020
Alliance Messaging Hub ndash the future in financial messaging
This yearrsquos session was a traditional roadmap session that looked at what has been released over the last 6 months and what is coming up in the next 2 years
With the community having gone through the heavy CSPrelease 72SR2018 migration in 2018 everybody is now looking at what to plan next Release 72 support ends end January 2020 and by that time the community must have updated the fill stack of SWIFTNet and Alliance products to release 73 or release 74
Release 73 was made available in September 2018 and introduces amongst others new ways to implement multi-factor authentication Release 74 planned for mid-2019 will provide additional security and other features will support IBM MQ 91 and a slightly updated OS baseline Release 75 will focus on features for the ISO 20022 migration and ESMIG All along we will provide for AccessEntry the standard updates in the annual release as well as on the two preceding releases During and after the sessions customers took the opportunities to ask questions and exchange views with the product manager This was key information to ensure that the portfolio evolves in line with customer needs
In this session a high-level introduction was provided around Alliance Messaging Hub (AMH) SWIFTrsquos messaging hub that offers functionality beyond classic SWIFTNet interfacing AMH offers an orchestration layer on top of its SWIFTNet messaging capabilities allowing for flexible integration into banksrsquo systems and into other networks The 247365 capable architecture offers top class resilience and serves as a solid foundation for real-time processing
The product is able to process and orchestrate messages under high load and respecting low latency requirements AMH for Hong Kong Faster Payments is a real-life testimony to AMHrsquos processing capabilities
where it runs as a messaging hub for key banks in the region AMH version 40 will be launched in March 2019 and will offer an even richer set of security and gpi related functionality The application will be further shielded and installation and deployment will become more standardized to further reduce the banksrsquo TCO
Further strengthening its real-time offering AMH v40 will offer flows into RT1 and TIPS leveraging SWIFTrsquos Instant channel for the EBA and the Eurosystem In the multi-network space AMH v40 will provide flows for Fedwire Funds and TCH CHIPS
Beyond v40 and in the same way as financial institutions are evolving we are continuously innovating AMH The core will become more modular embracing the trends of containerised systems and we will introduce more integration options such as more standardized yet flexible API support With ISO 20022 migration and ISO 20022-powered APIs coming up we believe AMH will offer the complete package for a bank to face the upcoming challenges in the financial messaging eco-system
1515
Operational challenges Find out how we can help you manage them better
mySWIFT ndash Enhance your gateway to support the most of data analytics
SWIFT continues to invest in the support portfolio Over the past two years we have consulted customers to ensure that it remains healthy and future proof The findings led SWIFT to focus on customer experience as the central theme of the portfolio refresh
In the session the rebranded Professional Services organisation was shared It is now set up to take customers on the full solution journey from design to deployment to maintenance The deep-dive into the updated Advanced Support and Care offering gave further insights into the newly modularised and clarified support deliverables
The overall value proposition of SWIFT Community Support the backbone of support given to all customers and then the Premium and Care options was underlined Customers will now better understand and choose the appropriate pro-active reactive preventive andor hands-on support option with Premium Plus being perhaps the most attractive option as the dedicated service manager especially adds significant value
The sessions were very well attended and although it requires no specific action from customers it is an important evolution to keep track of
Last year at SOFE SWIFT ran exploratory sessions on Support Tools This year we were pleased to show the result of this consultation with newly- and to be released applications on mySWIFTndash New ldquoKnowledge Centrerdquo (since Q4 2018) ndash an easy-to-use and
customisable portal covering all documentation resources (User Handbook Knowledge Base tips how-to videos SWIFTSmart)
ndash New ldquoNotification Centrerdquo (since Q4 2018) ndash a trusted notification tool for SWIFT Operational messages
ndash Coming ldquomyStatusrdquo (H1 2019) ndash a real-time snapshot providing the status of your connectivity components - VPNs SNLs LTs per location and per environment
During the second part of the session we shared our insights about data analytics and predictive capabilities performed on operational data showing how it could allow operators to focus on the most relevant issues while discarding the noise This interactive session ended by a digi-voting exercise where participants were asked through 4 use cases to provide their appetite on ldquohow pattern deviation algorithms could be useful to the communityrdquo We look forward to seeing you next year for more insights and results on the subject
Using Alliance Managed Operations to your strategic advantage
Market trends show a growing appetite for IT teams to (re-)focus on their core business Employees are becoming overburdened with staying on top of regulatory compliance and security challenges and at the same time remaining mindful of resourcing needs to manage the highly critical and sometimes complex SWIFT infrastructures
In this session we outlined and demonstrated how these aspects can be addressed through SWIFTrsquos managed service offering This service brings relevant expertise discipline and rigour into any organisation by becoming a natural extension of the existing team A highlight of the session was the near real-time monitoring feature With this service SWIFT monitors Alliance Gateway and Alliance Access events and VPN lines which can trigger corrective actions with minimal delay
The session clearly resonated with all participants and we look forward to meeting your future managed service needs
Work session summaries
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
22
Change will never happen this slow againrdquo
Keeping up with exponential change
The opening plenary session kicked off with a presentation from Stephen Gilderdale SWIFTrsquos Chief Platform Officer He began by recalling the quote ldquochange will never happen this slow againrdquo and noted that this is a particularly relevant thought when applied to the financial services industry Technology is the catalyst for this and as it becomes possible to do and automate things that were not possible before technology continues to evolve and business transformation follows
The increasing rate of change is exponential Gilderdale said In the payments business this facilitates new market entrants These are digital natives with no legacy infrastructure to hold them back who are catalysing the adoption of new technologies and changing the marketplace Artificial intelligence (AI) is one of the buzzwords of 2018 and Gilderdale noted that we are still in the early days of seeing the benefits that this technology can offer The potential it has is undoubtably exciting The way that banking has been digitised in the past 10 years is incredible and it has had a major impact on the customer experience
Welcoming 360+ delegates from 40 countries to the SWIFT Operations Forum Europe (SOFE) 2018 Leo Punt Head of Support and Services EMEA SWIFT described the event as a chance for customers to hear how SWIFT is accelerating transformation to respond to the pace of change happening in the industry
This year SOFE 2018 had a theme for each day Innovation in financial services and the application of new technologies dominated conversation on day 1 of the SWIFT Operations Forum Europe 2018 The second day explored security and day 3 looked at the shape of the future for banking
Accelerating transformation
Introduction
Plenaries
Day I Innovate
33
Community collaboration is critical to tackle the cyber threatrdquo
Gilderdale also drew attention to the new business models that are emerging pointing to PSD2 and Open Banking as allowing third parties to build on top of or complement existing offerings in the market ushering in a new era of competition and collaboration
Cyber crime is also forcing change on the industry It is changing ways that banks manage their businesses while also making the community as a whole think about how the entire ecosystem is managed Gilderdale said that the lsquoprotecting my own four wallsrsquo way of thinking is no longer sufficient and that community collaboration is critical to tackle the cyber threat
SWIFT is also evolving Legacy can also be an asset said Gilderdale who made the point that one key asset for SWIFT is the ecosystem that is already there and accessible through a single window He highlighted that even on FIN messages are delivered within seconds and cost low level eurocents while at the same time retaining security and resilience
In terms of SWIFTrsquos innovation focus Gilderdale explained that a growth and acceleration plan agreed earlier in the year
included a commitment to greatly accelerate work on the SWIFT global payments innovation (gpi) and APIs as well as to step up innovation on ISO 20022 data analytics and the Customer Security Programme (CSP)
On gpi Gilderdale said that over 300 banks are now committed to implement it representing some 80 of SWIFTrsquos cross-border payments In 2019 the tracker will be made available to all users while by 2020 it will be mandated that all payments must have a confirmation Gilderdale said that the development of gpi is to ensure that the whole community benefits from its capabilities
During the opening plenary we also heard from Craig Young Chief Information Officer at SWIFT who outlined some of the steps the organisation is taking to derive benefits from new technologies Looking at SWIFTrsquos API strategy he noted that an open dialogue with the developer community is essential Young went on to shared SWIFTrsquos technology roadmap for 2020-2022 looking at the aspirations for the future state
A panel discussion followed the initial presentation Conversation turned to the cloud with Young saying that cloud is a major area of focus for innovation in the industry The cloud represents an opportunity to rebuild products and services in a way fit for the future and he commented that SWIFT applications could move to the cloud as they continue to be developed and deployed
Plenaries
SWIFT users are also already using public cloud software to connect and run services Gilderdale said In the long-term most users are moving to cloud connections He noted that SWIFT has a new cloud platform in the pipeline but that at the same time some customers will still want to use their own infrastructure Being able to demonstrate the security and confidentiality of data is critical
44
opens up questions for banks with regards to what kind of information and how much of the process they want to expose to their end customers
Josserand closed by saying that the gpi porlet is an example of a solution that is ready to be deployed but that is pending feedback from the community before moving to the next stage
The innovation plenary finished with a video message for SOFE delegates from SWIFTrsquos CEO Gottfried Leibbrandt He underlined that innovation is vital to the organisation as it is a technology company and that he wants to support the companyrsquos customers There is a big focus on innovation of systems and
Leibbrandt was keen to stress that SWIFTrsquos existing footprint and systems allow for a quick ramp up of new solutions such as gpi which he noted as an example of innovation at the core of the banking system
Leibbrandt closed by saying that the big challenge with innovation in financial services is to ensure that it is relatable to what banks actually have and what they are doing today rather than simply innovating for innovationrsquos sake
Plenaries
Innovation plenary
The afternoon of day 1 kicked off with the Innovation plenarywhich included a case study highlighting the type of work done by the SWIFTLab Claire Josserand SWIFTLab amp innovation manager gave delegates a preview of solution that is being developed right now but has not yet gone to market
Josserand described plans for a gpi portlet ndash a way to integrate gpi into a bankrsquos web portal in a way that brings information directly to their end customer All of the information provided is seen directly through the bank screen once the customer has logged into their online banking and the view of the tracker is customisable for every institution She made the point that this
55
Today cyber criminals are much more likely to attack institutions through social engineeringrdquo
Keeping up with exponential change
Day II Secure
Jamie Woodruff director of MetricsCloud and a renowned ethical hacker gave an entertaining and eye-opening keynote presentation on cyber crime to kick off day two of SOFE While therersquos a certain media perception of who a hacker is Woodruff noted in reality it is much more likely to be a disgruntled current or former employee that is seeking to compromise your institution
Woodruff then ran through how cyber crime has evolved starting with viruses such as malicious code and trojans through ID theft and then on to the opportunistic nature of botnets Today cyber criminals are much more likely to attack institutions through social engineering and the threats are certainly much more financially motivated than in the past where defacing or closing a website was the main goal for hackers
Once a hacker has compromised your systems the prospect of a lsquosmash and grabrsquo raid is generally not that likely they much prefer to sit in the system and monitor activity and the movement of data In many ways data is more valuable than simply removing money from an account
Woodruff explained how it is possible to buy ransomware ndash similar to the infamous WannaCry software ndash for around $10000 It is undetectable and also comes with your own account manager They can also offer lsquocustomerrsquo service support essentially talking the victims of such an attack through the process of how to buy and send the crypto currencies required to release their computers or systems from the attack
This is one example of the growth of organised business cyber crime Woodruff spent some time describing the organisational structure of a typical organised cyber crime operation before going on to explaining his approach to social engineering that allows him to facilitate the ethical hacks he is hired to perform Having defined the end goal or motivation of the hack he will engage in online reconnaissance of the business as well as profile physical and human targets Once the information gathering is complete he will select the specific attack vectors to use and launch the attack
Woodruff explained that even though companies may have very strict data security policies they can still provide hackers with vital information from some surprising and unintentional sources He used the example of a job advertisement that sets out the specific software requirements the organisation requires from candidates To any hackers seeing the advertisement they now know that specific software runs somewhere in the organisationrsquos systems and can set about targeting that
Plenaries
66
Addressing the cyber threat
The afternoon plenary on day two was a panel discussion on cyber security for which Woodruff was joined by Petra Hielkema director of payments and market infrastructure at the Dutch Central Bank and Karel De Kneef SWIFTrsquos global head of security operations The discussion was moderated by Saskia Devolder head of Western and Central Europe at SWIFT
Woodruff expanded on his earlier point about disgruntled employees as a potential weak link To identify someone like this he said they will often disassociate themselves from the organisation they work for They may also enjoy taking company property home for example Woodruff noted that certain patterns of behaviour can be identified and that this is a field where AI can be particularly helpful
Hielkema made the point that institutions need to test what hackers do when they get into their systems and that the focus cannot simply be on keeping them out She added that there are two types of companies those who know they have been hacked and those that donrsquot
One way to prevent getting hacked is to ensure you are on the latest software version so make sure to patch De Kneef commented Patching is very important as it is a good foundation As he put it donrsquot invest in fancy technology if you keep the back door open
Hackers will sit and watch you not just in your system but physically in person and they are prepared to wait Woodruff said that organisations need to be aware of this The incursion doesnrsquot have to
happen in the finance department De Kneef noted it could happen anywhere from HR to marketing
Having spent many years looking into the security that organisations have on their data Woodruff said that lsquoBig Pharmarsquo is more secure than any other industry he has seen He added that financial institutions are generally more secure than corporates who may lack the budget for robust cyber security De Kneef noted that over the past three years the response in financial services to cyber threats has been tremendous from the regulatory side to the institutions themselves
Answering a question from the audience about how robust cloud security is Woodruff recommended that institutions adopt a multi-cloud approach if they havenrsquot already Essentially
this breaks up information that is valuable into several different pieces on different clouds Individually the information is useless and therefore unusable by a hacker He used the example of dividing up credit card details ndash every four numbers from the main number the expiry date the CVV number etc ndash into different cloud storage
Communication is a vital element in addressing any type of hack both internally and externally the panel agreed Woodruff said that the reporting of a system compromise comes down to people Some will be scared to report when they accidentally click a compromised link on their computer in case they are disciplined by management Organisations need to foster a culture where staff members are encouraged to report the slightest of suspicions they may have
Additionally companies and institutions themselves need to communicate to the market when they identify a hack on their systems Hielkema said that organisations should have a communications strategy in place before anything like this happens so that they can react quickly ndash she noted that unofficial accounts can drop on social media really quickly so it is vital that companies can get out ahead of this
Plenaries
77
Dr Markos Zachariadis ndash who is associate professor of Information Systems Management and Innovation at Warwick Business School University of Warwick and also a fintech research fellow at CDI University of Cambridge ndash gave a keynote presentation on the future of banking with particular reference to open APIs and the digital economy
Starting by looking at what drives change in financial services Dr Zachariadis identified regulation demand technology and organisational and market structure as four key drivers that both impact and are impacted by each other
Today there is a regulatory context in open banking ndash from the second
Payment Services Directive (PSD2) and Open Banking in the UK The whole idea is to open up access to data in order to improve market outcomes At the same time technology has developed at an extremely rapid pace particularly when it comes to APIs Dr Zachariadis said that banks need to not only think of APIs as technology but also to conceptualise them as a product that can be priced managed and promoted
He noted how APIs have led to a rapid growth in platforms citing Applersquos iPhone with its iOS and apps as a key example Apple was quick to push APIs to the public and the iPhonersquos foundation as a platform made the difference
Day III Shape the future
Industry platformification
The platform concept has opened up and is now seen in many industries said Dr Zachariadis using Uber Airbnb Facebook and Instagram as prime examples Most people are now familiar with the quote about Uber being the largest taxi company but not owning any cars Airbnb as the largest hotel chain without owning any property and so on What all of these businesses have in common is that they connect people ndash service providers and service buyers
What platforms do differently is that they sell reductions in transaction costs not products It is a business model that creates value by enabling interactions between external producers and consumers Platforms can also scale more efficiently and quickly by eliminating the gatekeeper They can unlock new sources of value creation and supply
Dr Zachariadis then went on to talk about the network effect which is the value that is created when more and more people join
a network There is a positive effect when users join and enlarge a network The benefits increase for everyone ndash the more companies that join a platform the more value they can extract from the network
Plenaries
88
Context for financial services
How does the platformification disruption seen in other industries relate to banking Dr Zachariadis noted that APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clients The question is how to do that He pointed out that while banks need to sell lower transaction costs they still need to sell the trust and reassurance to the customer that the banking business relies on
Dr Zachariadis ran through four types of platforms in the financial services world that have emerged since PSD2 These arendash Incumbent bank platformsndash Challenger bank platforms
which do brokering much better according to Dr Zachariadis Examples of this include Starling Bank and Revolut
ndash API aggregator platforms which connect banks to fintechs
ndash Account aggregator platforms and services
Following his presentation Dr Zachariadis was joined on stage by Leo Punt head of EMEA Services and Support at SWIFT for a short QampA on some of the issues that had been raised Punt began by asking whether there is room for utilities in the financial services market of the future
Dr Zachariadis said there is but he is unsure for how many saying that there may be some consolidation for banks that go this route to undertake He made the point that utilities in this space are not platforms but that they can be very profitable
Touching on the key theme from day two at SOFE Punt then asked if the platformification development in financial services is being hampered by cyber threats Dr Zachariadis agreed that in a modulated environment this is an issue that may delay the launch of more open business models He did also note that there is an opportunity for banks
if they can be an early adopter and can demonstrate a stable platform they can get a huge first mover win The sooner banks can cut transaction costs the sooner they can earn more customers
Dr Zachariadis closed by offering two key takeaways to the SOFE delegates1 Think about what you could
offer to customers that isnrsquot in your value proposition right now Look at things built outside that you can offer to customers
2 Everything starts from sharing data The biggest value of being a platform is access to more data than ever How can you use this to bring more value to yourself as well as to your customers
Plenaries
APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clientsrdquo
When SOFE 2019 begins in 12 monthsrsquo time it will be fascinating to see how far financial services has come in the digital transformation journeyrdquo
99
Work session summaries
Business amp ComplianceFinancial crime compliance in the real-time world
This work session considered the challenges faced by institutions in meeting their financial crime compliance obligations in an increasingly fast-paced world and how SWIFTrsquos Financial Crime Compliance (FCC) portfolio can help institutions respond ndash today and in the future The session discussed the challenges associated with the rate of regulatory change how gpi is increasing the speed and volume of correspondent payments the dynamic rate of change of lists and screening requirements for sanctions compliance and the increasing fraud risks faced by institutions with the adoption of real-time payments SWIFTrsquos FCC solutions allow customers to manage the complete compliance life-cycle with solutions forbull Know Your Customer
The KYC Registry provides a secure shared platform for financial institutions to exchange standardised know your customer information
bull Anti-Money Laundering The Compliance Analytics portfolio pinpoints compliance risks and gives a new way to monitor your correspondents to identify activities indicative of money laundering
bull Sanctions Compliance Provides fully-managed securely-hosted screening of your customers and transactions against the latest sanctions and PEP lists with instant alerts of any matches Provides up-to-date sanctions lists and capabilities to test your own filters
bull Fraud Prevention Payment Controls helps you manage your payment policy and identify unusual or uncharacteristic payment risk that may be indicative of fraud and provides an independent snapshot of your SWIFT transaction activity
The session considered how these solutions can help institutions be more operationally agile in terms of deployment and response to changing regulation through the use of hosted utility based solutions why understanding of counterparts and their behaviour improves trust and helps streamline STP how quality and effectiveness of systems and data is key to process payments quickly and efficiently and how institutions can best defend themselves from new patterns of cyber-fraudwwwswiftcomcompliance
How SWIFT Business Intelligence solutions support your gpi journey
During this yearrsquos Business Intelligence sessions at SOFE the team delivered in depth presentations on SWIFTrsquos Business Intelligence (BI) for gpi solutions which consist of the Watch and gpi Observer portfolios combined with BI services These solutions are specifically designed to support customerrsquos gpi business cases prioritisation strategies and help identify business development opportunities They demonstrated how these BI solutions provide tangible and unique insights that bring value and a competitive advantage to customers as well as to their customers The recently launched gpi Observer
Analytics solution was central to the discussion and as the team explained these cutting-edge insights provide all the payments routing intelligence and data for gpi members to see where to optimise or adapt their existing payment routings leading to lower costs and faster payments The sessions also highlighted how financial institutions that deploy the new solution are gaining speed benchmarking capabilities and are able to now act upon fact-based information to steer their cross-border payments strategy through improved operational and market analysis
1010
ISO 20022 for managers ndash the time is now
ISO 20022 for beginners ndash what you really need to know
As announced in September in 2021 SWIFT will begin migrating all cross-border and many-to-many payments onto ISO 20022 This decision comes after large scale community consultation that took in feedback from a wide variety of stakeholders We want to ensure the entire SWIFT community is well informed and prepared for the migration The session provided information about the approach we are taking and what it means for you
We have aligned the start date of our migration in 2021 with the adoption of ISO 20022 of the Eurozonersquos high value payments systems The migration will cover MT categories 1 2 and 9 and will impact correspondent banks as well as other users of these messages including securities players A four-year co-existence
The workshop focused on the following key aspectsbull What is ISO 20022 and how it
constitutes a single approach for financial standardisation initiatives
bull SWIFTrsquos involvement and unparalleled expertise in ISO 20022 adoption
bull Status on ISO 20022 implementations around the globe and how ISO 20022 has become the dominant language of financial transactions
bull The importance of Market Practice and zoom on HVPS+ (High-Value Payment System+) the ISO 20022 global market practice for Payment Market Infrastructures
bull A new challenge ISO 20022 migration for cross-border payments as a result of the September 2018 Board decision
phase will allow all members of the SWIFT community to make the switch
SWIFT will work closely with the community to formulate and refine market practice guidelines In tandem with the Payments Market Practice Group (PMPG) we have created the Cross-Border Payments and Reporting Plus (CBPR+) working group to develop global usage guidelines We will invite our community to review and give feedback on these guidelines as they mature
We will also provide a central translation service to ensure successful community migration and to facilitate the co-existence phase This service will also implement the rules formulated by CBPR+ and all users will be automatically enrolled
As result of the session participants gained a broader appreciation of the industryrsquos journey towards ISO 20022 adoption how global groups like HVPS+ are working together to create global industry standards and common principals
Work session summaries
Optimise your back-office functions with SWIFTRef the must-have global reference data utility
In this session we explained the new files including Standing Settlement Instructions (SSI) National ID History and National ID Format Account Number Format and the gpi directory We also presented the recent Entity Plus product and a revamp of our Bankers World Online tool (live on 15 December) and gave you some insight into our planned future developments of APIs
Finally we discussed the impact of the BIC migration to the new version of the ISO 9362 standard on SWIFTRef From March 2019 it will no longer be possible to derive the connectivity of an organisation from the 8th character in the BIC nor the time-zone from the 7th character This information is now reflected in dedicated data elements in the SWIFTRef portfolio As a consequence all
current BIC Directory customers need to migrate to the BIC Plus or BIC Directory 2018
More information on the SWIFTRef portfolio can be found at wwwswiftcomswiftref
1111
Work session summaries
Innovation
DLT e-Voting solution ndash A proof of concept with SWIFT and Slib
In this session SWIFT shared its vision on the role it can play related to DLT technology when the technology matures and strong use cases emerge SWIFT can become the market place for DLT-based services that are provided by third parties and deployed on the SWIFT network This can be achieved by leveraging existing infrastructure and services The eVoting proof of concept fits into this vision Slib acting as provider of a DLT-based service has developed an application for distributing shareholder meeting notifications and collecting votes from shareholders SWIFT has provided the DLT sandbox on which this application has been deployed
Evolution of SWIFTrsquos cloud platform
SWIFT AI ndash How to get structure out of your unstructured data
10 years ago SWIFT launched its first cloud platform lsquoAlliance Litersquo Since then the trend to outsource has scaled up significantly and SWIFT has continued to evolve its offering Today SWIFTrsquos cloud solutions (Alliance Lite2 Alliance Remote Gateway and Alliance Lifeline) are highly successful and serve more than 2300 customers In recent years constant change has become the new norm in the financial industry It is therefore important that our cloud solution provide our customers the agility they need to prepare for the future In that perspective SWIFT is developing a brand new cloud platform It is based on state-of-the-art technology offering 24x7 availability built-in resilience highest
This session presented a new SWIFT RampD solution based on artificial intellgence (AI) that can be used in order to get structure out of unstructured data
The goal of this AI research is to bring transparency to data by transforming legacy data into ISO 20022 format The solution can be used as a SWIFTNet API or as an onsite solution It is currently trained in SWIFT premises and is used in order to clean data such as the SWIFTRef data The conversion rate is currently of 95 but as it is a Machine Learning model it learns as it goes and the precision is improving every day
security and larger throughput Another key ingredient is the integration capability not only with the customerrsquos back-office application but also with SWIFTrsquos local archive solution lsquoAlliance Warehousersquo or SWIFT services such as gpi and transaction screening The platform will also have flexible message processing abilities and is being developed with a continuous attention to the user experience The go-live of this new cloud platform is planned for 2020 In addition to an overview of the main values customers can expect from this new cloud solution the session also offered a sneak preview of the graphical user interface More to come in the course of 2019
1212
SWIFTrsquos API strategy SWIFT gpi ndash the new norm in cross-border payments
This session built on the White Paper ldquoAPIs Delivering a global platform for the financial services API economyrdquo (httpswwwswiftcomresourceswift-api) that SWIFT published just before SIBOS 2018 It positioned SWIFTrsquos overall strategy on APIs building on its year-long experience in standardisation leveraging its security and reliability paradigm to the API world Finally both the standardisation and the platform aspects were brought to life by walking through a number of use-cases (including PSD2) There was a lot of interest shown during and after the session by attendees who are already closely involved in API implementations as well as those who will be in the near future
This year at SOFE the SWIFT gpi sessions were scheduled every day and welcomed 100+ delegates and vendors over the three days The sessions covered the features of the existing services (gCCT gCOV and gSRP) the eco-system and future roadmap Throughout SOFE a large screen projected the rapid take-up of gpi more than 105 gpi banks are now live on gpi representing 410+ BICs and covering 140 currencies Gpi sent traffic has grown to over 12 million cross-border payments daily with more than 50 gpi to gpi As a result gpi messages flow across 800+ country corridors representing a value superior to $100 bn daily
Work session summaries
Cyber security and the Customer Security Programme
Cyber intelligence sharing
Cyber resilience
The SWIFT ISAC shares information that customers can use to better protect their environment
After having explained how the SWIFT Customer Security Intelligence team usually performs its forensic investigations we reinforced the necessity for customers to regularly consume the Indicators of Compromise (IOCs) published on the portal
Additional focus was put on automated sharing of IOCs via STIXTAXII which was made available since February 2018 Participants left with a clear understanding of different ways in which SWIFT shares cyber intelligence with the SWIFT Community and of importance of acting on IOCs published on SWIFT ISAC
The voting app and interactions with the audience captured some feedback confirming the growing interest in cyber intelligence exchange within the SWIFT Community
The session on cyber resiliency first set the scene by presenting the evolving cyber threat landscape Cyber-attacks are becoming more frequent and sophisticated The industry is trying to keep pace by implementing security frameworks and moving from a position of control to one of resilience The session discussed the difference between cyber security and cyber resilience whilst for cyber security the focus is set on protecting and surviving a cyber-attack cyber resilience is composed of a broader range of measures taken to bounce back (recover) from a cyber-incident in a timely manner
During the second part of the session the multi-layered security approach taken by SWIFT was discussed and illustrated with resiliency functionalities available at different levels in the SWIFT application stack Finally the different steps in the recovery process after indication of a compromise were covered highlighting the common mistakes financial institutions make
1313
Improving the security of paymentsHow the Shared Infrastructure Programme (SIP) can increase the effectiveness of your risk management
This session explored the changing face of cyber-fraud and explained how financial institutions themselves are the new targets for the attackers This represents a significant challenge requiring institutions to protect themselves against these ever-present and changing cyber-fraud risks The attack vectors were characterised as well as why the cyber attackers want you to know nothing see nothing and do nothing
SWIFTrsquos recently launched Payment Controls service helps financial institutions reduce their fraud and reputational risks and build trust This zero-footprint in-network solution offers the ability to protect against the risk of fraudulent payments via real-time monitoring alerting and payment blocking It offers flexible configurable correspondent banking focused models designed in association with the community The capabilities and benefits were illustrated via an interactive hands-on demonstration using the live service showing examples of rule configuration activation and alert management This was followed by a detailed and lively QampA sessionwwwswiftcompaymentcontrols
The session covered the further evolution of the Shared Infrastructure Programme (SIP) in 2019 listed the tangible risk mitigating results of SIP since beginning of last year and provided an overview of the most common hurdles Service Bureaux are struggling with to reach full compliance with SIP 2018
Compliance with the SIP security and operational requirements is not only needed after a one-time assessment but throughout the year It was therefore explained how SWIFT captures the required security configuration data to enable the monitoring of such a continued compliance The session was attended by a very good representation of the service bureau community in EMEA by service bureau customers and their counterparties and by regulators The diverse audience was a unique opportunity to engage in a dialogue and to capture suggestions for increasing the effectiveness of the programme
Understanding your counterpartyrsquos CSP attestation level
Security Controls 2019
By now all SWIFT customers should be checking what the attestation level of their counterparties is and integrating this compliance data into their risk management processes One take away of the session was a need to adapt the cybersecurity risk governance model to support the assessment of counterparty cybersecurity attestation data eg Identify the appropriate representatives from across the organisation for lsquograntingrsquo lsquorequestingrsquo attestation data
The second take way is that KYC-SA attestation data should be viewed as an additional dimension within the institutionrsquos existing counterparty risk management framework Finally the participants confirmed the interest from the community to integrate the KYC-SA attestation data in their risk management system It is currently available by exporting data and in the future it will be done thanks to a new set of API We also spent some time in the session discussing considerations in granting and requesting access to attestation data
As the threat landscape evolves so must the CSP Details of the changes brought by the Customer Security Control Framework (CSCF) 2019 version were shared with the audience leading to very interactive exchanges We took the opportunity in this session to remind customers about(i) their obligation as per the CSP Policy to comply with the mandatory
controls of the CSCF v2017 by the 31 December 2018(ii) about the next upcoming milestones for 2019 and onwards and (iii) about the possibility to leverage the new reporting functionalities in the
KYC-SA application to integrate counterpartiesrsquo self-attestation results in their own risk management potentially along with the financial and legal due diligence aspects already covered in the KYC Registry application
On the risk management integration topic we strongly advised the audience to attend the session lsquoUnderstanding your counterpartyrsquos CSP attestation levelrsquo Finally we provided the attendees with a vade mecum of tactical actions to undertake to mitigate cyber risks This yearrsquos session was complemented by the opportunity for hands-on demos of the KYC-SA application at the SWIFT Lab
Work session summaries
1414
Alliance portfolio ndash Whatrsquos new whatrsquos next
In the session we took a look at the various key trends observed in the market ndash cloud UX data APIs ISO 20022 and cyber security ndash and presented to the audience the Alliance Portfolio plans to embrace those new trends The session started with a presentation of the new cloud platform that SWIFT is building The new cloud platform provides a fully managed interface and connectivity to SWIFT with improved availability resiliency and scalability It also comes with a completely new user experience with amongst others a very intuitive graphical user interface
The same team of user experience experts at SWIFT helped to design the Alliance Warehouse the brand new solution from SWIFT for long-term message archive with powerful search and investigation capabilities which was also presented during the session Finally we covered a brief introduction to APIs ISO 20022 and cyber security and looked at their impact on the Alliance portfolio
Work session summaries
Operational Excellence
Alliance interfaces roadmap 2019-2020
Alliance Messaging Hub ndash the future in financial messaging
This yearrsquos session was a traditional roadmap session that looked at what has been released over the last 6 months and what is coming up in the next 2 years
With the community having gone through the heavy CSPrelease 72SR2018 migration in 2018 everybody is now looking at what to plan next Release 72 support ends end January 2020 and by that time the community must have updated the fill stack of SWIFTNet and Alliance products to release 73 or release 74
Release 73 was made available in September 2018 and introduces amongst others new ways to implement multi-factor authentication Release 74 planned for mid-2019 will provide additional security and other features will support IBM MQ 91 and a slightly updated OS baseline Release 75 will focus on features for the ISO 20022 migration and ESMIG All along we will provide for AccessEntry the standard updates in the annual release as well as on the two preceding releases During and after the sessions customers took the opportunities to ask questions and exchange views with the product manager This was key information to ensure that the portfolio evolves in line with customer needs
In this session a high-level introduction was provided around Alliance Messaging Hub (AMH) SWIFTrsquos messaging hub that offers functionality beyond classic SWIFTNet interfacing AMH offers an orchestration layer on top of its SWIFTNet messaging capabilities allowing for flexible integration into banksrsquo systems and into other networks The 247365 capable architecture offers top class resilience and serves as a solid foundation for real-time processing
The product is able to process and orchestrate messages under high load and respecting low latency requirements AMH for Hong Kong Faster Payments is a real-life testimony to AMHrsquos processing capabilities
where it runs as a messaging hub for key banks in the region AMH version 40 will be launched in March 2019 and will offer an even richer set of security and gpi related functionality The application will be further shielded and installation and deployment will become more standardized to further reduce the banksrsquo TCO
Further strengthening its real-time offering AMH v40 will offer flows into RT1 and TIPS leveraging SWIFTrsquos Instant channel for the EBA and the Eurosystem In the multi-network space AMH v40 will provide flows for Fedwire Funds and TCH CHIPS
Beyond v40 and in the same way as financial institutions are evolving we are continuously innovating AMH The core will become more modular embracing the trends of containerised systems and we will introduce more integration options such as more standardized yet flexible API support With ISO 20022 migration and ISO 20022-powered APIs coming up we believe AMH will offer the complete package for a bank to face the upcoming challenges in the financial messaging eco-system
1515
Operational challenges Find out how we can help you manage them better
mySWIFT ndash Enhance your gateway to support the most of data analytics
SWIFT continues to invest in the support portfolio Over the past two years we have consulted customers to ensure that it remains healthy and future proof The findings led SWIFT to focus on customer experience as the central theme of the portfolio refresh
In the session the rebranded Professional Services organisation was shared It is now set up to take customers on the full solution journey from design to deployment to maintenance The deep-dive into the updated Advanced Support and Care offering gave further insights into the newly modularised and clarified support deliverables
The overall value proposition of SWIFT Community Support the backbone of support given to all customers and then the Premium and Care options was underlined Customers will now better understand and choose the appropriate pro-active reactive preventive andor hands-on support option with Premium Plus being perhaps the most attractive option as the dedicated service manager especially adds significant value
The sessions were very well attended and although it requires no specific action from customers it is an important evolution to keep track of
Last year at SOFE SWIFT ran exploratory sessions on Support Tools This year we were pleased to show the result of this consultation with newly- and to be released applications on mySWIFTndash New ldquoKnowledge Centrerdquo (since Q4 2018) ndash an easy-to-use and
customisable portal covering all documentation resources (User Handbook Knowledge Base tips how-to videos SWIFTSmart)
ndash New ldquoNotification Centrerdquo (since Q4 2018) ndash a trusted notification tool for SWIFT Operational messages
ndash Coming ldquomyStatusrdquo (H1 2019) ndash a real-time snapshot providing the status of your connectivity components - VPNs SNLs LTs per location and per environment
During the second part of the session we shared our insights about data analytics and predictive capabilities performed on operational data showing how it could allow operators to focus on the most relevant issues while discarding the noise This interactive session ended by a digi-voting exercise where participants were asked through 4 use cases to provide their appetite on ldquohow pattern deviation algorithms could be useful to the communityrdquo We look forward to seeing you next year for more insights and results on the subject
Using Alliance Managed Operations to your strategic advantage
Market trends show a growing appetite for IT teams to (re-)focus on their core business Employees are becoming overburdened with staying on top of regulatory compliance and security challenges and at the same time remaining mindful of resourcing needs to manage the highly critical and sometimes complex SWIFT infrastructures
In this session we outlined and demonstrated how these aspects can be addressed through SWIFTrsquos managed service offering This service brings relevant expertise discipline and rigour into any organisation by becoming a natural extension of the existing team A highlight of the session was the near real-time monitoring feature With this service SWIFT monitors Alliance Gateway and Alliance Access events and VPN lines which can trigger corrective actions with minimal delay
The session clearly resonated with all participants and we look forward to meeting your future managed service needs
Work session summaries
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
33
Community collaboration is critical to tackle the cyber threatrdquo
Gilderdale also drew attention to the new business models that are emerging pointing to PSD2 and Open Banking as allowing third parties to build on top of or complement existing offerings in the market ushering in a new era of competition and collaboration
Cyber crime is also forcing change on the industry It is changing ways that banks manage their businesses while also making the community as a whole think about how the entire ecosystem is managed Gilderdale said that the lsquoprotecting my own four wallsrsquo way of thinking is no longer sufficient and that community collaboration is critical to tackle the cyber threat
SWIFT is also evolving Legacy can also be an asset said Gilderdale who made the point that one key asset for SWIFT is the ecosystem that is already there and accessible through a single window He highlighted that even on FIN messages are delivered within seconds and cost low level eurocents while at the same time retaining security and resilience
In terms of SWIFTrsquos innovation focus Gilderdale explained that a growth and acceleration plan agreed earlier in the year
included a commitment to greatly accelerate work on the SWIFT global payments innovation (gpi) and APIs as well as to step up innovation on ISO 20022 data analytics and the Customer Security Programme (CSP)
On gpi Gilderdale said that over 300 banks are now committed to implement it representing some 80 of SWIFTrsquos cross-border payments In 2019 the tracker will be made available to all users while by 2020 it will be mandated that all payments must have a confirmation Gilderdale said that the development of gpi is to ensure that the whole community benefits from its capabilities
During the opening plenary we also heard from Craig Young Chief Information Officer at SWIFT who outlined some of the steps the organisation is taking to derive benefits from new technologies Looking at SWIFTrsquos API strategy he noted that an open dialogue with the developer community is essential Young went on to shared SWIFTrsquos technology roadmap for 2020-2022 looking at the aspirations for the future state
A panel discussion followed the initial presentation Conversation turned to the cloud with Young saying that cloud is a major area of focus for innovation in the industry The cloud represents an opportunity to rebuild products and services in a way fit for the future and he commented that SWIFT applications could move to the cloud as they continue to be developed and deployed
Plenaries
SWIFT users are also already using public cloud software to connect and run services Gilderdale said In the long-term most users are moving to cloud connections He noted that SWIFT has a new cloud platform in the pipeline but that at the same time some customers will still want to use their own infrastructure Being able to demonstrate the security and confidentiality of data is critical
44
opens up questions for banks with regards to what kind of information and how much of the process they want to expose to their end customers
Josserand closed by saying that the gpi porlet is an example of a solution that is ready to be deployed but that is pending feedback from the community before moving to the next stage
The innovation plenary finished with a video message for SOFE delegates from SWIFTrsquos CEO Gottfried Leibbrandt He underlined that innovation is vital to the organisation as it is a technology company and that he wants to support the companyrsquos customers There is a big focus on innovation of systems and
Leibbrandt was keen to stress that SWIFTrsquos existing footprint and systems allow for a quick ramp up of new solutions such as gpi which he noted as an example of innovation at the core of the banking system
Leibbrandt closed by saying that the big challenge with innovation in financial services is to ensure that it is relatable to what banks actually have and what they are doing today rather than simply innovating for innovationrsquos sake
Plenaries
Innovation plenary
The afternoon of day 1 kicked off with the Innovation plenarywhich included a case study highlighting the type of work done by the SWIFTLab Claire Josserand SWIFTLab amp innovation manager gave delegates a preview of solution that is being developed right now but has not yet gone to market
Josserand described plans for a gpi portlet ndash a way to integrate gpi into a bankrsquos web portal in a way that brings information directly to their end customer All of the information provided is seen directly through the bank screen once the customer has logged into their online banking and the view of the tracker is customisable for every institution She made the point that this
55
Today cyber criminals are much more likely to attack institutions through social engineeringrdquo
Keeping up with exponential change
Day II Secure
Jamie Woodruff director of MetricsCloud and a renowned ethical hacker gave an entertaining and eye-opening keynote presentation on cyber crime to kick off day two of SOFE While therersquos a certain media perception of who a hacker is Woodruff noted in reality it is much more likely to be a disgruntled current or former employee that is seeking to compromise your institution
Woodruff then ran through how cyber crime has evolved starting with viruses such as malicious code and trojans through ID theft and then on to the opportunistic nature of botnets Today cyber criminals are much more likely to attack institutions through social engineering and the threats are certainly much more financially motivated than in the past where defacing or closing a website was the main goal for hackers
Once a hacker has compromised your systems the prospect of a lsquosmash and grabrsquo raid is generally not that likely they much prefer to sit in the system and monitor activity and the movement of data In many ways data is more valuable than simply removing money from an account
Woodruff explained how it is possible to buy ransomware ndash similar to the infamous WannaCry software ndash for around $10000 It is undetectable and also comes with your own account manager They can also offer lsquocustomerrsquo service support essentially talking the victims of such an attack through the process of how to buy and send the crypto currencies required to release their computers or systems from the attack
This is one example of the growth of organised business cyber crime Woodruff spent some time describing the organisational structure of a typical organised cyber crime operation before going on to explaining his approach to social engineering that allows him to facilitate the ethical hacks he is hired to perform Having defined the end goal or motivation of the hack he will engage in online reconnaissance of the business as well as profile physical and human targets Once the information gathering is complete he will select the specific attack vectors to use and launch the attack
Woodruff explained that even though companies may have very strict data security policies they can still provide hackers with vital information from some surprising and unintentional sources He used the example of a job advertisement that sets out the specific software requirements the organisation requires from candidates To any hackers seeing the advertisement they now know that specific software runs somewhere in the organisationrsquos systems and can set about targeting that
Plenaries
66
Addressing the cyber threat
The afternoon plenary on day two was a panel discussion on cyber security for which Woodruff was joined by Petra Hielkema director of payments and market infrastructure at the Dutch Central Bank and Karel De Kneef SWIFTrsquos global head of security operations The discussion was moderated by Saskia Devolder head of Western and Central Europe at SWIFT
Woodruff expanded on his earlier point about disgruntled employees as a potential weak link To identify someone like this he said they will often disassociate themselves from the organisation they work for They may also enjoy taking company property home for example Woodruff noted that certain patterns of behaviour can be identified and that this is a field where AI can be particularly helpful
Hielkema made the point that institutions need to test what hackers do when they get into their systems and that the focus cannot simply be on keeping them out She added that there are two types of companies those who know they have been hacked and those that donrsquot
One way to prevent getting hacked is to ensure you are on the latest software version so make sure to patch De Kneef commented Patching is very important as it is a good foundation As he put it donrsquot invest in fancy technology if you keep the back door open
Hackers will sit and watch you not just in your system but physically in person and they are prepared to wait Woodruff said that organisations need to be aware of this The incursion doesnrsquot have to
happen in the finance department De Kneef noted it could happen anywhere from HR to marketing
Having spent many years looking into the security that organisations have on their data Woodruff said that lsquoBig Pharmarsquo is more secure than any other industry he has seen He added that financial institutions are generally more secure than corporates who may lack the budget for robust cyber security De Kneef noted that over the past three years the response in financial services to cyber threats has been tremendous from the regulatory side to the institutions themselves
Answering a question from the audience about how robust cloud security is Woodruff recommended that institutions adopt a multi-cloud approach if they havenrsquot already Essentially
this breaks up information that is valuable into several different pieces on different clouds Individually the information is useless and therefore unusable by a hacker He used the example of dividing up credit card details ndash every four numbers from the main number the expiry date the CVV number etc ndash into different cloud storage
Communication is a vital element in addressing any type of hack both internally and externally the panel agreed Woodruff said that the reporting of a system compromise comes down to people Some will be scared to report when they accidentally click a compromised link on their computer in case they are disciplined by management Organisations need to foster a culture where staff members are encouraged to report the slightest of suspicions they may have
Additionally companies and institutions themselves need to communicate to the market when they identify a hack on their systems Hielkema said that organisations should have a communications strategy in place before anything like this happens so that they can react quickly ndash she noted that unofficial accounts can drop on social media really quickly so it is vital that companies can get out ahead of this
Plenaries
77
Dr Markos Zachariadis ndash who is associate professor of Information Systems Management and Innovation at Warwick Business School University of Warwick and also a fintech research fellow at CDI University of Cambridge ndash gave a keynote presentation on the future of banking with particular reference to open APIs and the digital economy
Starting by looking at what drives change in financial services Dr Zachariadis identified regulation demand technology and organisational and market structure as four key drivers that both impact and are impacted by each other
Today there is a regulatory context in open banking ndash from the second
Payment Services Directive (PSD2) and Open Banking in the UK The whole idea is to open up access to data in order to improve market outcomes At the same time technology has developed at an extremely rapid pace particularly when it comes to APIs Dr Zachariadis said that banks need to not only think of APIs as technology but also to conceptualise them as a product that can be priced managed and promoted
He noted how APIs have led to a rapid growth in platforms citing Applersquos iPhone with its iOS and apps as a key example Apple was quick to push APIs to the public and the iPhonersquos foundation as a platform made the difference
Day III Shape the future
Industry platformification
The platform concept has opened up and is now seen in many industries said Dr Zachariadis using Uber Airbnb Facebook and Instagram as prime examples Most people are now familiar with the quote about Uber being the largest taxi company but not owning any cars Airbnb as the largest hotel chain without owning any property and so on What all of these businesses have in common is that they connect people ndash service providers and service buyers
What platforms do differently is that they sell reductions in transaction costs not products It is a business model that creates value by enabling interactions between external producers and consumers Platforms can also scale more efficiently and quickly by eliminating the gatekeeper They can unlock new sources of value creation and supply
Dr Zachariadis then went on to talk about the network effect which is the value that is created when more and more people join
a network There is a positive effect when users join and enlarge a network The benefits increase for everyone ndash the more companies that join a platform the more value they can extract from the network
Plenaries
88
Context for financial services
How does the platformification disruption seen in other industries relate to banking Dr Zachariadis noted that APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clients The question is how to do that He pointed out that while banks need to sell lower transaction costs they still need to sell the trust and reassurance to the customer that the banking business relies on
Dr Zachariadis ran through four types of platforms in the financial services world that have emerged since PSD2 These arendash Incumbent bank platformsndash Challenger bank platforms
which do brokering much better according to Dr Zachariadis Examples of this include Starling Bank and Revolut
ndash API aggregator platforms which connect banks to fintechs
ndash Account aggregator platforms and services
Following his presentation Dr Zachariadis was joined on stage by Leo Punt head of EMEA Services and Support at SWIFT for a short QampA on some of the issues that had been raised Punt began by asking whether there is room for utilities in the financial services market of the future
Dr Zachariadis said there is but he is unsure for how many saying that there may be some consolidation for banks that go this route to undertake He made the point that utilities in this space are not platforms but that they can be very profitable
Touching on the key theme from day two at SOFE Punt then asked if the platformification development in financial services is being hampered by cyber threats Dr Zachariadis agreed that in a modulated environment this is an issue that may delay the launch of more open business models He did also note that there is an opportunity for banks
if they can be an early adopter and can demonstrate a stable platform they can get a huge first mover win The sooner banks can cut transaction costs the sooner they can earn more customers
Dr Zachariadis closed by offering two key takeaways to the SOFE delegates1 Think about what you could
offer to customers that isnrsquot in your value proposition right now Look at things built outside that you can offer to customers
2 Everything starts from sharing data The biggest value of being a platform is access to more data than ever How can you use this to bring more value to yourself as well as to your customers
Plenaries
APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clientsrdquo
When SOFE 2019 begins in 12 monthsrsquo time it will be fascinating to see how far financial services has come in the digital transformation journeyrdquo
99
Work session summaries
Business amp ComplianceFinancial crime compliance in the real-time world
This work session considered the challenges faced by institutions in meeting their financial crime compliance obligations in an increasingly fast-paced world and how SWIFTrsquos Financial Crime Compliance (FCC) portfolio can help institutions respond ndash today and in the future The session discussed the challenges associated with the rate of regulatory change how gpi is increasing the speed and volume of correspondent payments the dynamic rate of change of lists and screening requirements for sanctions compliance and the increasing fraud risks faced by institutions with the adoption of real-time payments SWIFTrsquos FCC solutions allow customers to manage the complete compliance life-cycle with solutions forbull Know Your Customer
The KYC Registry provides a secure shared platform for financial institutions to exchange standardised know your customer information
bull Anti-Money Laundering The Compliance Analytics portfolio pinpoints compliance risks and gives a new way to monitor your correspondents to identify activities indicative of money laundering
bull Sanctions Compliance Provides fully-managed securely-hosted screening of your customers and transactions against the latest sanctions and PEP lists with instant alerts of any matches Provides up-to-date sanctions lists and capabilities to test your own filters
bull Fraud Prevention Payment Controls helps you manage your payment policy and identify unusual or uncharacteristic payment risk that may be indicative of fraud and provides an independent snapshot of your SWIFT transaction activity
The session considered how these solutions can help institutions be more operationally agile in terms of deployment and response to changing regulation through the use of hosted utility based solutions why understanding of counterparts and their behaviour improves trust and helps streamline STP how quality and effectiveness of systems and data is key to process payments quickly and efficiently and how institutions can best defend themselves from new patterns of cyber-fraudwwwswiftcomcompliance
How SWIFT Business Intelligence solutions support your gpi journey
During this yearrsquos Business Intelligence sessions at SOFE the team delivered in depth presentations on SWIFTrsquos Business Intelligence (BI) for gpi solutions which consist of the Watch and gpi Observer portfolios combined with BI services These solutions are specifically designed to support customerrsquos gpi business cases prioritisation strategies and help identify business development opportunities They demonstrated how these BI solutions provide tangible and unique insights that bring value and a competitive advantage to customers as well as to their customers The recently launched gpi Observer
Analytics solution was central to the discussion and as the team explained these cutting-edge insights provide all the payments routing intelligence and data for gpi members to see where to optimise or adapt their existing payment routings leading to lower costs and faster payments The sessions also highlighted how financial institutions that deploy the new solution are gaining speed benchmarking capabilities and are able to now act upon fact-based information to steer their cross-border payments strategy through improved operational and market analysis
1010
ISO 20022 for managers ndash the time is now
ISO 20022 for beginners ndash what you really need to know
As announced in September in 2021 SWIFT will begin migrating all cross-border and many-to-many payments onto ISO 20022 This decision comes after large scale community consultation that took in feedback from a wide variety of stakeholders We want to ensure the entire SWIFT community is well informed and prepared for the migration The session provided information about the approach we are taking and what it means for you
We have aligned the start date of our migration in 2021 with the adoption of ISO 20022 of the Eurozonersquos high value payments systems The migration will cover MT categories 1 2 and 9 and will impact correspondent banks as well as other users of these messages including securities players A four-year co-existence
The workshop focused on the following key aspectsbull What is ISO 20022 and how it
constitutes a single approach for financial standardisation initiatives
bull SWIFTrsquos involvement and unparalleled expertise in ISO 20022 adoption
bull Status on ISO 20022 implementations around the globe and how ISO 20022 has become the dominant language of financial transactions
bull The importance of Market Practice and zoom on HVPS+ (High-Value Payment System+) the ISO 20022 global market practice for Payment Market Infrastructures
bull A new challenge ISO 20022 migration for cross-border payments as a result of the September 2018 Board decision
phase will allow all members of the SWIFT community to make the switch
SWIFT will work closely with the community to formulate and refine market practice guidelines In tandem with the Payments Market Practice Group (PMPG) we have created the Cross-Border Payments and Reporting Plus (CBPR+) working group to develop global usage guidelines We will invite our community to review and give feedback on these guidelines as they mature
We will also provide a central translation service to ensure successful community migration and to facilitate the co-existence phase This service will also implement the rules formulated by CBPR+ and all users will be automatically enrolled
As result of the session participants gained a broader appreciation of the industryrsquos journey towards ISO 20022 adoption how global groups like HVPS+ are working together to create global industry standards and common principals
Work session summaries
Optimise your back-office functions with SWIFTRef the must-have global reference data utility
In this session we explained the new files including Standing Settlement Instructions (SSI) National ID History and National ID Format Account Number Format and the gpi directory We also presented the recent Entity Plus product and a revamp of our Bankers World Online tool (live on 15 December) and gave you some insight into our planned future developments of APIs
Finally we discussed the impact of the BIC migration to the new version of the ISO 9362 standard on SWIFTRef From March 2019 it will no longer be possible to derive the connectivity of an organisation from the 8th character in the BIC nor the time-zone from the 7th character This information is now reflected in dedicated data elements in the SWIFTRef portfolio As a consequence all
current BIC Directory customers need to migrate to the BIC Plus or BIC Directory 2018
More information on the SWIFTRef portfolio can be found at wwwswiftcomswiftref
1111
Work session summaries
Innovation
DLT e-Voting solution ndash A proof of concept with SWIFT and Slib
In this session SWIFT shared its vision on the role it can play related to DLT technology when the technology matures and strong use cases emerge SWIFT can become the market place for DLT-based services that are provided by third parties and deployed on the SWIFT network This can be achieved by leveraging existing infrastructure and services The eVoting proof of concept fits into this vision Slib acting as provider of a DLT-based service has developed an application for distributing shareholder meeting notifications and collecting votes from shareholders SWIFT has provided the DLT sandbox on which this application has been deployed
Evolution of SWIFTrsquos cloud platform
SWIFT AI ndash How to get structure out of your unstructured data
10 years ago SWIFT launched its first cloud platform lsquoAlliance Litersquo Since then the trend to outsource has scaled up significantly and SWIFT has continued to evolve its offering Today SWIFTrsquos cloud solutions (Alliance Lite2 Alliance Remote Gateway and Alliance Lifeline) are highly successful and serve more than 2300 customers In recent years constant change has become the new norm in the financial industry It is therefore important that our cloud solution provide our customers the agility they need to prepare for the future In that perspective SWIFT is developing a brand new cloud platform It is based on state-of-the-art technology offering 24x7 availability built-in resilience highest
This session presented a new SWIFT RampD solution based on artificial intellgence (AI) that can be used in order to get structure out of unstructured data
The goal of this AI research is to bring transparency to data by transforming legacy data into ISO 20022 format The solution can be used as a SWIFTNet API or as an onsite solution It is currently trained in SWIFT premises and is used in order to clean data such as the SWIFTRef data The conversion rate is currently of 95 but as it is a Machine Learning model it learns as it goes and the precision is improving every day
security and larger throughput Another key ingredient is the integration capability not only with the customerrsquos back-office application but also with SWIFTrsquos local archive solution lsquoAlliance Warehousersquo or SWIFT services such as gpi and transaction screening The platform will also have flexible message processing abilities and is being developed with a continuous attention to the user experience The go-live of this new cloud platform is planned for 2020 In addition to an overview of the main values customers can expect from this new cloud solution the session also offered a sneak preview of the graphical user interface More to come in the course of 2019
1212
SWIFTrsquos API strategy SWIFT gpi ndash the new norm in cross-border payments
This session built on the White Paper ldquoAPIs Delivering a global platform for the financial services API economyrdquo (httpswwwswiftcomresourceswift-api) that SWIFT published just before SIBOS 2018 It positioned SWIFTrsquos overall strategy on APIs building on its year-long experience in standardisation leveraging its security and reliability paradigm to the API world Finally both the standardisation and the platform aspects were brought to life by walking through a number of use-cases (including PSD2) There was a lot of interest shown during and after the session by attendees who are already closely involved in API implementations as well as those who will be in the near future
This year at SOFE the SWIFT gpi sessions were scheduled every day and welcomed 100+ delegates and vendors over the three days The sessions covered the features of the existing services (gCCT gCOV and gSRP) the eco-system and future roadmap Throughout SOFE a large screen projected the rapid take-up of gpi more than 105 gpi banks are now live on gpi representing 410+ BICs and covering 140 currencies Gpi sent traffic has grown to over 12 million cross-border payments daily with more than 50 gpi to gpi As a result gpi messages flow across 800+ country corridors representing a value superior to $100 bn daily
Work session summaries
Cyber security and the Customer Security Programme
Cyber intelligence sharing
Cyber resilience
The SWIFT ISAC shares information that customers can use to better protect their environment
After having explained how the SWIFT Customer Security Intelligence team usually performs its forensic investigations we reinforced the necessity for customers to regularly consume the Indicators of Compromise (IOCs) published on the portal
Additional focus was put on automated sharing of IOCs via STIXTAXII which was made available since February 2018 Participants left with a clear understanding of different ways in which SWIFT shares cyber intelligence with the SWIFT Community and of importance of acting on IOCs published on SWIFT ISAC
The voting app and interactions with the audience captured some feedback confirming the growing interest in cyber intelligence exchange within the SWIFT Community
The session on cyber resiliency first set the scene by presenting the evolving cyber threat landscape Cyber-attacks are becoming more frequent and sophisticated The industry is trying to keep pace by implementing security frameworks and moving from a position of control to one of resilience The session discussed the difference between cyber security and cyber resilience whilst for cyber security the focus is set on protecting and surviving a cyber-attack cyber resilience is composed of a broader range of measures taken to bounce back (recover) from a cyber-incident in a timely manner
During the second part of the session the multi-layered security approach taken by SWIFT was discussed and illustrated with resiliency functionalities available at different levels in the SWIFT application stack Finally the different steps in the recovery process after indication of a compromise were covered highlighting the common mistakes financial institutions make
1313
Improving the security of paymentsHow the Shared Infrastructure Programme (SIP) can increase the effectiveness of your risk management
This session explored the changing face of cyber-fraud and explained how financial institutions themselves are the new targets for the attackers This represents a significant challenge requiring institutions to protect themselves against these ever-present and changing cyber-fraud risks The attack vectors were characterised as well as why the cyber attackers want you to know nothing see nothing and do nothing
SWIFTrsquos recently launched Payment Controls service helps financial institutions reduce their fraud and reputational risks and build trust This zero-footprint in-network solution offers the ability to protect against the risk of fraudulent payments via real-time monitoring alerting and payment blocking It offers flexible configurable correspondent banking focused models designed in association with the community The capabilities and benefits were illustrated via an interactive hands-on demonstration using the live service showing examples of rule configuration activation and alert management This was followed by a detailed and lively QampA sessionwwwswiftcompaymentcontrols
The session covered the further evolution of the Shared Infrastructure Programme (SIP) in 2019 listed the tangible risk mitigating results of SIP since beginning of last year and provided an overview of the most common hurdles Service Bureaux are struggling with to reach full compliance with SIP 2018
Compliance with the SIP security and operational requirements is not only needed after a one-time assessment but throughout the year It was therefore explained how SWIFT captures the required security configuration data to enable the monitoring of such a continued compliance The session was attended by a very good representation of the service bureau community in EMEA by service bureau customers and their counterparties and by regulators The diverse audience was a unique opportunity to engage in a dialogue and to capture suggestions for increasing the effectiveness of the programme
Understanding your counterpartyrsquos CSP attestation level
Security Controls 2019
By now all SWIFT customers should be checking what the attestation level of their counterparties is and integrating this compliance data into their risk management processes One take away of the session was a need to adapt the cybersecurity risk governance model to support the assessment of counterparty cybersecurity attestation data eg Identify the appropriate representatives from across the organisation for lsquograntingrsquo lsquorequestingrsquo attestation data
The second take way is that KYC-SA attestation data should be viewed as an additional dimension within the institutionrsquos existing counterparty risk management framework Finally the participants confirmed the interest from the community to integrate the KYC-SA attestation data in their risk management system It is currently available by exporting data and in the future it will be done thanks to a new set of API We also spent some time in the session discussing considerations in granting and requesting access to attestation data
As the threat landscape evolves so must the CSP Details of the changes brought by the Customer Security Control Framework (CSCF) 2019 version were shared with the audience leading to very interactive exchanges We took the opportunity in this session to remind customers about(i) their obligation as per the CSP Policy to comply with the mandatory
controls of the CSCF v2017 by the 31 December 2018(ii) about the next upcoming milestones for 2019 and onwards and (iii) about the possibility to leverage the new reporting functionalities in the
KYC-SA application to integrate counterpartiesrsquo self-attestation results in their own risk management potentially along with the financial and legal due diligence aspects already covered in the KYC Registry application
On the risk management integration topic we strongly advised the audience to attend the session lsquoUnderstanding your counterpartyrsquos CSP attestation levelrsquo Finally we provided the attendees with a vade mecum of tactical actions to undertake to mitigate cyber risks This yearrsquos session was complemented by the opportunity for hands-on demos of the KYC-SA application at the SWIFT Lab
Work session summaries
1414
Alliance portfolio ndash Whatrsquos new whatrsquos next
In the session we took a look at the various key trends observed in the market ndash cloud UX data APIs ISO 20022 and cyber security ndash and presented to the audience the Alliance Portfolio plans to embrace those new trends The session started with a presentation of the new cloud platform that SWIFT is building The new cloud platform provides a fully managed interface and connectivity to SWIFT with improved availability resiliency and scalability It also comes with a completely new user experience with amongst others a very intuitive graphical user interface
The same team of user experience experts at SWIFT helped to design the Alliance Warehouse the brand new solution from SWIFT for long-term message archive with powerful search and investigation capabilities which was also presented during the session Finally we covered a brief introduction to APIs ISO 20022 and cyber security and looked at their impact on the Alliance portfolio
Work session summaries
Operational Excellence
Alliance interfaces roadmap 2019-2020
Alliance Messaging Hub ndash the future in financial messaging
This yearrsquos session was a traditional roadmap session that looked at what has been released over the last 6 months and what is coming up in the next 2 years
With the community having gone through the heavy CSPrelease 72SR2018 migration in 2018 everybody is now looking at what to plan next Release 72 support ends end January 2020 and by that time the community must have updated the fill stack of SWIFTNet and Alliance products to release 73 or release 74
Release 73 was made available in September 2018 and introduces amongst others new ways to implement multi-factor authentication Release 74 planned for mid-2019 will provide additional security and other features will support IBM MQ 91 and a slightly updated OS baseline Release 75 will focus on features for the ISO 20022 migration and ESMIG All along we will provide for AccessEntry the standard updates in the annual release as well as on the two preceding releases During and after the sessions customers took the opportunities to ask questions and exchange views with the product manager This was key information to ensure that the portfolio evolves in line with customer needs
In this session a high-level introduction was provided around Alliance Messaging Hub (AMH) SWIFTrsquos messaging hub that offers functionality beyond classic SWIFTNet interfacing AMH offers an orchestration layer on top of its SWIFTNet messaging capabilities allowing for flexible integration into banksrsquo systems and into other networks The 247365 capable architecture offers top class resilience and serves as a solid foundation for real-time processing
The product is able to process and orchestrate messages under high load and respecting low latency requirements AMH for Hong Kong Faster Payments is a real-life testimony to AMHrsquos processing capabilities
where it runs as a messaging hub for key banks in the region AMH version 40 will be launched in March 2019 and will offer an even richer set of security and gpi related functionality The application will be further shielded and installation and deployment will become more standardized to further reduce the banksrsquo TCO
Further strengthening its real-time offering AMH v40 will offer flows into RT1 and TIPS leveraging SWIFTrsquos Instant channel for the EBA and the Eurosystem In the multi-network space AMH v40 will provide flows for Fedwire Funds and TCH CHIPS
Beyond v40 and in the same way as financial institutions are evolving we are continuously innovating AMH The core will become more modular embracing the trends of containerised systems and we will introduce more integration options such as more standardized yet flexible API support With ISO 20022 migration and ISO 20022-powered APIs coming up we believe AMH will offer the complete package for a bank to face the upcoming challenges in the financial messaging eco-system
1515
Operational challenges Find out how we can help you manage them better
mySWIFT ndash Enhance your gateway to support the most of data analytics
SWIFT continues to invest in the support portfolio Over the past two years we have consulted customers to ensure that it remains healthy and future proof The findings led SWIFT to focus on customer experience as the central theme of the portfolio refresh
In the session the rebranded Professional Services organisation was shared It is now set up to take customers on the full solution journey from design to deployment to maintenance The deep-dive into the updated Advanced Support and Care offering gave further insights into the newly modularised and clarified support deliverables
The overall value proposition of SWIFT Community Support the backbone of support given to all customers and then the Premium and Care options was underlined Customers will now better understand and choose the appropriate pro-active reactive preventive andor hands-on support option with Premium Plus being perhaps the most attractive option as the dedicated service manager especially adds significant value
The sessions were very well attended and although it requires no specific action from customers it is an important evolution to keep track of
Last year at SOFE SWIFT ran exploratory sessions on Support Tools This year we were pleased to show the result of this consultation with newly- and to be released applications on mySWIFTndash New ldquoKnowledge Centrerdquo (since Q4 2018) ndash an easy-to-use and
customisable portal covering all documentation resources (User Handbook Knowledge Base tips how-to videos SWIFTSmart)
ndash New ldquoNotification Centrerdquo (since Q4 2018) ndash a trusted notification tool for SWIFT Operational messages
ndash Coming ldquomyStatusrdquo (H1 2019) ndash a real-time snapshot providing the status of your connectivity components - VPNs SNLs LTs per location and per environment
During the second part of the session we shared our insights about data analytics and predictive capabilities performed on operational data showing how it could allow operators to focus on the most relevant issues while discarding the noise This interactive session ended by a digi-voting exercise where participants were asked through 4 use cases to provide their appetite on ldquohow pattern deviation algorithms could be useful to the communityrdquo We look forward to seeing you next year for more insights and results on the subject
Using Alliance Managed Operations to your strategic advantage
Market trends show a growing appetite for IT teams to (re-)focus on their core business Employees are becoming overburdened with staying on top of regulatory compliance and security challenges and at the same time remaining mindful of resourcing needs to manage the highly critical and sometimes complex SWIFT infrastructures
In this session we outlined and demonstrated how these aspects can be addressed through SWIFTrsquos managed service offering This service brings relevant expertise discipline and rigour into any organisation by becoming a natural extension of the existing team A highlight of the session was the near real-time monitoring feature With this service SWIFT monitors Alliance Gateway and Alliance Access events and VPN lines which can trigger corrective actions with minimal delay
The session clearly resonated with all participants and we look forward to meeting your future managed service needs
Work session summaries
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
44
opens up questions for banks with regards to what kind of information and how much of the process they want to expose to their end customers
Josserand closed by saying that the gpi porlet is an example of a solution that is ready to be deployed but that is pending feedback from the community before moving to the next stage
The innovation plenary finished with a video message for SOFE delegates from SWIFTrsquos CEO Gottfried Leibbrandt He underlined that innovation is vital to the organisation as it is a technology company and that he wants to support the companyrsquos customers There is a big focus on innovation of systems and
Leibbrandt was keen to stress that SWIFTrsquos existing footprint and systems allow for a quick ramp up of new solutions such as gpi which he noted as an example of innovation at the core of the banking system
Leibbrandt closed by saying that the big challenge with innovation in financial services is to ensure that it is relatable to what banks actually have and what they are doing today rather than simply innovating for innovationrsquos sake
Plenaries
Innovation plenary
The afternoon of day 1 kicked off with the Innovation plenarywhich included a case study highlighting the type of work done by the SWIFTLab Claire Josserand SWIFTLab amp innovation manager gave delegates a preview of solution that is being developed right now but has not yet gone to market
Josserand described plans for a gpi portlet ndash a way to integrate gpi into a bankrsquos web portal in a way that brings information directly to their end customer All of the information provided is seen directly through the bank screen once the customer has logged into their online banking and the view of the tracker is customisable for every institution She made the point that this
55
Today cyber criminals are much more likely to attack institutions through social engineeringrdquo
Keeping up with exponential change
Day II Secure
Jamie Woodruff director of MetricsCloud and a renowned ethical hacker gave an entertaining and eye-opening keynote presentation on cyber crime to kick off day two of SOFE While therersquos a certain media perception of who a hacker is Woodruff noted in reality it is much more likely to be a disgruntled current or former employee that is seeking to compromise your institution
Woodruff then ran through how cyber crime has evolved starting with viruses such as malicious code and trojans through ID theft and then on to the opportunistic nature of botnets Today cyber criminals are much more likely to attack institutions through social engineering and the threats are certainly much more financially motivated than in the past where defacing or closing a website was the main goal for hackers
Once a hacker has compromised your systems the prospect of a lsquosmash and grabrsquo raid is generally not that likely they much prefer to sit in the system and monitor activity and the movement of data In many ways data is more valuable than simply removing money from an account
Woodruff explained how it is possible to buy ransomware ndash similar to the infamous WannaCry software ndash for around $10000 It is undetectable and also comes with your own account manager They can also offer lsquocustomerrsquo service support essentially talking the victims of such an attack through the process of how to buy and send the crypto currencies required to release their computers or systems from the attack
This is one example of the growth of organised business cyber crime Woodruff spent some time describing the organisational structure of a typical organised cyber crime operation before going on to explaining his approach to social engineering that allows him to facilitate the ethical hacks he is hired to perform Having defined the end goal or motivation of the hack he will engage in online reconnaissance of the business as well as profile physical and human targets Once the information gathering is complete he will select the specific attack vectors to use and launch the attack
Woodruff explained that even though companies may have very strict data security policies they can still provide hackers with vital information from some surprising and unintentional sources He used the example of a job advertisement that sets out the specific software requirements the organisation requires from candidates To any hackers seeing the advertisement they now know that specific software runs somewhere in the organisationrsquos systems and can set about targeting that
Plenaries
66
Addressing the cyber threat
The afternoon plenary on day two was a panel discussion on cyber security for which Woodruff was joined by Petra Hielkema director of payments and market infrastructure at the Dutch Central Bank and Karel De Kneef SWIFTrsquos global head of security operations The discussion was moderated by Saskia Devolder head of Western and Central Europe at SWIFT
Woodruff expanded on his earlier point about disgruntled employees as a potential weak link To identify someone like this he said they will often disassociate themselves from the organisation they work for They may also enjoy taking company property home for example Woodruff noted that certain patterns of behaviour can be identified and that this is a field where AI can be particularly helpful
Hielkema made the point that institutions need to test what hackers do when they get into their systems and that the focus cannot simply be on keeping them out She added that there are two types of companies those who know they have been hacked and those that donrsquot
One way to prevent getting hacked is to ensure you are on the latest software version so make sure to patch De Kneef commented Patching is very important as it is a good foundation As he put it donrsquot invest in fancy technology if you keep the back door open
Hackers will sit and watch you not just in your system but physically in person and they are prepared to wait Woodruff said that organisations need to be aware of this The incursion doesnrsquot have to
happen in the finance department De Kneef noted it could happen anywhere from HR to marketing
Having spent many years looking into the security that organisations have on their data Woodruff said that lsquoBig Pharmarsquo is more secure than any other industry he has seen He added that financial institutions are generally more secure than corporates who may lack the budget for robust cyber security De Kneef noted that over the past three years the response in financial services to cyber threats has been tremendous from the regulatory side to the institutions themselves
Answering a question from the audience about how robust cloud security is Woodruff recommended that institutions adopt a multi-cloud approach if they havenrsquot already Essentially
this breaks up information that is valuable into several different pieces on different clouds Individually the information is useless and therefore unusable by a hacker He used the example of dividing up credit card details ndash every four numbers from the main number the expiry date the CVV number etc ndash into different cloud storage
Communication is a vital element in addressing any type of hack both internally and externally the panel agreed Woodruff said that the reporting of a system compromise comes down to people Some will be scared to report when they accidentally click a compromised link on their computer in case they are disciplined by management Organisations need to foster a culture where staff members are encouraged to report the slightest of suspicions they may have
Additionally companies and institutions themselves need to communicate to the market when they identify a hack on their systems Hielkema said that organisations should have a communications strategy in place before anything like this happens so that they can react quickly ndash she noted that unofficial accounts can drop on social media really quickly so it is vital that companies can get out ahead of this
Plenaries
77
Dr Markos Zachariadis ndash who is associate professor of Information Systems Management and Innovation at Warwick Business School University of Warwick and also a fintech research fellow at CDI University of Cambridge ndash gave a keynote presentation on the future of banking with particular reference to open APIs and the digital economy
Starting by looking at what drives change in financial services Dr Zachariadis identified regulation demand technology and organisational and market structure as four key drivers that both impact and are impacted by each other
Today there is a regulatory context in open banking ndash from the second
Payment Services Directive (PSD2) and Open Banking in the UK The whole idea is to open up access to data in order to improve market outcomes At the same time technology has developed at an extremely rapid pace particularly when it comes to APIs Dr Zachariadis said that banks need to not only think of APIs as technology but also to conceptualise them as a product that can be priced managed and promoted
He noted how APIs have led to a rapid growth in platforms citing Applersquos iPhone with its iOS and apps as a key example Apple was quick to push APIs to the public and the iPhonersquos foundation as a platform made the difference
Day III Shape the future
Industry platformification
The platform concept has opened up and is now seen in many industries said Dr Zachariadis using Uber Airbnb Facebook and Instagram as prime examples Most people are now familiar with the quote about Uber being the largest taxi company but not owning any cars Airbnb as the largest hotel chain without owning any property and so on What all of these businesses have in common is that they connect people ndash service providers and service buyers
What platforms do differently is that they sell reductions in transaction costs not products It is a business model that creates value by enabling interactions between external producers and consumers Platforms can also scale more efficiently and quickly by eliminating the gatekeeper They can unlock new sources of value creation and supply
Dr Zachariadis then went on to talk about the network effect which is the value that is created when more and more people join
a network There is a positive effect when users join and enlarge a network The benefits increase for everyone ndash the more companies that join a platform the more value they can extract from the network
Plenaries
88
Context for financial services
How does the platformification disruption seen in other industries relate to banking Dr Zachariadis noted that APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clients The question is how to do that He pointed out that while banks need to sell lower transaction costs they still need to sell the trust and reassurance to the customer that the banking business relies on
Dr Zachariadis ran through four types of platforms in the financial services world that have emerged since PSD2 These arendash Incumbent bank platformsndash Challenger bank platforms
which do brokering much better according to Dr Zachariadis Examples of this include Starling Bank and Revolut
ndash API aggregator platforms which connect banks to fintechs
ndash Account aggregator platforms and services
Following his presentation Dr Zachariadis was joined on stage by Leo Punt head of EMEA Services and Support at SWIFT for a short QampA on some of the issues that had been raised Punt began by asking whether there is room for utilities in the financial services market of the future
Dr Zachariadis said there is but he is unsure for how many saying that there may be some consolidation for banks that go this route to undertake He made the point that utilities in this space are not platforms but that they can be very profitable
Touching on the key theme from day two at SOFE Punt then asked if the platformification development in financial services is being hampered by cyber threats Dr Zachariadis agreed that in a modulated environment this is an issue that may delay the launch of more open business models He did also note that there is an opportunity for banks
if they can be an early adopter and can demonstrate a stable platform they can get a huge first mover win The sooner banks can cut transaction costs the sooner they can earn more customers
Dr Zachariadis closed by offering two key takeaways to the SOFE delegates1 Think about what you could
offer to customers that isnrsquot in your value proposition right now Look at things built outside that you can offer to customers
2 Everything starts from sharing data The biggest value of being a platform is access to more data than ever How can you use this to bring more value to yourself as well as to your customers
Plenaries
APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clientsrdquo
When SOFE 2019 begins in 12 monthsrsquo time it will be fascinating to see how far financial services has come in the digital transformation journeyrdquo
99
Work session summaries
Business amp ComplianceFinancial crime compliance in the real-time world
This work session considered the challenges faced by institutions in meeting their financial crime compliance obligations in an increasingly fast-paced world and how SWIFTrsquos Financial Crime Compliance (FCC) portfolio can help institutions respond ndash today and in the future The session discussed the challenges associated with the rate of regulatory change how gpi is increasing the speed and volume of correspondent payments the dynamic rate of change of lists and screening requirements for sanctions compliance and the increasing fraud risks faced by institutions with the adoption of real-time payments SWIFTrsquos FCC solutions allow customers to manage the complete compliance life-cycle with solutions forbull Know Your Customer
The KYC Registry provides a secure shared platform for financial institutions to exchange standardised know your customer information
bull Anti-Money Laundering The Compliance Analytics portfolio pinpoints compliance risks and gives a new way to monitor your correspondents to identify activities indicative of money laundering
bull Sanctions Compliance Provides fully-managed securely-hosted screening of your customers and transactions against the latest sanctions and PEP lists with instant alerts of any matches Provides up-to-date sanctions lists and capabilities to test your own filters
bull Fraud Prevention Payment Controls helps you manage your payment policy and identify unusual or uncharacteristic payment risk that may be indicative of fraud and provides an independent snapshot of your SWIFT transaction activity
The session considered how these solutions can help institutions be more operationally agile in terms of deployment and response to changing regulation through the use of hosted utility based solutions why understanding of counterparts and their behaviour improves trust and helps streamline STP how quality and effectiveness of systems and data is key to process payments quickly and efficiently and how institutions can best defend themselves from new patterns of cyber-fraudwwwswiftcomcompliance
How SWIFT Business Intelligence solutions support your gpi journey
During this yearrsquos Business Intelligence sessions at SOFE the team delivered in depth presentations on SWIFTrsquos Business Intelligence (BI) for gpi solutions which consist of the Watch and gpi Observer portfolios combined with BI services These solutions are specifically designed to support customerrsquos gpi business cases prioritisation strategies and help identify business development opportunities They demonstrated how these BI solutions provide tangible and unique insights that bring value and a competitive advantage to customers as well as to their customers The recently launched gpi Observer
Analytics solution was central to the discussion and as the team explained these cutting-edge insights provide all the payments routing intelligence and data for gpi members to see where to optimise or adapt their existing payment routings leading to lower costs and faster payments The sessions also highlighted how financial institutions that deploy the new solution are gaining speed benchmarking capabilities and are able to now act upon fact-based information to steer their cross-border payments strategy through improved operational and market analysis
1010
ISO 20022 for managers ndash the time is now
ISO 20022 for beginners ndash what you really need to know
As announced in September in 2021 SWIFT will begin migrating all cross-border and many-to-many payments onto ISO 20022 This decision comes after large scale community consultation that took in feedback from a wide variety of stakeholders We want to ensure the entire SWIFT community is well informed and prepared for the migration The session provided information about the approach we are taking and what it means for you
We have aligned the start date of our migration in 2021 with the adoption of ISO 20022 of the Eurozonersquos high value payments systems The migration will cover MT categories 1 2 and 9 and will impact correspondent banks as well as other users of these messages including securities players A four-year co-existence
The workshop focused on the following key aspectsbull What is ISO 20022 and how it
constitutes a single approach for financial standardisation initiatives
bull SWIFTrsquos involvement and unparalleled expertise in ISO 20022 adoption
bull Status on ISO 20022 implementations around the globe and how ISO 20022 has become the dominant language of financial transactions
bull The importance of Market Practice and zoom on HVPS+ (High-Value Payment System+) the ISO 20022 global market practice for Payment Market Infrastructures
bull A new challenge ISO 20022 migration for cross-border payments as a result of the September 2018 Board decision
phase will allow all members of the SWIFT community to make the switch
SWIFT will work closely with the community to formulate and refine market practice guidelines In tandem with the Payments Market Practice Group (PMPG) we have created the Cross-Border Payments and Reporting Plus (CBPR+) working group to develop global usage guidelines We will invite our community to review and give feedback on these guidelines as they mature
We will also provide a central translation service to ensure successful community migration and to facilitate the co-existence phase This service will also implement the rules formulated by CBPR+ and all users will be automatically enrolled
As result of the session participants gained a broader appreciation of the industryrsquos journey towards ISO 20022 adoption how global groups like HVPS+ are working together to create global industry standards and common principals
Work session summaries
Optimise your back-office functions with SWIFTRef the must-have global reference data utility
In this session we explained the new files including Standing Settlement Instructions (SSI) National ID History and National ID Format Account Number Format and the gpi directory We also presented the recent Entity Plus product and a revamp of our Bankers World Online tool (live on 15 December) and gave you some insight into our planned future developments of APIs
Finally we discussed the impact of the BIC migration to the new version of the ISO 9362 standard on SWIFTRef From March 2019 it will no longer be possible to derive the connectivity of an organisation from the 8th character in the BIC nor the time-zone from the 7th character This information is now reflected in dedicated data elements in the SWIFTRef portfolio As a consequence all
current BIC Directory customers need to migrate to the BIC Plus or BIC Directory 2018
More information on the SWIFTRef portfolio can be found at wwwswiftcomswiftref
1111
Work session summaries
Innovation
DLT e-Voting solution ndash A proof of concept with SWIFT and Slib
In this session SWIFT shared its vision on the role it can play related to DLT technology when the technology matures and strong use cases emerge SWIFT can become the market place for DLT-based services that are provided by third parties and deployed on the SWIFT network This can be achieved by leveraging existing infrastructure and services The eVoting proof of concept fits into this vision Slib acting as provider of a DLT-based service has developed an application for distributing shareholder meeting notifications and collecting votes from shareholders SWIFT has provided the DLT sandbox on which this application has been deployed
Evolution of SWIFTrsquos cloud platform
SWIFT AI ndash How to get structure out of your unstructured data
10 years ago SWIFT launched its first cloud platform lsquoAlliance Litersquo Since then the trend to outsource has scaled up significantly and SWIFT has continued to evolve its offering Today SWIFTrsquos cloud solutions (Alliance Lite2 Alliance Remote Gateway and Alliance Lifeline) are highly successful and serve more than 2300 customers In recent years constant change has become the new norm in the financial industry It is therefore important that our cloud solution provide our customers the agility they need to prepare for the future In that perspective SWIFT is developing a brand new cloud platform It is based on state-of-the-art technology offering 24x7 availability built-in resilience highest
This session presented a new SWIFT RampD solution based on artificial intellgence (AI) that can be used in order to get structure out of unstructured data
The goal of this AI research is to bring transparency to data by transforming legacy data into ISO 20022 format The solution can be used as a SWIFTNet API or as an onsite solution It is currently trained in SWIFT premises and is used in order to clean data such as the SWIFTRef data The conversion rate is currently of 95 but as it is a Machine Learning model it learns as it goes and the precision is improving every day
security and larger throughput Another key ingredient is the integration capability not only with the customerrsquos back-office application but also with SWIFTrsquos local archive solution lsquoAlliance Warehousersquo or SWIFT services such as gpi and transaction screening The platform will also have flexible message processing abilities and is being developed with a continuous attention to the user experience The go-live of this new cloud platform is planned for 2020 In addition to an overview of the main values customers can expect from this new cloud solution the session also offered a sneak preview of the graphical user interface More to come in the course of 2019
1212
SWIFTrsquos API strategy SWIFT gpi ndash the new norm in cross-border payments
This session built on the White Paper ldquoAPIs Delivering a global platform for the financial services API economyrdquo (httpswwwswiftcomresourceswift-api) that SWIFT published just before SIBOS 2018 It positioned SWIFTrsquos overall strategy on APIs building on its year-long experience in standardisation leveraging its security and reliability paradigm to the API world Finally both the standardisation and the platform aspects were brought to life by walking through a number of use-cases (including PSD2) There was a lot of interest shown during and after the session by attendees who are already closely involved in API implementations as well as those who will be in the near future
This year at SOFE the SWIFT gpi sessions were scheduled every day and welcomed 100+ delegates and vendors over the three days The sessions covered the features of the existing services (gCCT gCOV and gSRP) the eco-system and future roadmap Throughout SOFE a large screen projected the rapid take-up of gpi more than 105 gpi banks are now live on gpi representing 410+ BICs and covering 140 currencies Gpi sent traffic has grown to over 12 million cross-border payments daily with more than 50 gpi to gpi As a result gpi messages flow across 800+ country corridors representing a value superior to $100 bn daily
Work session summaries
Cyber security and the Customer Security Programme
Cyber intelligence sharing
Cyber resilience
The SWIFT ISAC shares information that customers can use to better protect their environment
After having explained how the SWIFT Customer Security Intelligence team usually performs its forensic investigations we reinforced the necessity for customers to regularly consume the Indicators of Compromise (IOCs) published on the portal
Additional focus was put on automated sharing of IOCs via STIXTAXII which was made available since February 2018 Participants left with a clear understanding of different ways in which SWIFT shares cyber intelligence with the SWIFT Community and of importance of acting on IOCs published on SWIFT ISAC
The voting app and interactions with the audience captured some feedback confirming the growing interest in cyber intelligence exchange within the SWIFT Community
The session on cyber resiliency first set the scene by presenting the evolving cyber threat landscape Cyber-attacks are becoming more frequent and sophisticated The industry is trying to keep pace by implementing security frameworks and moving from a position of control to one of resilience The session discussed the difference between cyber security and cyber resilience whilst for cyber security the focus is set on protecting and surviving a cyber-attack cyber resilience is composed of a broader range of measures taken to bounce back (recover) from a cyber-incident in a timely manner
During the second part of the session the multi-layered security approach taken by SWIFT was discussed and illustrated with resiliency functionalities available at different levels in the SWIFT application stack Finally the different steps in the recovery process after indication of a compromise were covered highlighting the common mistakes financial institutions make
1313
Improving the security of paymentsHow the Shared Infrastructure Programme (SIP) can increase the effectiveness of your risk management
This session explored the changing face of cyber-fraud and explained how financial institutions themselves are the new targets for the attackers This represents a significant challenge requiring institutions to protect themselves against these ever-present and changing cyber-fraud risks The attack vectors were characterised as well as why the cyber attackers want you to know nothing see nothing and do nothing
SWIFTrsquos recently launched Payment Controls service helps financial institutions reduce their fraud and reputational risks and build trust This zero-footprint in-network solution offers the ability to protect against the risk of fraudulent payments via real-time monitoring alerting and payment blocking It offers flexible configurable correspondent banking focused models designed in association with the community The capabilities and benefits were illustrated via an interactive hands-on demonstration using the live service showing examples of rule configuration activation and alert management This was followed by a detailed and lively QampA sessionwwwswiftcompaymentcontrols
The session covered the further evolution of the Shared Infrastructure Programme (SIP) in 2019 listed the tangible risk mitigating results of SIP since beginning of last year and provided an overview of the most common hurdles Service Bureaux are struggling with to reach full compliance with SIP 2018
Compliance with the SIP security and operational requirements is not only needed after a one-time assessment but throughout the year It was therefore explained how SWIFT captures the required security configuration data to enable the monitoring of such a continued compliance The session was attended by a very good representation of the service bureau community in EMEA by service bureau customers and their counterparties and by regulators The diverse audience was a unique opportunity to engage in a dialogue and to capture suggestions for increasing the effectiveness of the programme
Understanding your counterpartyrsquos CSP attestation level
Security Controls 2019
By now all SWIFT customers should be checking what the attestation level of their counterparties is and integrating this compliance data into their risk management processes One take away of the session was a need to adapt the cybersecurity risk governance model to support the assessment of counterparty cybersecurity attestation data eg Identify the appropriate representatives from across the organisation for lsquograntingrsquo lsquorequestingrsquo attestation data
The second take way is that KYC-SA attestation data should be viewed as an additional dimension within the institutionrsquos existing counterparty risk management framework Finally the participants confirmed the interest from the community to integrate the KYC-SA attestation data in their risk management system It is currently available by exporting data and in the future it will be done thanks to a new set of API We also spent some time in the session discussing considerations in granting and requesting access to attestation data
As the threat landscape evolves so must the CSP Details of the changes brought by the Customer Security Control Framework (CSCF) 2019 version were shared with the audience leading to very interactive exchanges We took the opportunity in this session to remind customers about(i) their obligation as per the CSP Policy to comply with the mandatory
controls of the CSCF v2017 by the 31 December 2018(ii) about the next upcoming milestones for 2019 and onwards and (iii) about the possibility to leverage the new reporting functionalities in the
KYC-SA application to integrate counterpartiesrsquo self-attestation results in their own risk management potentially along with the financial and legal due diligence aspects already covered in the KYC Registry application
On the risk management integration topic we strongly advised the audience to attend the session lsquoUnderstanding your counterpartyrsquos CSP attestation levelrsquo Finally we provided the attendees with a vade mecum of tactical actions to undertake to mitigate cyber risks This yearrsquos session was complemented by the opportunity for hands-on demos of the KYC-SA application at the SWIFT Lab
Work session summaries
1414
Alliance portfolio ndash Whatrsquos new whatrsquos next
In the session we took a look at the various key trends observed in the market ndash cloud UX data APIs ISO 20022 and cyber security ndash and presented to the audience the Alliance Portfolio plans to embrace those new trends The session started with a presentation of the new cloud platform that SWIFT is building The new cloud platform provides a fully managed interface and connectivity to SWIFT with improved availability resiliency and scalability It also comes with a completely new user experience with amongst others a very intuitive graphical user interface
The same team of user experience experts at SWIFT helped to design the Alliance Warehouse the brand new solution from SWIFT for long-term message archive with powerful search and investigation capabilities which was also presented during the session Finally we covered a brief introduction to APIs ISO 20022 and cyber security and looked at their impact on the Alliance portfolio
Work session summaries
Operational Excellence
Alliance interfaces roadmap 2019-2020
Alliance Messaging Hub ndash the future in financial messaging
This yearrsquos session was a traditional roadmap session that looked at what has been released over the last 6 months and what is coming up in the next 2 years
With the community having gone through the heavy CSPrelease 72SR2018 migration in 2018 everybody is now looking at what to plan next Release 72 support ends end January 2020 and by that time the community must have updated the fill stack of SWIFTNet and Alliance products to release 73 or release 74
Release 73 was made available in September 2018 and introduces amongst others new ways to implement multi-factor authentication Release 74 planned for mid-2019 will provide additional security and other features will support IBM MQ 91 and a slightly updated OS baseline Release 75 will focus on features for the ISO 20022 migration and ESMIG All along we will provide for AccessEntry the standard updates in the annual release as well as on the two preceding releases During and after the sessions customers took the opportunities to ask questions and exchange views with the product manager This was key information to ensure that the portfolio evolves in line with customer needs
In this session a high-level introduction was provided around Alliance Messaging Hub (AMH) SWIFTrsquos messaging hub that offers functionality beyond classic SWIFTNet interfacing AMH offers an orchestration layer on top of its SWIFTNet messaging capabilities allowing for flexible integration into banksrsquo systems and into other networks The 247365 capable architecture offers top class resilience and serves as a solid foundation for real-time processing
The product is able to process and orchestrate messages under high load and respecting low latency requirements AMH for Hong Kong Faster Payments is a real-life testimony to AMHrsquos processing capabilities
where it runs as a messaging hub for key banks in the region AMH version 40 will be launched in March 2019 and will offer an even richer set of security and gpi related functionality The application will be further shielded and installation and deployment will become more standardized to further reduce the banksrsquo TCO
Further strengthening its real-time offering AMH v40 will offer flows into RT1 and TIPS leveraging SWIFTrsquos Instant channel for the EBA and the Eurosystem In the multi-network space AMH v40 will provide flows for Fedwire Funds and TCH CHIPS
Beyond v40 and in the same way as financial institutions are evolving we are continuously innovating AMH The core will become more modular embracing the trends of containerised systems and we will introduce more integration options such as more standardized yet flexible API support With ISO 20022 migration and ISO 20022-powered APIs coming up we believe AMH will offer the complete package for a bank to face the upcoming challenges in the financial messaging eco-system
1515
Operational challenges Find out how we can help you manage them better
mySWIFT ndash Enhance your gateway to support the most of data analytics
SWIFT continues to invest in the support portfolio Over the past two years we have consulted customers to ensure that it remains healthy and future proof The findings led SWIFT to focus on customer experience as the central theme of the portfolio refresh
In the session the rebranded Professional Services organisation was shared It is now set up to take customers on the full solution journey from design to deployment to maintenance The deep-dive into the updated Advanced Support and Care offering gave further insights into the newly modularised and clarified support deliverables
The overall value proposition of SWIFT Community Support the backbone of support given to all customers and then the Premium and Care options was underlined Customers will now better understand and choose the appropriate pro-active reactive preventive andor hands-on support option with Premium Plus being perhaps the most attractive option as the dedicated service manager especially adds significant value
The sessions were very well attended and although it requires no specific action from customers it is an important evolution to keep track of
Last year at SOFE SWIFT ran exploratory sessions on Support Tools This year we were pleased to show the result of this consultation with newly- and to be released applications on mySWIFTndash New ldquoKnowledge Centrerdquo (since Q4 2018) ndash an easy-to-use and
customisable portal covering all documentation resources (User Handbook Knowledge Base tips how-to videos SWIFTSmart)
ndash New ldquoNotification Centrerdquo (since Q4 2018) ndash a trusted notification tool for SWIFT Operational messages
ndash Coming ldquomyStatusrdquo (H1 2019) ndash a real-time snapshot providing the status of your connectivity components - VPNs SNLs LTs per location and per environment
During the second part of the session we shared our insights about data analytics and predictive capabilities performed on operational data showing how it could allow operators to focus on the most relevant issues while discarding the noise This interactive session ended by a digi-voting exercise where participants were asked through 4 use cases to provide their appetite on ldquohow pattern deviation algorithms could be useful to the communityrdquo We look forward to seeing you next year for more insights and results on the subject
Using Alliance Managed Operations to your strategic advantage
Market trends show a growing appetite for IT teams to (re-)focus on their core business Employees are becoming overburdened with staying on top of regulatory compliance and security challenges and at the same time remaining mindful of resourcing needs to manage the highly critical and sometimes complex SWIFT infrastructures
In this session we outlined and demonstrated how these aspects can be addressed through SWIFTrsquos managed service offering This service brings relevant expertise discipline and rigour into any organisation by becoming a natural extension of the existing team A highlight of the session was the near real-time monitoring feature With this service SWIFT monitors Alliance Gateway and Alliance Access events and VPN lines which can trigger corrective actions with minimal delay
The session clearly resonated with all participants and we look forward to meeting your future managed service needs
Work session summaries
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
55
Today cyber criminals are much more likely to attack institutions through social engineeringrdquo
Keeping up with exponential change
Day II Secure
Jamie Woodruff director of MetricsCloud and a renowned ethical hacker gave an entertaining and eye-opening keynote presentation on cyber crime to kick off day two of SOFE While therersquos a certain media perception of who a hacker is Woodruff noted in reality it is much more likely to be a disgruntled current or former employee that is seeking to compromise your institution
Woodruff then ran through how cyber crime has evolved starting with viruses such as malicious code and trojans through ID theft and then on to the opportunistic nature of botnets Today cyber criminals are much more likely to attack institutions through social engineering and the threats are certainly much more financially motivated than in the past where defacing or closing a website was the main goal for hackers
Once a hacker has compromised your systems the prospect of a lsquosmash and grabrsquo raid is generally not that likely they much prefer to sit in the system and monitor activity and the movement of data In many ways data is more valuable than simply removing money from an account
Woodruff explained how it is possible to buy ransomware ndash similar to the infamous WannaCry software ndash for around $10000 It is undetectable and also comes with your own account manager They can also offer lsquocustomerrsquo service support essentially talking the victims of such an attack through the process of how to buy and send the crypto currencies required to release their computers or systems from the attack
This is one example of the growth of organised business cyber crime Woodruff spent some time describing the organisational structure of a typical organised cyber crime operation before going on to explaining his approach to social engineering that allows him to facilitate the ethical hacks he is hired to perform Having defined the end goal or motivation of the hack he will engage in online reconnaissance of the business as well as profile physical and human targets Once the information gathering is complete he will select the specific attack vectors to use and launch the attack
Woodruff explained that even though companies may have very strict data security policies they can still provide hackers with vital information from some surprising and unintentional sources He used the example of a job advertisement that sets out the specific software requirements the organisation requires from candidates To any hackers seeing the advertisement they now know that specific software runs somewhere in the organisationrsquos systems and can set about targeting that
Plenaries
66
Addressing the cyber threat
The afternoon plenary on day two was a panel discussion on cyber security for which Woodruff was joined by Petra Hielkema director of payments and market infrastructure at the Dutch Central Bank and Karel De Kneef SWIFTrsquos global head of security operations The discussion was moderated by Saskia Devolder head of Western and Central Europe at SWIFT
Woodruff expanded on his earlier point about disgruntled employees as a potential weak link To identify someone like this he said they will often disassociate themselves from the organisation they work for They may also enjoy taking company property home for example Woodruff noted that certain patterns of behaviour can be identified and that this is a field where AI can be particularly helpful
Hielkema made the point that institutions need to test what hackers do when they get into their systems and that the focus cannot simply be on keeping them out She added that there are two types of companies those who know they have been hacked and those that donrsquot
One way to prevent getting hacked is to ensure you are on the latest software version so make sure to patch De Kneef commented Patching is very important as it is a good foundation As he put it donrsquot invest in fancy technology if you keep the back door open
Hackers will sit and watch you not just in your system but physically in person and they are prepared to wait Woodruff said that organisations need to be aware of this The incursion doesnrsquot have to
happen in the finance department De Kneef noted it could happen anywhere from HR to marketing
Having spent many years looking into the security that organisations have on their data Woodruff said that lsquoBig Pharmarsquo is more secure than any other industry he has seen He added that financial institutions are generally more secure than corporates who may lack the budget for robust cyber security De Kneef noted that over the past three years the response in financial services to cyber threats has been tremendous from the regulatory side to the institutions themselves
Answering a question from the audience about how robust cloud security is Woodruff recommended that institutions adopt a multi-cloud approach if they havenrsquot already Essentially
this breaks up information that is valuable into several different pieces on different clouds Individually the information is useless and therefore unusable by a hacker He used the example of dividing up credit card details ndash every four numbers from the main number the expiry date the CVV number etc ndash into different cloud storage
Communication is a vital element in addressing any type of hack both internally and externally the panel agreed Woodruff said that the reporting of a system compromise comes down to people Some will be scared to report when they accidentally click a compromised link on their computer in case they are disciplined by management Organisations need to foster a culture where staff members are encouraged to report the slightest of suspicions they may have
Additionally companies and institutions themselves need to communicate to the market when they identify a hack on their systems Hielkema said that organisations should have a communications strategy in place before anything like this happens so that they can react quickly ndash she noted that unofficial accounts can drop on social media really quickly so it is vital that companies can get out ahead of this
Plenaries
77
Dr Markos Zachariadis ndash who is associate professor of Information Systems Management and Innovation at Warwick Business School University of Warwick and also a fintech research fellow at CDI University of Cambridge ndash gave a keynote presentation on the future of banking with particular reference to open APIs and the digital economy
Starting by looking at what drives change in financial services Dr Zachariadis identified regulation demand technology and organisational and market structure as four key drivers that both impact and are impacted by each other
Today there is a regulatory context in open banking ndash from the second
Payment Services Directive (PSD2) and Open Banking in the UK The whole idea is to open up access to data in order to improve market outcomes At the same time technology has developed at an extremely rapid pace particularly when it comes to APIs Dr Zachariadis said that banks need to not only think of APIs as technology but also to conceptualise them as a product that can be priced managed and promoted
He noted how APIs have led to a rapid growth in platforms citing Applersquos iPhone with its iOS and apps as a key example Apple was quick to push APIs to the public and the iPhonersquos foundation as a platform made the difference
Day III Shape the future
Industry platformification
The platform concept has opened up and is now seen in many industries said Dr Zachariadis using Uber Airbnb Facebook and Instagram as prime examples Most people are now familiar with the quote about Uber being the largest taxi company but not owning any cars Airbnb as the largest hotel chain without owning any property and so on What all of these businesses have in common is that they connect people ndash service providers and service buyers
What platforms do differently is that they sell reductions in transaction costs not products It is a business model that creates value by enabling interactions between external producers and consumers Platforms can also scale more efficiently and quickly by eliminating the gatekeeper They can unlock new sources of value creation and supply
Dr Zachariadis then went on to talk about the network effect which is the value that is created when more and more people join
a network There is a positive effect when users join and enlarge a network The benefits increase for everyone ndash the more companies that join a platform the more value they can extract from the network
Plenaries
88
Context for financial services
How does the platformification disruption seen in other industries relate to banking Dr Zachariadis noted that APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clients The question is how to do that He pointed out that while banks need to sell lower transaction costs they still need to sell the trust and reassurance to the customer that the banking business relies on
Dr Zachariadis ran through four types of platforms in the financial services world that have emerged since PSD2 These arendash Incumbent bank platformsndash Challenger bank platforms
which do brokering much better according to Dr Zachariadis Examples of this include Starling Bank and Revolut
ndash API aggregator platforms which connect banks to fintechs
ndash Account aggregator platforms and services
Following his presentation Dr Zachariadis was joined on stage by Leo Punt head of EMEA Services and Support at SWIFT for a short QampA on some of the issues that had been raised Punt began by asking whether there is room for utilities in the financial services market of the future
Dr Zachariadis said there is but he is unsure for how many saying that there may be some consolidation for banks that go this route to undertake He made the point that utilities in this space are not platforms but that they can be very profitable
Touching on the key theme from day two at SOFE Punt then asked if the platformification development in financial services is being hampered by cyber threats Dr Zachariadis agreed that in a modulated environment this is an issue that may delay the launch of more open business models He did also note that there is an opportunity for banks
if they can be an early adopter and can demonstrate a stable platform they can get a huge first mover win The sooner banks can cut transaction costs the sooner they can earn more customers
Dr Zachariadis closed by offering two key takeaways to the SOFE delegates1 Think about what you could
offer to customers that isnrsquot in your value proposition right now Look at things built outside that you can offer to customers
2 Everything starts from sharing data The biggest value of being a platform is access to more data than ever How can you use this to bring more value to yourself as well as to your customers
Plenaries
APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clientsrdquo
When SOFE 2019 begins in 12 monthsrsquo time it will be fascinating to see how far financial services has come in the digital transformation journeyrdquo
99
Work session summaries
Business amp ComplianceFinancial crime compliance in the real-time world
This work session considered the challenges faced by institutions in meeting their financial crime compliance obligations in an increasingly fast-paced world and how SWIFTrsquos Financial Crime Compliance (FCC) portfolio can help institutions respond ndash today and in the future The session discussed the challenges associated with the rate of regulatory change how gpi is increasing the speed and volume of correspondent payments the dynamic rate of change of lists and screening requirements for sanctions compliance and the increasing fraud risks faced by institutions with the adoption of real-time payments SWIFTrsquos FCC solutions allow customers to manage the complete compliance life-cycle with solutions forbull Know Your Customer
The KYC Registry provides a secure shared platform for financial institutions to exchange standardised know your customer information
bull Anti-Money Laundering The Compliance Analytics portfolio pinpoints compliance risks and gives a new way to monitor your correspondents to identify activities indicative of money laundering
bull Sanctions Compliance Provides fully-managed securely-hosted screening of your customers and transactions against the latest sanctions and PEP lists with instant alerts of any matches Provides up-to-date sanctions lists and capabilities to test your own filters
bull Fraud Prevention Payment Controls helps you manage your payment policy and identify unusual or uncharacteristic payment risk that may be indicative of fraud and provides an independent snapshot of your SWIFT transaction activity
The session considered how these solutions can help institutions be more operationally agile in terms of deployment and response to changing regulation through the use of hosted utility based solutions why understanding of counterparts and their behaviour improves trust and helps streamline STP how quality and effectiveness of systems and data is key to process payments quickly and efficiently and how institutions can best defend themselves from new patterns of cyber-fraudwwwswiftcomcompliance
How SWIFT Business Intelligence solutions support your gpi journey
During this yearrsquos Business Intelligence sessions at SOFE the team delivered in depth presentations on SWIFTrsquos Business Intelligence (BI) for gpi solutions which consist of the Watch and gpi Observer portfolios combined with BI services These solutions are specifically designed to support customerrsquos gpi business cases prioritisation strategies and help identify business development opportunities They demonstrated how these BI solutions provide tangible and unique insights that bring value and a competitive advantage to customers as well as to their customers The recently launched gpi Observer
Analytics solution was central to the discussion and as the team explained these cutting-edge insights provide all the payments routing intelligence and data for gpi members to see where to optimise or adapt their existing payment routings leading to lower costs and faster payments The sessions also highlighted how financial institutions that deploy the new solution are gaining speed benchmarking capabilities and are able to now act upon fact-based information to steer their cross-border payments strategy through improved operational and market analysis
1010
ISO 20022 for managers ndash the time is now
ISO 20022 for beginners ndash what you really need to know
As announced in September in 2021 SWIFT will begin migrating all cross-border and many-to-many payments onto ISO 20022 This decision comes after large scale community consultation that took in feedback from a wide variety of stakeholders We want to ensure the entire SWIFT community is well informed and prepared for the migration The session provided information about the approach we are taking and what it means for you
We have aligned the start date of our migration in 2021 with the adoption of ISO 20022 of the Eurozonersquos high value payments systems The migration will cover MT categories 1 2 and 9 and will impact correspondent banks as well as other users of these messages including securities players A four-year co-existence
The workshop focused on the following key aspectsbull What is ISO 20022 and how it
constitutes a single approach for financial standardisation initiatives
bull SWIFTrsquos involvement and unparalleled expertise in ISO 20022 adoption
bull Status on ISO 20022 implementations around the globe and how ISO 20022 has become the dominant language of financial transactions
bull The importance of Market Practice and zoom on HVPS+ (High-Value Payment System+) the ISO 20022 global market practice for Payment Market Infrastructures
bull A new challenge ISO 20022 migration for cross-border payments as a result of the September 2018 Board decision
phase will allow all members of the SWIFT community to make the switch
SWIFT will work closely with the community to formulate and refine market practice guidelines In tandem with the Payments Market Practice Group (PMPG) we have created the Cross-Border Payments and Reporting Plus (CBPR+) working group to develop global usage guidelines We will invite our community to review and give feedback on these guidelines as they mature
We will also provide a central translation service to ensure successful community migration and to facilitate the co-existence phase This service will also implement the rules formulated by CBPR+ and all users will be automatically enrolled
As result of the session participants gained a broader appreciation of the industryrsquos journey towards ISO 20022 adoption how global groups like HVPS+ are working together to create global industry standards and common principals
Work session summaries
Optimise your back-office functions with SWIFTRef the must-have global reference data utility
In this session we explained the new files including Standing Settlement Instructions (SSI) National ID History and National ID Format Account Number Format and the gpi directory We also presented the recent Entity Plus product and a revamp of our Bankers World Online tool (live on 15 December) and gave you some insight into our planned future developments of APIs
Finally we discussed the impact of the BIC migration to the new version of the ISO 9362 standard on SWIFTRef From March 2019 it will no longer be possible to derive the connectivity of an organisation from the 8th character in the BIC nor the time-zone from the 7th character This information is now reflected in dedicated data elements in the SWIFTRef portfolio As a consequence all
current BIC Directory customers need to migrate to the BIC Plus or BIC Directory 2018
More information on the SWIFTRef portfolio can be found at wwwswiftcomswiftref
1111
Work session summaries
Innovation
DLT e-Voting solution ndash A proof of concept with SWIFT and Slib
In this session SWIFT shared its vision on the role it can play related to DLT technology when the technology matures and strong use cases emerge SWIFT can become the market place for DLT-based services that are provided by third parties and deployed on the SWIFT network This can be achieved by leveraging existing infrastructure and services The eVoting proof of concept fits into this vision Slib acting as provider of a DLT-based service has developed an application for distributing shareholder meeting notifications and collecting votes from shareholders SWIFT has provided the DLT sandbox on which this application has been deployed
Evolution of SWIFTrsquos cloud platform
SWIFT AI ndash How to get structure out of your unstructured data
10 years ago SWIFT launched its first cloud platform lsquoAlliance Litersquo Since then the trend to outsource has scaled up significantly and SWIFT has continued to evolve its offering Today SWIFTrsquos cloud solutions (Alliance Lite2 Alliance Remote Gateway and Alliance Lifeline) are highly successful and serve more than 2300 customers In recent years constant change has become the new norm in the financial industry It is therefore important that our cloud solution provide our customers the agility they need to prepare for the future In that perspective SWIFT is developing a brand new cloud platform It is based on state-of-the-art technology offering 24x7 availability built-in resilience highest
This session presented a new SWIFT RampD solution based on artificial intellgence (AI) that can be used in order to get structure out of unstructured data
The goal of this AI research is to bring transparency to data by transforming legacy data into ISO 20022 format The solution can be used as a SWIFTNet API or as an onsite solution It is currently trained in SWIFT premises and is used in order to clean data such as the SWIFTRef data The conversion rate is currently of 95 but as it is a Machine Learning model it learns as it goes and the precision is improving every day
security and larger throughput Another key ingredient is the integration capability not only with the customerrsquos back-office application but also with SWIFTrsquos local archive solution lsquoAlliance Warehousersquo or SWIFT services such as gpi and transaction screening The platform will also have flexible message processing abilities and is being developed with a continuous attention to the user experience The go-live of this new cloud platform is planned for 2020 In addition to an overview of the main values customers can expect from this new cloud solution the session also offered a sneak preview of the graphical user interface More to come in the course of 2019
1212
SWIFTrsquos API strategy SWIFT gpi ndash the new norm in cross-border payments
This session built on the White Paper ldquoAPIs Delivering a global platform for the financial services API economyrdquo (httpswwwswiftcomresourceswift-api) that SWIFT published just before SIBOS 2018 It positioned SWIFTrsquos overall strategy on APIs building on its year-long experience in standardisation leveraging its security and reliability paradigm to the API world Finally both the standardisation and the platform aspects were brought to life by walking through a number of use-cases (including PSD2) There was a lot of interest shown during and after the session by attendees who are already closely involved in API implementations as well as those who will be in the near future
This year at SOFE the SWIFT gpi sessions were scheduled every day and welcomed 100+ delegates and vendors over the three days The sessions covered the features of the existing services (gCCT gCOV and gSRP) the eco-system and future roadmap Throughout SOFE a large screen projected the rapid take-up of gpi more than 105 gpi banks are now live on gpi representing 410+ BICs and covering 140 currencies Gpi sent traffic has grown to over 12 million cross-border payments daily with more than 50 gpi to gpi As a result gpi messages flow across 800+ country corridors representing a value superior to $100 bn daily
Work session summaries
Cyber security and the Customer Security Programme
Cyber intelligence sharing
Cyber resilience
The SWIFT ISAC shares information that customers can use to better protect their environment
After having explained how the SWIFT Customer Security Intelligence team usually performs its forensic investigations we reinforced the necessity for customers to regularly consume the Indicators of Compromise (IOCs) published on the portal
Additional focus was put on automated sharing of IOCs via STIXTAXII which was made available since February 2018 Participants left with a clear understanding of different ways in which SWIFT shares cyber intelligence with the SWIFT Community and of importance of acting on IOCs published on SWIFT ISAC
The voting app and interactions with the audience captured some feedback confirming the growing interest in cyber intelligence exchange within the SWIFT Community
The session on cyber resiliency first set the scene by presenting the evolving cyber threat landscape Cyber-attacks are becoming more frequent and sophisticated The industry is trying to keep pace by implementing security frameworks and moving from a position of control to one of resilience The session discussed the difference between cyber security and cyber resilience whilst for cyber security the focus is set on protecting and surviving a cyber-attack cyber resilience is composed of a broader range of measures taken to bounce back (recover) from a cyber-incident in a timely manner
During the second part of the session the multi-layered security approach taken by SWIFT was discussed and illustrated with resiliency functionalities available at different levels in the SWIFT application stack Finally the different steps in the recovery process after indication of a compromise were covered highlighting the common mistakes financial institutions make
1313
Improving the security of paymentsHow the Shared Infrastructure Programme (SIP) can increase the effectiveness of your risk management
This session explored the changing face of cyber-fraud and explained how financial institutions themselves are the new targets for the attackers This represents a significant challenge requiring institutions to protect themselves against these ever-present and changing cyber-fraud risks The attack vectors were characterised as well as why the cyber attackers want you to know nothing see nothing and do nothing
SWIFTrsquos recently launched Payment Controls service helps financial institutions reduce their fraud and reputational risks and build trust This zero-footprint in-network solution offers the ability to protect against the risk of fraudulent payments via real-time monitoring alerting and payment blocking It offers flexible configurable correspondent banking focused models designed in association with the community The capabilities and benefits were illustrated via an interactive hands-on demonstration using the live service showing examples of rule configuration activation and alert management This was followed by a detailed and lively QampA sessionwwwswiftcompaymentcontrols
The session covered the further evolution of the Shared Infrastructure Programme (SIP) in 2019 listed the tangible risk mitigating results of SIP since beginning of last year and provided an overview of the most common hurdles Service Bureaux are struggling with to reach full compliance with SIP 2018
Compliance with the SIP security and operational requirements is not only needed after a one-time assessment but throughout the year It was therefore explained how SWIFT captures the required security configuration data to enable the monitoring of such a continued compliance The session was attended by a very good representation of the service bureau community in EMEA by service bureau customers and their counterparties and by regulators The diverse audience was a unique opportunity to engage in a dialogue and to capture suggestions for increasing the effectiveness of the programme
Understanding your counterpartyrsquos CSP attestation level
Security Controls 2019
By now all SWIFT customers should be checking what the attestation level of their counterparties is and integrating this compliance data into their risk management processes One take away of the session was a need to adapt the cybersecurity risk governance model to support the assessment of counterparty cybersecurity attestation data eg Identify the appropriate representatives from across the organisation for lsquograntingrsquo lsquorequestingrsquo attestation data
The second take way is that KYC-SA attestation data should be viewed as an additional dimension within the institutionrsquos existing counterparty risk management framework Finally the participants confirmed the interest from the community to integrate the KYC-SA attestation data in their risk management system It is currently available by exporting data and in the future it will be done thanks to a new set of API We also spent some time in the session discussing considerations in granting and requesting access to attestation data
As the threat landscape evolves so must the CSP Details of the changes brought by the Customer Security Control Framework (CSCF) 2019 version were shared with the audience leading to very interactive exchanges We took the opportunity in this session to remind customers about(i) their obligation as per the CSP Policy to comply with the mandatory
controls of the CSCF v2017 by the 31 December 2018(ii) about the next upcoming milestones for 2019 and onwards and (iii) about the possibility to leverage the new reporting functionalities in the
KYC-SA application to integrate counterpartiesrsquo self-attestation results in their own risk management potentially along with the financial and legal due diligence aspects already covered in the KYC Registry application
On the risk management integration topic we strongly advised the audience to attend the session lsquoUnderstanding your counterpartyrsquos CSP attestation levelrsquo Finally we provided the attendees with a vade mecum of tactical actions to undertake to mitigate cyber risks This yearrsquos session was complemented by the opportunity for hands-on demos of the KYC-SA application at the SWIFT Lab
Work session summaries
1414
Alliance portfolio ndash Whatrsquos new whatrsquos next
In the session we took a look at the various key trends observed in the market ndash cloud UX data APIs ISO 20022 and cyber security ndash and presented to the audience the Alliance Portfolio plans to embrace those new trends The session started with a presentation of the new cloud platform that SWIFT is building The new cloud platform provides a fully managed interface and connectivity to SWIFT with improved availability resiliency and scalability It also comes with a completely new user experience with amongst others a very intuitive graphical user interface
The same team of user experience experts at SWIFT helped to design the Alliance Warehouse the brand new solution from SWIFT for long-term message archive with powerful search and investigation capabilities which was also presented during the session Finally we covered a brief introduction to APIs ISO 20022 and cyber security and looked at their impact on the Alliance portfolio
Work session summaries
Operational Excellence
Alliance interfaces roadmap 2019-2020
Alliance Messaging Hub ndash the future in financial messaging
This yearrsquos session was a traditional roadmap session that looked at what has been released over the last 6 months and what is coming up in the next 2 years
With the community having gone through the heavy CSPrelease 72SR2018 migration in 2018 everybody is now looking at what to plan next Release 72 support ends end January 2020 and by that time the community must have updated the fill stack of SWIFTNet and Alliance products to release 73 or release 74
Release 73 was made available in September 2018 and introduces amongst others new ways to implement multi-factor authentication Release 74 planned for mid-2019 will provide additional security and other features will support IBM MQ 91 and a slightly updated OS baseline Release 75 will focus on features for the ISO 20022 migration and ESMIG All along we will provide for AccessEntry the standard updates in the annual release as well as on the two preceding releases During and after the sessions customers took the opportunities to ask questions and exchange views with the product manager This was key information to ensure that the portfolio evolves in line with customer needs
In this session a high-level introduction was provided around Alliance Messaging Hub (AMH) SWIFTrsquos messaging hub that offers functionality beyond classic SWIFTNet interfacing AMH offers an orchestration layer on top of its SWIFTNet messaging capabilities allowing for flexible integration into banksrsquo systems and into other networks The 247365 capable architecture offers top class resilience and serves as a solid foundation for real-time processing
The product is able to process and orchestrate messages under high load and respecting low latency requirements AMH for Hong Kong Faster Payments is a real-life testimony to AMHrsquos processing capabilities
where it runs as a messaging hub for key banks in the region AMH version 40 will be launched in March 2019 and will offer an even richer set of security and gpi related functionality The application will be further shielded and installation and deployment will become more standardized to further reduce the banksrsquo TCO
Further strengthening its real-time offering AMH v40 will offer flows into RT1 and TIPS leveraging SWIFTrsquos Instant channel for the EBA and the Eurosystem In the multi-network space AMH v40 will provide flows for Fedwire Funds and TCH CHIPS
Beyond v40 and in the same way as financial institutions are evolving we are continuously innovating AMH The core will become more modular embracing the trends of containerised systems and we will introduce more integration options such as more standardized yet flexible API support With ISO 20022 migration and ISO 20022-powered APIs coming up we believe AMH will offer the complete package for a bank to face the upcoming challenges in the financial messaging eco-system
1515
Operational challenges Find out how we can help you manage them better
mySWIFT ndash Enhance your gateway to support the most of data analytics
SWIFT continues to invest in the support portfolio Over the past two years we have consulted customers to ensure that it remains healthy and future proof The findings led SWIFT to focus on customer experience as the central theme of the portfolio refresh
In the session the rebranded Professional Services organisation was shared It is now set up to take customers on the full solution journey from design to deployment to maintenance The deep-dive into the updated Advanced Support and Care offering gave further insights into the newly modularised and clarified support deliverables
The overall value proposition of SWIFT Community Support the backbone of support given to all customers and then the Premium and Care options was underlined Customers will now better understand and choose the appropriate pro-active reactive preventive andor hands-on support option with Premium Plus being perhaps the most attractive option as the dedicated service manager especially adds significant value
The sessions were very well attended and although it requires no specific action from customers it is an important evolution to keep track of
Last year at SOFE SWIFT ran exploratory sessions on Support Tools This year we were pleased to show the result of this consultation with newly- and to be released applications on mySWIFTndash New ldquoKnowledge Centrerdquo (since Q4 2018) ndash an easy-to-use and
customisable portal covering all documentation resources (User Handbook Knowledge Base tips how-to videos SWIFTSmart)
ndash New ldquoNotification Centrerdquo (since Q4 2018) ndash a trusted notification tool for SWIFT Operational messages
ndash Coming ldquomyStatusrdquo (H1 2019) ndash a real-time snapshot providing the status of your connectivity components - VPNs SNLs LTs per location and per environment
During the second part of the session we shared our insights about data analytics and predictive capabilities performed on operational data showing how it could allow operators to focus on the most relevant issues while discarding the noise This interactive session ended by a digi-voting exercise where participants were asked through 4 use cases to provide their appetite on ldquohow pattern deviation algorithms could be useful to the communityrdquo We look forward to seeing you next year for more insights and results on the subject
Using Alliance Managed Operations to your strategic advantage
Market trends show a growing appetite for IT teams to (re-)focus on their core business Employees are becoming overburdened with staying on top of regulatory compliance and security challenges and at the same time remaining mindful of resourcing needs to manage the highly critical and sometimes complex SWIFT infrastructures
In this session we outlined and demonstrated how these aspects can be addressed through SWIFTrsquos managed service offering This service brings relevant expertise discipline and rigour into any organisation by becoming a natural extension of the existing team A highlight of the session was the near real-time monitoring feature With this service SWIFT monitors Alliance Gateway and Alliance Access events and VPN lines which can trigger corrective actions with minimal delay
The session clearly resonated with all participants and we look forward to meeting your future managed service needs
Work session summaries
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
66
Addressing the cyber threat
The afternoon plenary on day two was a panel discussion on cyber security for which Woodruff was joined by Petra Hielkema director of payments and market infrastructure at the Dutch Central Bank and Karel De Kneef SWIFTrsquos global head of security operations The discussion was moderated by Saskia Devolder head of Western and Central Europe at SWIFT
Woodruff expanded on his earlier point about disgruntled employees as a potential weak link To identify someone like this he said they will often disassociate themselves from the organisation they work for They may also enjoy taking company property home for example Woodruff noted that certain patterns of behaviour can be identified and that this is a field where AI can be particularly helpful
Hielkema made the point that institutions need to test what hackers do when they get into their systems and that the focus cannot simply be on keeping them out She added that there are two types of companies those who know they have been hacked and those that donrsquot
One way to prevent getting hacked is to ensure you are on the latest software version so make sure to patch De Kneef commented Patching is very important as it is a good foundation As he put it donrsquot invest in fancy technology if you keep the back door open
Hackers will sit and watch you not just in your system but physically in person and they are prepared to wait Woodruff said that organisations need to be aware of this The incursion doesnrsquot have to
happen in the finance department De Kneef noted it could happen anywhere from HR to marketing
Having spent many years looking into the security that organisations have on their data Woodruff said that lsquoBig Pharmarsquo is more secure than any other industry he has seen He added that financial institutions are generally more secure than corporates who may lack the budget for robust cyber security De Kneef noted that over the past three years the response in financial services to cyber threats has been tremendous from the regulatory side to the institutions themselves
Answering a question from the audience about how robust cloud security is Woodruff recommended that institutions adopt a multi-cloud approach if they havenrsquot already Essentially
this breaks up information that is valuable into several different pieces on different clouds Individually the information is useless and therefore unusable by a hacker He used the example of dividing up credit card details ndash every four numbers from the main number the expiry date the CVV number etc ndash into different cloud storage
Communication is a vital element in addressing any type of hack both internally and externally the panel agreed Woodruff said that the reporting of a system compromise comes down to people Some will be scared to report when they accidentally click a compromised link on their computer in case they are disciplined by management Organisations need to foster a culture where staff members are encouraged to report the slightest of suspicions they may have
Additionally companies and institutions themselves need to communicate to the market when they identify a hack on their systems Hielkema said that organisations should have a communications strategy in place before anything like this happens so that they can react quickly ndash she noted that unofficial accounts can drop on social media really quickly so it is vital that companies can get out ahead of this
Plenaries
77
Dr Markos Zachariadis ndash who is associate professor of Information Systems Management and Innovation at Warwick Business School University of Warwick and also a fintech research fellow at CDI University of Cambridge ndash gave a keynote presentation on the future of banking with particular reference to open APIs and the digital economy
Starting by looking at what drives change in financial services Dr Zachariadis identified regulation demand technology and organisational and market structure as four key drivers that both impact and are impacted by each other
Today there is a regulatory context in open banking ndash from the second
Payment Services Directive (PSD2) and Open Banking in the UK The whole idea is to open up access to data in order to improve market outcomes At the same time technology has developed at an extremely rapid pace particularly when it comes to APIs Dr Zachariadis said that banks need to not only think of APIs as technology but also to conceptualise them as a product that can be priced managed and promoted
He noted how APIs have led to a rapid growth in platforms citing Applersquos iPhone with its iOS and apps as a key example Apple was quick to push APIs to the public and the iPhonersquos foundation as a platform made the difference
Day III Shape the future
Industry platformification
The platform concept has opened up and is now seen in many industries said Dr Zachariadis using Uber Airbnb Facebook and Instagram as prime examples Most people are now familiar with the quote about Uber being the largest taxi company but not owning any cars Airbnb as the largest hotel chain without owning any property and so on What all of these businesses have in common is that they connect people ndash service providers and service buyers
What platforms do differently is that they sell reductions in transaction costs not products It is a business model that creates value by enabling interactions between external producers and consumers Platforms can also scale more efficiently and quickly by eliminating the gatekeeper They can unlock new sources of value creation and supply
Dr Zachariadis then went on to talk about the network effect which is the value that is created when more and more people join
a network There is a positive effect when users join and enlarge a network The benefits increase for everyone ndash the more companies that join a platform the more value they can extract from the network
Plenaries
88
Context for financial services
How does the platformification disruption seen in other industries relate to banking Dr Zachariadis noted that APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clients The question is how to do that He pointed out that while banks need to sell lower transaction costs they still need to sell the trust and reassurance to the customer that the banking business relies on
Dr Zachariadis ran through four types of platforms in the financial services world that have emerged since PSD2 These arendash Incumbent bank platformsndash Challenger bank platforms
which do brokering much better according to Dr Zachariadis Examples of this include Starling Bank and Revolut
ndash API aggregator platforms which connect banks to fintechs
ndash Account aggregator platforms and services
Following his presentation Dr Zachariadis was joined on stage by Leo Punt head of EMEA Services and Support at SWIFT for a short QampA on some of the issues that had been raised Punt began by asking whether there is room for utilities in the financial services market of the future
Dr Zachariadis said there is but he is unsure for how many saying that there may be some consolidation for banks that go this route to undertake He made the point that utilities in this space are not platforms but that they can be very profitable
Touching on the key theme from day two at SOFE Punt then asked if the platformification development in financial services is being hampered by cyber threats Dr Zachariadis agreed that in a modulated environment this is an issue that may delay the launch of more open business models He did also note that there is an opportunity for banks
if they can be an early adopter and can demonstrate a stable platform they can get a huge first mover win The sooner banks can cut transaction costs the sooner they can earn more customers
Dr Zachariadis closed by offering two key takeaways to the SOFE delegates1 Think about what you could
offer to customers that isnrsquot in your value proposition right now Look at things built outside that you can offer to customers
2 Everything starts from sharing data The biggest value of being a platform is access to more data than ever How can you use this to bring more value to yourself as well as to your customers
Plenaries
APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clientsrdquo
When SOFE 2019 begins in 12 monthsrsquo time it will be fascinating to see how far financial services has come in the digital transformation journeyrdquo
99
Work session summaries
Business amp ComplianceFinancial crime compliance in the real-time world
This work session considered the challenges faced by institutions in meeting their financial crime compliance obligations in an increasingly fast-paced world and how SWIFTrsquos Financial Crime Compliance (FCC) portfolio can help institutions respond ndash today and in the future The session discussed the challenges associated with the rate of regulatory change how gpi is increasing the speed and volume of correspondent payments the dynamic rate of change of lists and screening requirements for sanctions compliance and the increasing fraud risks faced by institutions with the adoption of real-time payments SWIFTrsquos FCC solutions allow customers to manage the complete compliance life-cycle with solutions forbull Know Your Customer
The KYC Registry provides a secure shared platform for financial institutions to exchange standardised know your customer information
bull Anti-Money Laundering The Compliance Analytics portfolio pinpoints compliance risks and gives a new way to monitor your correspondents to identify activities indicative of money laundering
bull Sanctions Compliance Provides fully-managed securely-hosted screening of your customers and transactions against the latest sanctions and PEP lists with instant alerts of any matches Provides up-to-date sanctions lists and capabilities to test your own filters
bull Fraud Prevention Payment Controls helps you manage your payment policy and identify unusual or uncharacteristic payment risk that may be indicative of fraud and provides an independent snapshot of your SWIFT transaction activity
The session considered how these solutions can help institutions be more operationally agile in terms of deployment and response to changing regulation through the use of hosted utility based solutions why understanding of counterparts and their behaviour improves trust and helps streamline STP how quality and effectiveness of systems and data is key to process payments quickly and efficiently and how institutions can best defend themselves from new patterns of cyber-fraudwwwswiftcomcompliance
How SWIFT Business Intelligence solutions support your gpi journey
During this yearrsquos Business Intelligence sessions at SOFE the team delivered in depth presentations on SWIFTrsquos Business Intelligence (BI) for gpi solutions which consist of the Watch and gpi Observer portfolios combined with BI services These solutions are specifically designed to support customerrsquos gpi business cases prioritisation strategies and help identify business development opportunities They demonstrated how these BI solutions provide tangible and unique insights that bring value and a competitive advantage to customers as well as to their customers The recently launched gpi Observer
Analytics solution was central to the discussion and as the team explained these cutting-edge insights provide all the payments routing intelligence and data for gpi members to see where to optimise or adapt their existing payment routings leading to lower costs and faster payments The sessions also highlighted how financial institutions that deploy the new solution are gaining speed benchmarking capabilities and are able to now act upon fact-based information to steer their cross-border payments strategy through improved operational and market analysis
1010
ISO 20022 for managers ndash the time is now
ISO 20022 for beginners ndash what you really need to know
As announced in September in 2021 SWIFT will begin migrating all cross-border and many-to-many payments onto ISO 20022 This decision comes after large scale community consultation that took in feedback from a wide variety of stakeholders We want to ensure the entire SWIFT community is well informed and prepared for the migration The session provided information about the approach we are taking and what it means for you
We have aligned the start date of our migration in 2021 with the adoption of ISO 20022 of the Eurozonersquos high value payments systems The migration will cover MT categories 1 2 and 9 and will impact correspondent banks as well as other users of these messages including securities players A four-year co-existence
The workshop focused on the following key aspectsbull What is ISO 20022 and how it
constitutes a single approach for financial standardisation initiatives
bull SWIFTrsquos involvement and unparalleled expertise in ISO 20022 adoption
bull Status on ISO 20022 implementations around the globe and how ISO 20022 has become the dominant language of financial transactions
bull The importance of Market Practice and zoom on HVPS+ (High-Value Payment System+) the ISO 20022 global market practice for Payment Market Infrastructures
bull A new challenge ISO 20022 migration for cross-border payments as a result of the September 2018 Board decision
phase will allow all members of the SWIFT community to make the switch
SWIFT will work closely with the community to formulate and refine market practice guidelines In tandem with the Payments Market Practice Group (PMPG) we have created the Cross-Border Payments and Reporting Plus (CBPR+) working group to develop global usage guidelines We will invite our community to review and give feedback on these guidelines as they mature
We will also provide a central translation service to ensure successful community migration and to facilitate the co-existence phase This service will also implement the rules formulated by CBPR+ and all users will be automatically enrolled
As result of the session participants gained a broader appreciation of the industryrsquos journey towards ISO 20022 adoption how global groups like HVPS+ are working together to create global industry standards and common principals
Work session summaries
Optimise your back-office functions with SWIFTRef the must-have global reference data utility
In this session we explained the new files including Standing Settlement Instructions (SSI) National ID History and National ID Format Account Number Format and the gpi directory We also presented the recent Entity Plus product and a revamp of our Bankers World Online tool (live on 15 December) and gave you some insight into our planned future developments of APIs
Finally we discussed the impact of the BIC migration to the new version of the ISO 9362 standard on SWIFTRef From March 2019 it will no longer be possible to derive the connectivity of an organisation from the 8th character in the BIC nor the time-zone from the 7th character This information is now reflected in dedicated data elements in the SWIFTRef portfolio As a consequence all
current BIC Directory customers need to migrate to the BIC Plus or BIC Directory 2018
More information on the SWIFTRef portfolio can be found at wwwswiftcomswiftref
1111
Work session summaries
Innovation
DLT e-Voting solution ndash A proof of concept with SWIFT and Slib
In this session SWIFT shared its vision on the role it can play related to DLT technology when the technology matures and strong use cases emerge SWIFT can become the market place for DLT-based services that are provided by third parties and deployed on the SWIFT network This can be achieved by leveraging existing infrastructure and services The eVoting proof of concept fits into this vision Slib acting as provider of a DLT-based service has developed an application for distributing shareholder meeting notifications and collecting votes from shareholders SWIFT has provided the DLT sandbox on which this application has been deployed
Evolution of SWIFTrsquos cloud platform
SWIFT AI ndash How to get structure out of your unstructured data
10 years ago SWIFT launched its first cloud platform lsquoAlliance Litersquo Since then the trend to outsource has scaled up significantly and SWIFT has continued to evolve its offering Today SWIFTrsquos cloud solutions (Alliance Lite2 Alliance Remote Gateway and Alliance Lifeline) are highly successful and serve more than 2300 customers In recent years constant change has become the new norm in the financial industry It is therefore important that our cloud solution provide our customers the agility they need to prepare for the future In that perspective SWIFT is developing a brand new cloud platform It is based on state-of-the-art technology offering 24x7 availability built-in resilience highest
This session presented a new SWIFT RampD solution based on artificial intellgence (AI) that can be used in order to get structure out of unstructured data
The goal of this AI research is to bring transparency to data by transforming legacy data into ISO 20022 format The solution can be used as a SWIFTNet API or as an onsite solution It is currently trained in SWIFT premises and is used in order to clean data such as the SWIFTRef data The conversion rate is currently of 95 but as it is a Machine Learning model it learns as it goes and the precision is improving every day
security and larger throughput Another key ingredient is the integration capability not only with the customerrsquos back-office application but also with SWIFTrsquos local archive solution lsquoAlliance Warehousersquo or SWIFT services such as gpi and transaction screening The platform will also have flexible message processing abilities and is being developed with a continuous attention to the user experience The go-live of this new cloud platform is planned for 2020 In addition to an overview of the main values customers can expect from this new cloud solution the session also offered a sneak preview of the graphical user interface More to come in the course of 2019
1212
SWIFTrsquos API strategy SWIFT gpi ndash the new norm in cross-border payments
This session built on the White Paper ldquoAPIs Delivering a global platform for the financial services API economyrdquo (httpswwwswiftcomresourceswift-api) that SWIFT published just before SIBOS 2018 It positioned SWIFTrsquos overall strategy on APIs building on its year-long experience in standardisation leveraging its security and reliability paradigm to the API world Finally both the standardisation and the platform aspects were brought to life by walking through a number of use-cases (including PSD2) There was a lot of interest shown during and after the session by attendees who are already closely involved in API implementations as well as those who will be in the near future
This year at SOFE the SWIFT gpi sessions were scheduled every day and welcomed 100+ delegates and vendors over the three days The sessions covered the features of the existing services (gCCT gCOV and gSRP) the eco-system and future roadmap Throughout SOFE a large screen projected the rapid take-up of gpi more than 105 gpi banks are now live on gpi representing 410+ BICs and covering 140 currencies Gpi sent traffic has grown to over 12 million cross-border payments daily with more than 50 gpi to gpi As a result gpi messages flow across 800+ country corridors representing a value superior to $100 bn daily
Work session summaries
Cyber security and the Customer Security Programme
Cyber intelligence sharing
Cyber resilience
The SWIFT ISAC shares information that customers can use to better protect their environment
After having explained how the SWIFT Customer Security Intelligence team usually performs its forensic investigations we reinforced the necessity for customers to regularly consume the Indicators of Compromise (IOCs) published on the portal
Additional focus was put on automated sharing of IOCs via STIXTAXII which was made available since February 2018 Participants left with a clear understanding of different ways in which SWIFT shares cyber intelligence with the SWIFT Community and of importance of acting on IOCs published on SWIFT ISAC
The voting app and interactions with the audience captured some feedback confirming the growing interest in cyber intelligence exchange within the SWIFT Community
The session on cyber resiliency first set the scene by presenting the evolving cyber threat landscape Cyber-attacks are becoming more frequent and sophisticated The industry is trying to keep pace by implementing security frameworks and moving from a position of control to one of resilience The session discussed the difference between cyber security and cyber resilience whilst for cyber security the focus is set on protecting and surviving a cyber-attack cyber resilience is composed of a broader range of measures taken to bounce back (recover) from a cyber-incident in a timely manner
During the second part of the session the multi-layered security approach taken by SWIFT was discussed and illustrated with resiliency functionalities available at different levels in the SWIFT application stack Finally the different steps in the recovery process after indication of a compromise were covered highlighting the common mistakes financial institutions make
1313
Improving the security of paymentsHow the Shared Infrastructure Programme (SIP) can increase the effectiveness of your risk management
This session explored the changing face of cyber-fraud and explained how financial institutions themselves are the new targets for the attackers This represents a significant challenge requiring institutions to protect themselves against these ever-present and changing cyber-fraud risks The attack vectors were characterised as well as why the cyber attackers want you to know nothing see nothing and do nothing
SWIFTrsquos recently launched Payment Controls service helps financial institutions reduce their fraud and reputational risks and build trust This zero-footprint in-network solution offers the ability to protect against the risk of fraudulent payments via real-time monitoring alerting and payment blocking It offers flexible configurable correspondent banking focused models designed in association with the community The capabilities and benefits were illustrated via an interactive hands-on demonstration using the live service showing examples of rule configuration activation and alert management This was followed by a detailed and lively QampA sessionwwwswiftcompaymentcontrols
The session covered the further evolution of the Shared Infrastructure Programme (SIP) in 2019 listed the tangible risk mitigating results of SIP since beginning of last year and provided an overview of the most common hurdles Service Bureaux are struggling with to reach full compliance with SIP 2018
Compliance with the SIP security and operational requirements is not only needed after a one-time assessment but throughout the year It was therefore explained how SWIFT captures the required security configuration data to enable the monitoring of such a continued compliance The session was attended by a very good representation of the service bureau community in EMEA by service bureau customers and their counterparties and by regulators The diverse audience was a unique opportunity to engage in a dialogue and to capture suggestions for increasing the effectiveness of the programme
Understanding your counterpartyrsquos CSP attestation level
Security Controls 2019
By now all SWIFT customers should be checking what the attestation level of their counterparties is and integrating this compliance data into their risk management processes One take away of the session was a need to adapt the cybersecurity risk governance model to support the assessment of counterparty cybersecurity attestation data eg Identify the appropriate representatives from across the organisation for lsquograntingrsquo lsquorequestingrsquo attestation data
The second take way is that KYC-SA attestation data should be viewed as an additional dimension within the institutionrsquos existing counterparty risk management framework Finally the participants confirmed the interest from the community to integrate the KYC-SA attestation data in their risk management system It is currently available by exporting data and in the future it will be done thanks to a new set of API We also spent some time in the session discussing considerations in granting and requesting access to attestation data
As the threat landscape evolves so must the CSP Details of the changes brought by the Customer Security Control Framework (CSCF) 2019 version were shared with the audience leading to very interactive exchanges We took the opportunity in this session to remind customers about(i) their obligation as per the CSP Policy to comply with the mandatory
controls of the CSCF v2017 by the 31 December 2018(ii) about the next upcoming milestones for 2019 and onwards and (iii) about the possibility to leverage the new reporting functionalities in the
KYC-SA application to integrate counterpartiesrsquo self-attestation results in their own risk management potentially along with the financial and legal due diligence aspects already covered in the KYC Registry application
On the risk management integration topic we strongly advised the audience to attend the session lsquoUnderstanding your counterpartyrsquos CSP attestation levelrsquo Finally we provided the attendees with a vade mecum of tactical actions to undertake to mitigate cyber risks This yearrsquos session was complemented by the opportunity for hands-on demos of the KYC-SA application at the SWIFT Lab
Work session summaries
1414
Alliance portfolio ndash Whatrsquos new whatrsquos next
In the session we took a look at the various key trends observed in the market ndash cloud UX data APIs ISO 20022 and cyber security ndash and presented to the audience the Alliance Portfolio plans to embrace those new trends The session started with a presentation of the new cloud platform that SWIFT is building The new cloud platform provides a fully managed interface and connectivity to SWIFT with improved availability resiliency and scalability It also comes with a completely new user experience with amongst others a very intuitive graphical user interface
The same team of user experience experts at SWIFT helped to design the Alliance Warehouse the brand new solution from SWIFT for long-term message archive with powerful search and investigation capabilities which was also presented during the session Finally we covered a brief introduction to APIs ISO 20022 and cyber security and looked at their impact on the Alliance portfolio
Work session summaries
Operational Excellence
Alliance interfaces roadmap 2019-2020
Alliance Messaging Hub ndash the future in financial messaging
This yearrsquos session was a traditional roadmap session that looked at what has been released over the last 6 months and what is coming up in the next 2 years
With the community having gone through the heavy CSPrelease 72SR2018 migration in 2018 everybody is now looking at what to plan next Release 72 support ends end January 2020 and by that time the community must have updated the fill stack of SWIFTNet and Alliance products to release 73 or release 74
Release 73 was made available in September 2018 and introduces amongst others new ways to implement multi-factor authentication Release 74 planned for mid-2019 will provide additional security and other features will support IBM MQ 91 and a slightly updated OS baseline Release 75 will focus on features for the ISO 20022 migration and ESMIG All along we will provide for AccessEntry the standard updates in the annual release as well as on the two preceding releases During and after the sessions customers took the opportunities to ask questions and exchange views with the product manager This was key information to ensure that the portfolio evolves in line with customer needs
In this session a high-level introduction was provided around Alliance Messaging Hub (AMH) SWIFTrsquos messaging hub that offers functionality beyond classic SWIFTNet interfacing AMH offers an orchestration layer on top of its SWIFTNet messaging capabilities allowing for flexible integration into banksrsquo systems and into other networks The 247365 capable architecture offers top class resilience and serves as a solid foundation for real-time processing
The product is able to process and orchestrate messages under high load and respecting low latency requirements AMH for Hong Kong Faster Payments is a real-life testimony to AMHrsquos processing capabilities
where it runs as a messaging hub for key banks in the region AMH version 40 will be launched in March 2019 and will offer an even richer set of security and gpi related functionality The application will be further shielded and installation and deployment will become more standardized to further reduce the banksrsquo TCO
Further strengthening its real-time offering AMH v40 will offer flows into RT1 and TIPS leveraging SWIFTrsquos Instant channel for the EBA and the Eurosystem In the multi-network space AMH v40 will provide flows for Fedwire Funds and TCH CHIPS
Beyond v40 and in the same way as financial institutions are evolving we are continuously innovating AMH The core will become more modular embracing the trends of containerised systems and we will introduce more integration options such as more standardized yet flexible API support With ISO 20022 migration and ISO 20022-powered APIs coming up we believe AMH will offer the complete package for a bank to face the upcoming challenges in the financial messaging eco-system
1515
Operational challenges Find out how we can help you manage them better
mySWIFT ndash Enhance your gateway to support the most of data analytics
SWIFT continues to invest in the support portfolio Over the past two years we have consulted customers to ensure that it remains healthy and future proof The findings led SWIFT to focus on customer experience as the central theme of the portfolio refresh
In the session the rebranded Professional Services organisation was shared It is now set up to take customers on the full solution journey from design to deployment to maintenance The deep-dive into the updated Advanced Support and Care offering gave further insights into the newly modularised and clarified support deliverables
The overall value proposition of SWIFT Community Support the backbone of support given to all customers and then the Premium and Care options was underlined Customers will now better understand and choose the appropriate pro-active reactive preventive andor hands-on support option with Premium Plus being perhaps the most attractive option as the dedicated service manager especially adds significant value
The sessions were very well attended and although it requires no specific action from customers it is an important evolution to keep track of
Last year at SOFE SWIFT ran exploratory sessions on Support Tools This year we were pleased to show the result of this consultation with newly- and to be released applications on mySWIFTndash New ldquoKnowledge Centrerdquo (since Q4 2018) ndash an easy-to-use and
customisable portal covering all documentation resources (User Handbook Knowledge Base tips how-to videos SWIFTSmart)
ndash New ldquoNotification Centrerdquo (since Q4 2018) ndash a trusted notification tool for SWIFT Operational messages
ndash Coming ldquomyStatusrdquo (H1 2019) ndash a real-time snapshot providing the status of your connectivity components - VPNs SNLs LTs per location and per environment
During the second part of the session we shared our insights about data analytics and predictive capabilities performed on operational data showing how it could allow operators to focus on the most relevant issues while discarding the noise This interactive session ended by a digi-voting exercise where participants were asked through 4 use cases to provide their appetite on ldquohow pattern deviation algorithms could be useful to the communityrdquo We look forward to seeing you next year for more insights and results on the subject
Using Alliance Managed Operations to your strategic advantage
Market trends show a growing appetite for IT teams to (re-)focus on their core business Employees are becoming overburdened with staying on top of regulatory compliance and security challenges and at the same time remaining mindful of resourcing needs to manage the highly critical and sometimes complex SWIFT infrastructures
In this session we outlined and demonstrated how these aspects can be addressed through SWIFTrsquos managed service offering This service brings relevant expertise discipline and rigour into any organisation by becoming a natural extension of the existing team A highlight of the session was the near real-time monitoring feature With this service SWIFT monitors Alliance Gateway and Alliance Access events and VPN lines which can trigger corrective actions with minimal delay
The session clearly resonated with all participants and we look forward to meeting your future managed service needs
Work session summaries
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
77
Dr Markos Zachariadis ndash who is associate professor of Information Systems Management and Innovation at Warwick Business School University of Warwick and also a fintech research fellow at CDI University of Cambridge ndash gave a keynote presentation on the future of banking with particular reference to open APIs and the digital economy
Starting by looking at what drives change in financial services Dr Zachariadis identified regulation demand technology and organisational and market structure as four key drivers that both impact and are impacted by each other
Today there is a regulatory context in open banking ndash from the second
Payment Services Directive (PSD2) and Open Banking in the UK The whole idea is to open up access to data in order to improve market outcomes At the same time technology has developed at an extremely rapid pace particularly when it comes to APIs Dr Zachariadis said that banks need to not only think of APIs as technology but also to conceptualise them as a product that can be priced managed and promoted
He noted how APIs have led to a rapid growth in platforms citing Applersquos iPhone with its iOS and apps as a key example Apple was quick to push APIs to the public and the iPhonersquos foundation as a platform made the difference
Day III Shape the future
Industry platformification
The platform concept has opened up and is now seen in many industries said Dr Zachariadis using Uber Airbnb Facebook and Instagram as prime examples Most people are now familiar with the quote about Uber being the largest taxi company but not owning any cars Airbnb as the largest hotel chain without owning any property and so on What all of these businesses have in common is that they connect people ndash service providers and service buyers
What platforms do differently is that they sell reductions in transaction costs not products It is a business model that creates value by enabling interactions between external producers and consumers Platforms can also scale more efficiently and quickly by eliminating the gatekeeper They can unlock new sources of value creation and supply
Dr Zachariadis then went on to talk about the network effect which is the value that is created when more and more people join
a network There is a positive effect when users join and enlarge a network The benefits increase for everyone ndash the more companies that join a platform the more value they can extract from the network
Plenaries
88
Context for financial services
How does the platformification disruption seen in other industries relate to banking Dr Zachariadis noted that APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clients The question is how to do that He pointed out that while banks need to sell lower transaction costs they still need to sell the trust and reassurance to the customer that the banking business relies on
Dr Zachariadis ran through four types of platforms in the financial services world that have emerged since PSD2 These arendash Incumbent bank platformsndash Challenger bank platforms
which do brokering much better according to Dr Zachariadis Examples of this include Starling Bank and Revolut
ndash API aggregator platforms which connect banks to fintechs
ndash Account aggregator platforms and services
Following his presentation Dr Zachariadis was joined on stage by Leo Punt head of EMEA Services and Support at SWIFT for a short QampA on some of the issues that had been raised Punt began by asking whether there is room for utilities in the financial services market of the future
Dr Zachariadis said there is but he is unsure for how many saying that there may be some consolidation for banks that go this route to undertake He made the point that utilities in this space are not platforms but that they can be very profitable
Touching on the key theme from day two at SOFE Punt then asked if the platformification development in financial services is being hampered by cyber threats Dr Zachariadis agreed that in a modulated environment this is an issue that may delay the launch of more open business models He did also note that there is an opportunity for banks
if they can be an early adopter and can demonstrate a stable platform they can get a huge first mover win The sooner banks can cut transaction costs the sooner they can earn more customers
Dr Zachariadis closed by offering two key takeaways to the SOFE delegates1 Think about what you could
offer to customers that isnrsquot in your value proposition right now Look at things built outside that you can offer to customers
2 Everything starts from sharing data The biggest value of being a platform is access to more data than ever How can you use this to bring more value to yourself as well as to your customers
Plenaries
APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clientsrdquo
When SOFE 2019 begins in 12 monthsrsquo time it will be fascinating to see how far financial services has come in the digital transformation journeyrdquo
99
Work session summaries
Business amp ComplianceFinancial crime compliance in the real-time world
This work session considered the challenges faced by institutions in meeting their financial crime compliance obligations in an increasingly fast-paced world and how SWIFTrsquos Financial Crime Compliance (FCC) portfolio can help institutions respond ndash today and in the future The session discussed the challenges associated with the rate of regulatory change how gpi is increasing the speed and volume of correspondent payments the dynamic rate of change of lists and screening requirements for sanctions compliance and the increasing fraud risks faced by institutions with the adoption of real-time payments SWIFTrsquos FCC solutions allow customers to manage the complete compliance life-cycle with solutions forbull Know Your Customer
The KYC Registry provides a secure shared platform for financial institutions to exchange standardised know your customer information
bull Anti-Money Laundering The Compliance Analytics portfolio pinpoints compliance risks and gives a new way to monitor your correspondents to identify activities indicative of money laundering
bull Sanctions Compliance Provides fully-managed securely-hosted screening of your customers and transactions against the latest sanctions and PEP lists with instant alerts of any matches Provides up-to-date sanctions lists and capabilities to test your own filters
bull Fraud Prevention Payment Controls helps you manage your payment policy and identify unusual or uncharacteristic payment risk that may be indicative of fraud and provides an independent snapshot of your SWIFT transaction activity
The session considered how these solutions can help institutions be more operationally agile in terms of deployment and response to changing regulation through the use of hosted utility based solutions why understanding of counterparts and their behaviour improves trust and helps streamline STP how quality and effectiveness of systems and data is key to process payments quickly and efficiently and how institutions can best defend themselves from new patterns of cyber-fraudwwwswiftcomcompliance
How SWIFT Business Intelligence solutions support your gpi journey
During this yearrsquos Business Intelligence sessions at SOFE the team delivered in depth presentations on SWIFTrsquos Business Intelligence (BI) for gpi solutions which consist of the Watch and gpi Observer portfolios combined with BI services These solutions are specifically designed to support customerrsquos gpi business cases prioritisation strategies and help identify business development opportunities They demonstrated how these BI solutions provide tangible and unique insights that bring value and a competitive advantage to customers as well as to their customers The recently launched gpi Observer
Analytics solution was central to the discussion and as the team explained these cutting-edge insights provide all the payments routing intelligence and data for gpi members to see where to optimise or adapt their existing payment routings leading to lower costs and faster payments The sessions also highlighted how financial institutions that deploy the new solution are gaining speed benchmarking capabilities and are able to now act upon fact-based information to steer their cross-border payments strategy through improved operational and market analysis
1010
ISO 20022 for managers ndash the time is now
ISO 20022 for beginners ndash what you really need to know
As announced in September in 2021 SWIFT will begin migrating all cross-border and many-to-many payments onto ISO 20022 This decision comes after large scale community consultation that took in feedback from a wide variety of stakeholders We want to ensure the entire SWIFT community is well informed and prepared for the migration The session provided information about the approach we are taking and what it means for you
We have aligned the start date of our migration in 2021 with the adoption of ISO 20022 of the Eurozonersquos high value payments systems The migration will cover MT categories 1 2 and 9 and will impact correspondent banks as well as other users of these messages including securities players A four-year co-existence
The workshop focused on the following key aspectsbull What is ISO 20022 and how it
constitutes a single approach for financial standardisation initiatives
bull SWIFTrsquos involvement and unparalleled expertise in ISO 20022 adoption
bull Status on ISO 20022 implementations around the globe and how ISO 20022 has become the dominant language of financial transactions
bull The importance of Market Practice and zoom on HVPS+ (High-Value Payment System+) the ISO 20022 global market practice for Payment Market Infrastructures
bull A new challenge ISO 20022 migration for cross-border payments as a result of the September 2018 Board decision
phase will allow all members of the SWIFT community to make the switch
SWIFT will work closely with the community to formulate and refine market practice guidelines In tandem with the Payments Market Practice Group (PMPG) we have created the Cross-Border Payments and Reporting Plus (CBPR+) working group to develop global usage guidelines We will invite our community to review and give feedback on these guidelines as they mature
We will also provide a central translation service to ensure successful community migration and to facilitate the co-existence phase This service will also implement the rules formulated by CBPR+ and all users will be automatically enrolled
As result of the session participants gained a broader appreciation of the industryrsquos journey towards ISO 20022 adoption how global groups like HVPS+ are working together to create global industry standards and common principals
Work session summaries
Optimise your back-office functions with SWIFTRef the must-have global reference data utility
In this session we explained the new files including Standing Settlement Instructions (SSI) National ID History and National ID Format Account Number Format and the gpi directory We also presented the recent Entity Plus product and a revamp of our Bankers World Online tool (live on 15 December) and gave you some insight into our planned future developments of APIs
Finally we discussed the impact of the BIC migration to the new version of the ISO 9362 standard on SWIFTRef From March 2019 it will no longer be possible to derive the connectivity of an organisation from the 8th character in the BIC nor the time-zone from the 7th character This information is now reflected in dedicated data elements in the SWIFTRef portfolio As a consequence all
current BIC Directory customers need to migrate to the BIC Plus or BIC Directory 2018
More information on the SWIFTRef portfolio can be found at wwwswiftcomswiftref
1111
Work session summaries
Innovation
DLT e-Voting solution ndash A proof of concept with SWIFT and Slib
In this session SWIFT shared its vision on the role it can play related to DLT technology when the technology matures and strong use cases emerge SWIFT can become the market place for DLT-based services that are provided by third parties and deployed on the SWIFT network This can be achieved by leveraging existing infrastructure and services The eVoting proof of concept fits into this vision Slib acting as provider of a DLT-based service has developed an application for distributing shareholder meeting notifications and collecting votes from shareholders SWIFT has provided the DLT sandbox on which this application has been deployed
Evolution of SWIFTrsquos cloud platform
SWIFT AI ndash How to get structure out of your unstructured data
10 years ago SWIFT launched its first cloud platform lsquoAlliance Litersquo Since then the trend to outsource has scaled up significantly and SWIFT has continued to evolve its offering Today SWIFTrsquos cloud solutions (Alliance Lite2 Alliance Remote Gateway and Alliance Lifeline) are highly successful and serve more than 2300 customers In recent years constant change has become the new norm in the financial industry It is therefore important that our cloud solution provide our customers the agility they need to prepare for the future In that perspective SWIFT is developing a brand new cloud platform It is based on state-of-the-art technology offering 24x7 availability built-in resilience highest
This session presented a new SWIFT RampD solution based on artificial intellgence (AI) that can be used in order to get structure out of unstructured data
The goal of this AI research is to bring transparency to data by transforming legacy data into ISO 20022 format The solution can be used as a SWIFTNet API or as an onsite solution It is currently trained in SWIFT premises and is used in order to clean data such as the SWIFTRef data The conversion rate is currently of 95 but as it is a Machine Learning model it learns as it goes and the precision is improving every day
security and larger throughput Another key ingredient is the integration capability not only with the customerrsquos back-office application but also with SWIFTrsquos local archive solution lsquoAlliance Warehousersquo or SWIFT services such as gpi and transaction screening The platform will also have flexible message processing abilities and is being developed with a continuous attention to the user experience The go-live of this new cloud platform is planned for 2020 In addition to an overview of the main values customers can expect from this new cloud solution the session also offered a sneak preview of the graphical user interface More to come in the course of 2019
1212
SWIFTrsquos API strategy SWIFT gpi ndash the new norm in cross-border payments
This session built on the White Paper ldquoAPIs Delivering a global platform for the financial services API economyrdquo (httpswwwswiftcomresourceswift-api) that SWIFT published just before SIBOS 2018 It positioned SWIFTrsquos overall strategy on APIs building on its year-long experience in standardisation leveraging its security and reliability paradigm to the API world Finally both the standardisation and the platform aspects were brought to life by walking through a number of use-cases (including PSD2) There was a lot of interest shown during and after the session by attendees who are already closely involved in API implementations as well as those who will be in the near future
This year at SOFE the SWIFT gpi sessions were scheduled every day and welcomed 100+ delegates and vendors over the three days The sessions covered the features of the existing services (gCCT gCOV and gSRP) the eco-system and future roadmap Throughout SOFE a large screen projected the rapid take-up of gpi more than 105 gpi banks are now live on gpi representing 410+ BICs and covering 140 currencies Gpi sent traffic has grown to over 12 million cross-border payments daily with more than 50 gpi to gpi As a result gpi messages flow across 800+ country corridors representing a value superior to $100 bn daily
Work session summaries
Cyber security and the Customer Security Programme
Cyber intelligence sharing
Cyber resilience
The SWIFT ISAC shares information that customers can use to better protect their environment
After having explained how the SWIFT Customer Security Intelligence team usually performs its forensic investigations we reinforced the necessity for customers to regularly consume the Indicators of Compromise (IOCs) published on the portal
Additional focus was put on automated sharing of IOCs via STIXTAXII which was made available since February 2018 Participants left with a clear understanding of different ways in which SWIFT shares cyber intelligence with the SWIFT Community and of importance of acting on IOCs published on SWIFT ISAC
The voting app and interactions with the audience captured some feedback confirming the growing interest in cyber intelligence exchange within the SWIFT Community
The session on cyber resiliency first set the scene by presenting the evolving cyber threat landscape Cyber-attacks are becoming more frequent and sophisticated The industry is trying to keep pace by implementing security frameworks and moving from a position of control to one of resilience The session discussed the difference between cyber security and cyber resilience whilst for cyber security the focus is set on protecting and surviving a cyber-attack cyber resilience is composed of a broader range of measures taken to bounce back (recover) from a cyber-incident in a timely manner
During the second part of the session the multi-layered security approach taken by SWIFT was discussed and illustrated with resiliency functionalities available at different levels in the SWIFT application stack Finally the different steps in the recovery process after indication of a compromise were covered highlighting the common mistakes financial institutions make
1313
Improving the security of paymentsHow the Shared Infrastructure Programme (SIP) can increase the effectiveness of your risk management
This session explored the changing face of cyber-fraud and explained how financial institutions themselves are the new targets for the attackers This represents a significant challenge requiring institutions to protect themselves against these ever-present and changing cyber-fraud risks The attack vectors were characterised as well as why the cyber attackers want you to know nothing see nothing and do nothing
SWIFTrsquos recently launched Payment Controls service helps financial institutions reduce their fraud and reputational risks and build trust This zero-footprint in-network solution offers the ability to protect against the risk of fraudulent payments via real-time monitoring alerting and payment blocking It offers flexible configurable correspondent banking focused models designed in association with the community The capabilities and benefits were illustrated via an interactive hands-on demonstration using the live service showing examples of rule configuration activation and alert management This was followed by a detailed and lively QampA sessionwwwswiftcompaymentcontrols
The session covered the further evolution of the Shared Infrastructure Programme (SIP) in 2019 listed the tangible risk mitigating results of SIP since beginning of last year and provided an overview of the most common hurdles Service Bureaux are struggling with to reach full compliance with SIP 2018
Compliance with the SIP security and operational requirements is not only needed after a one-time assessment but throughout the year It was therefore explained how SWIFT captures the required security configuration data to enable the monitoring of such a continued compliance The session was attended by a very good representation of the service bureau community in EMEA by service bureau customers and their counterparties and by regulators The diverse audience was a unique opportunity to engage in a dialogue and to capture suggestions for increasing the effectiveness of the programme
Understanding your counterpartyrsquos CSP attestation level
Security Controls 2019
By now all SWIFT customers should be checking what the attestation level of their counterparties is and integrating this compliance data into their risk management processes One take away of the session was a need to adapt the cybersecurity risk governance model to support the assessment of counterparty cybersecurity attestation data eg Identify the appropriate representatives from across the organisation for lsquograntingrsquo lsquorequestingrsquo attestation data
The second take way is that KYC-SA attestation data should be viewed as an additional dimension within the institutionrsquos existing counterparty risk management framework Finally the participants confirmed the interest from the community to integrate the KYC-SA attestation data in their risk management system It is currently available by exporting data and in the future it will be done thanks to a new set of API We also spent some time in the session discussing considerations in granting and requesting access to attestation data
As the threat landscape evolves so must the CSP Details of the changes brought by the Customer Security Control Framework (CSCF) 2019 version were shared with the audience leading to very interactive exchanges We took the opportunity in this session to remind customers about(i) their obligation as per the CSP Policy to comply with the mandatory
controls of the CSCF v2017 by the 31 December 2018(ii) about the next upcoming milestones for 2019 and onwards and (iii) about the possibility to leverage the new reporting functionalities in the
KYC-SA application to integrate counterpartiesrsquo self-attestation results in their own risk management potentially along with the financial and legal due diligence aspects already covered in the KYC Registry application
On the risk management integration topic we strongly advised the audience to attend the session lsquoUnderstanding your counterpartyrsquos CSP attestation levelrsquo Finally we provided the attendees with a vade mecum of tactical actions to undertake to mitigate cyber risks This yearrsquos session was complemented by the opportunity for hands-on demos of the KYC-SA application at the SWIFT Lab
Work session summaries
1414
Alliance portfolio ndash Whatrsquos new whatrsquos next
In the session we took a look at the various key trends observed in the market ndash cloud UX data APIs ISO 20022 and cyber security ndash and presented to the audience the Alliance Portfolio plans to embrace those new trends The session started with a presentation of the new cloud platform that SWIFT is building The new cloud platform provides a fully managed interface and connectivity to SWIFT with improved availability resiliency and scalability It also comes with a completely new user experience with amongst others a very intuitive graphical user interface
The same team of user experience experts at SWIFT helped to design the Alliance Warehouse the brand new solution from SWIFT for long-term message archive with powerful search and investigation capabilities which was also presented during the session Finally we covered a brief introduction to APIs ISO 20022 and cyber security and looked at their impact on the Alliance portfolio
Work session summaries
Operational Excellence
Alliance interfaces roadmap 2019-2020
Alliance Messaging Hub ndash the future in financial messaging
This yearrsquos session was a traditional roadmap session that looked at what has been released over the last 6 months and what is coming up in the next 2 years
With the community having gone through the heavy CSPrelease 72SR2018 migration in 2018 everybody is now looking at what to plan next Release 72 support ends end January 2020 and by that time the community must have updated the fill stack of SWIFTNet and Alliance products to release 73 or release 74
Release 73 was made available in September 2018 and introduces amongst others new ways to implement multi-factor authentication Release 74 planned for mid-2019 will provide additional security and other features will support IBM MQ 91 and a slightly updated OS baseline Release 75 will focus on features for the ISO 20022 migration and ESMIG All along we will provide for AccessEntry the standard updates in the annual release as well as on the two preceding releases During and after the sessions customers took the opportunities to ask questions and exchange views with the product manager This was key information to ensure that the portfolio evolves in line with customer needs
In this session a high-level introduction was provided around Alliance Messaging Hub (AMH) SWIFTrsquos messaging hub that offers functionality beyond classic SWIFTNet interfacing AMH offers an orchestration layer on top of its SWIFTNet messaging capabilities allowing for flexible integration into banksrsquo systems and into other networks The 247365 capable architecture offers top class resilience and serves as a solid foundation for real-time processing
The product is able to process and orchestrate messages under high load and respecting low latency requirements AMH for Hong Kong Faster Payments is a real-life testimony to AMHrsquos processing capabilities
where it runs as a messaging hub for key banks in the region AMH version 40 will be launched in March 2019 and will offer an even richer set of security and gpi related functionality The application will be further shielded and installation and deployment will become more standardized to further reduce the banksrsquo TCO
Further strengthening its real-time offering AMH v40 will offer flows into RT1 and TIPS leveraging SWIFTrsquos Instant channel for the EBA and the Eurosystem In the multi-network space AMH v40 will provide flows for Fedwire Funds and TCH CHIPS
Beyond v40 and in the same way as financial institutions are evolving we are continuously innovating AMH The core will become more modular embracing the trends of containerised systems and we will introduce more integration options such as more standardized yet flexible API support With ISO 20022 migration and ISO 20022-powered APIs coming up we believe AMH will offer the complete package for a bank to face the upcoming challenges in the financial messaging eco-system
1515
Operational challenges Find out how we can help you manage them better
mySWIFT ndash Enhance your gateway to support the most of data analytics
SWIFT continues to invest in the support portfolio Over the past two years we have consulted customers to ensure that it remains healthy and future proof The findings led SWIFT to focus on customer experience as the central theme of the portfolio refresh
In the session the rebranded Professional Services organisation was shared It is now set up to take customers on the full solution journey from design to deployment to maintenance The deep-dive into the updated Advanced Support and Care offering gave further insights into the newly modularised and clarified support deliverables
The overall value proposition of SWIFT Community Support the backbone of support given to all customers and then the Premium and Care options was underlined Customers will now better understand and choose the appropriate pro-active reactive preventive andor hands-on support option with Premium Plus being perhaps the most attractive option as the dedicated service manager especially adds significant value
The sessions were very well attended and although it requires no specific action from customers it is an important evolution to keep track of
Last year at SOFE SWIFT ran exploratory sessions on Support Tools This year we were pleased to show the result of this consultation with newly- and to be released applications on mySWIFTndash New ldquoKnowledge Centrerdquo (since Q4 2018) ndash an easy-to-use and
customisable portal covering all documentation resources (User Handbook Knowledge Base tips how-to videos SWIFTSmart)
ndash New ldquoNotification Centrerdquo (since Q4 2018) ndash a trusted notification tool for SWIFT Operational messages
ndash Coming ldquomyStatusrdquo (H1 2019) ndash a real-time snapshot providing the status of your connectivity components - VPNs SNLs LTs per location and per environment
During the second part of the session we shared our insights about data analytics and predictive capabilities performed on operational data showing how it could allow operators to focus on the most relevant issues while discarding the noise This interactive session ended by a digi-voting exercise where participants were asked through 4 use cases to provide their appetite on ldquohow pattern deviation algorithms could be useful to the communityrdquo We look forward to seeing you next year for more insights and results on the subject
Using Alliance Managed Operations to your strategic advantage
Market trends show a growing appetite for IT teams to (re-)focus on their core business Employees are becoming overburdened with staying on top of regulatory compliance and security challenges and at the same time remaining mindful of resourcing needs to manage the highly critical and sometimes complex SWIFT infrastructures
In this session we outlined and demonstrated how these aspects can be addressed through SWIFTrsquos managed service offering This service brings relevant expertise discipline and rigour into any organisation by becoming a natural extension of the existing team A highlight of the session was the near real-time monitoring feature With this service SWIFT monitors Alliance Gateway and Alliance Access events and VPN lines which can trigger corrective actions with minimal delay
The session clearly resonated with all participants and we look forward to meeting your future managed service needs
Work session summaries
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
88
Context for financial services
How does the platformification disruption seen in other industries relate to banking Dr Zachariadis noted that APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clients The question is how to do that He pointed out that while banks need to sell lower transaction costs they still need to sell the trust and reassurance to the customer that the banking business relies on
Dr Zachariadis ran through four types of platforms in the financial services world that have emerged since PSD2 These arendash Incumbent bank platformsndash Challenger bank platforms
which do brokering much better according to Dr Zachariadis Examples of this include Starling Bank and Revolut
ndash API aggregator platforms which connect banks to fintechs
ndash Account aggregator platforms and services
Following his presentation Dr Zachariadis was joined on stage by Leo Punt head of EMEA Services and Support at SWIFT for a short QampA on some of the issues that had been raised Punt began by asking whether there is room for utilities in the financial services market of the future
Dr Zachariadis said there is but he is unsure for how many saying that there may be some consolidation for banks that go this route to undertake He made the point that utilities in this space are not platforms but that they can be very profitable
Touching on the key theme from day two at SOFE Punt then asked if the platformification development in financial services is being hampered by cyber threats Dr Zachariadis agreed that in a modulated environment this is an issue that may delay the launch of more open business models He did also note that there is an opportunity for banks
if they can be an early adopter and can demonstrate a stable platform they can get a huge first mover win The sooner banks can cut transaction costs the sooner they can earn more customers
Dr Zachariadis closed by offering two key takeaways to the SOFE delegates1 Think about what you could
offer to customers that isnrsquot in your value proposition right now Look at things built outside that you can offer to customers
2 Everything starts from sharing data The biggest value of being a platform is access to more data than ever How can you use this to bring more value to yourself as well as to your customers
Plenaries
APIs in banking and platformification offer the ability for financial institutions to create a business ecosystem and add value for clientsrdquo
When SOFE 2019 begins in 12 monthsrsquo time it will be fascinating to see how far financial services has come in the digital transformation journeyrdquo
99
Work session summaries
Business amp ComplianceFinancial crime compliance in the real-time world
This work session considered the challenges faced by institutions in meeting their financial crime compliance obligations in an increasingly fast-paced world and how SWIFTrsquos Financial Crime Compliance (FCC) portfolio can help institutions respond ndash today and in the future The session discussed the challenges associated with the rate of regulatory change how gpi is increasing the speed and volume of correspondent payments the dynamic rate of change of lists and screening requirements for sanctions compliance and the increasing fraud risks faced by institutions with the adoption of real-time payments SWIFTrsquos FCC solutions allow customers to manage the complete compliance life-cycle with solutions forbull Know Your Customer
The KYC Registry provides a secure shared platform for financial institutions to exchange standardised know your customer information
bull Anti-Money Laundering The Compliance Analytics portfolio pinpoints compliance risks and gives a new way to monitor your correspondents to identify activities indicative of money laundering
bull Sanctions Compliance Provides fully-managed securely-hosted screening of your customers and transactions against the latest sanctions and PEP lists with instant alerts of any matches Provides up-to-date sanctions lists and capabilities to test your own filters
bull Fraud Prevention Payment Controls helps you manage your payment policy and identify unusual or uncharacteristic payment risk that may be indicative of fraud and provides an independent snapshot of your SWIFT transaction activity
The session considered how these solutions can help institutions be more operationally agile in terms of deployment and response to changing regulation through the use of hosted utility based solutions why understanding of counterparts and their behaviour improves trust and helps streamline STP how quality and effectiveness of systems and data is key to process payments quickly and efficiently and how institutions can best defend themselves from new patterns of cyber-fraudwwwswiftcomcompliance
How SWIFT Business Intelligence solutions support your gpi journey
During this yearrsquos Business Intelligence sessions at SOFE the team delivered in depth presentations on SWIFTrsquos Business Intelligence (BI) for gpi solutions which consist of the Watch and gpi Observer portfolios combined with BI services These solutions are specifically designed to support customerrsquos gpi business cases prioritisation strategies and help identify business development opportunities They demonstrated how these BI solutions provide tangible and unique insights that bring value and a competitive advantage to customers as well as to their customers The recently launched gpi Observer
Analytics solution was central to the discussion and as the team explained these cutting-edge insights provide all the payments routing intelligence and data for gpi members to see where to optimise or adapt their existing payment routings leading to lower costs and faster payments The sessions also highlighted how financial institutions that deploy the new solution are gaining speed benchmarking capabilities and are able to now act upon fact-based information to steer their cross-border payments strategy through improved operational and market analysis
1010
ISO 20022 for managers ndash the time is now
ISO 20022 for beginners ndash what you really need to know
As announced in September in 2021 SWIFT will begin migrating all cross-border and many-to-many payments onto ISO 20022 This decision comes after large scale community consultation that took in feedback from a wide variety of stakeholders We want to ensure the entire SWIFT community is well informed and prepared for the migration The session provided information about the approach we are taking and what it means for you
We have aligned the start date of our migration in 2021 with the adoption of ISO 20022 of the Eurozonersquos high value payments systems The migration will cover MT categories 1 2 and 9 and will impact correspondent banks as well as other users of these messages including securities players A four-year co-existence
The workshop focused on the following key aspectsbull What is ISO 20022 and how it
constitutes a single approach for financial standardisation initiatives
bull SWIFTrsquos involvement and unparalleled expertise in ISO 20022 adoption
bull Status on ISO 20022 implementations around the globe and how ISO 20022 has become the dominant language of financial transactions
bull The importance of Market Practice and zoom on HVPS+ (High-Value Payment System+) the ISO 20022 global market practice for Payment Market Infrastructures
bull A new challenge ISO 20022 migration for cross-border payments as a result of the September 2018 Board decision
phase will allow all members of the SWIFT community to make the switch
SWIFT will work closely with the community to formulate and refine market practice guidelines In tandem with the Payments Market Practice Group (PMPG) we have created the Cross-Border Payments and Reporting Plus (CBPR+) working group to develop global usage guidelines We will invite our community to review and give feedback on these guidelines as they mature
We will also provide a central translation service to ensure successful community migration and to facilitate the co-existence phase This service will also implement the rules formulated by CBPR+ and all users will be automatically enrolled
As result of the session participants gained a broader appreciation of the industryrsquos journey towards ISO 20022 adoption how global groups like HVPS+ are working together to create global industry standards and common principals
Work session summaries
Optimise your back-office functions with SWIFTRef the must-have global reference data utility
In this session we explained the new files including Standing Settlement Instructions (SSI) National ID History and National ID Format Account Number Format and the gpi directory We also presented the recent Entity Plus product and a revamp of our Bankers World Online tool (live on 15 December) and gave you some insight into our planned future developments of APIs
Finally we discussed the impact of the BIC migration to the new version of the ISO 9362 standard on SWIFTRef From March 2019 it will no longer be possible to derive the connectivity of an organisation from the 8th character in the BIC nor the time-zone from the 7th character This information is now reflected in dedicated data elements in the SWIFTRef portfolio As a consequence all
current BIC Directory customers need to migrate to the BIC Plus or BIC Directory 2018
More information on the SWIFTRef portfolio can be found at wwwswiftcomswiftref
1111
Work session summaries
Innovation
DLT e-Voting solution ndash A proof of concept with SWIFT and Slib
In this session SWIFT shared its vision on the role it can play related to DLT technology when the technology matures and strong use cases emerge SWIFT can become the market place for DLT-based services that are provided by third parties and deployed on the SWIFT network This can be achieved by leveraging existing infrastructure and services The eVoting proof of concept fits into this vision Slib acting as provider of a DLT-based service has developed an application for distributing shareholder meeting notifications and collecting votes from shareholders SWIFT has provided the DLT sandbox on which this application has been deployed
Evolution of SWIFTrsquos cloud platform
SWIFT AI ndash How to get structure out of your unstructured data
10 years ago SWIFT launched its first cloud platform lsquoAlliance Litersquo Since then the trend to outsource has scaled up significantly and SWIFT has continued to evolve its offering Today SWIFTrsquos cloud solutions (Alliance Lite2 Alliance Remote Gateway and Alliance Lifeline) are highly successful and serve more than 2300 customers In recent years constant change has become the new norm in the financial industry It is therefore important that our cloud solution provide our customers the agility they need to prepare for the future In that perspective SWIFT is developing a brand new cloud platform It is based on state-of-the-art technology offering 24x7 availability built-in resilience highest
This session presented a new SWIFT RampD solution based on artificial intellgence (AI) that can be used in order to get structure out of unstructured data
The goal of this AI research is to bring transparency to data by transforming legacy data into ISO 20022 format The solution can be used as a SWIFTNet API or as an onsite solution It is currently trained in SWIFT premises and is used in order to clean data such as the SWIFTRef data The conversion rate is currently of 95 but as it is a Machine Learning model it learns as it goes and the precision is improving every day
security and larger throughput Another key ingredient is the integration capability not only with the customerrsquos back-office application but also with SWIFTrsquos local archive solution lsquoAlliance Warehousersquo or SWIFT services such as gpi and transaction screening The platform will also have flexible message processing abilities and is being developed with a continuous attention to the user experience The go-live of this new cloud platform is planned for 2020 In addition to an overview of the main values customers can expect from this new cloud solution the session also offered a sneak preview of the graphical user interface More to come in the course of 2019
1212
SWIFTrsquos API strategy SWIFT gpi ndash the new norm in cross-border payments
This session built on the White Paper ldquoAPIs Delivering a global platform for the financial services API economyrdquo (httpswwwswiftcomresourceswift-api) that SWIFT published just before SIBOS 2018 It positioned SWIFTrsquos overall strategy on APIs building on its year-long experience in standardisation leveraging its security and reliability paradigm to the API world Finally both the standardisation and the platform aspects were brought to life by walking through a number of use-cases (including PSD2) There was a lot of interest shown during and after the session by attendees who are already closely involved in API implementations as well as those who will be in the near future
This year at SOFE the SWIFT gpi sessions were scheduled every day and welcomed 100+ delegates and vendors over the three days The sessions covered the features of the existing services (gCCT gCOV and gSRP) the eco-system and future roadmap Throughout SOFE a large screen projected the rapid take-up of gpi more than 105 gpi banks are now live on gpi representing 410+ BICs and covering 140 currencies Gpi sent traffic has grown to over 12 million cross-border payments daily with more than 50 gpi to gpi As a result gpi messages flow across 800+ country corridors representing a value superior to $100 bn daily
Work session summaries
Cyber security and the Customer Security Programme
Cyber intelligence sharing
Cyber resilience
The SWIFT ISAC shares information that customers can use to better protect their environment
After having explained how the SWIFT Customer Security Intelligence team usually performs its forensic investigations we reinforced the necessity for customers to regularly consume the Indicators of Compromise (IOCs) published on the portal
Additional focus was put on automated sharing of IOCs via STIXTAXII which was made available since February 2018 Participants left with a clear understanding of different ways in which SWIFT shares cyber intelligence with the SWIFT Community and of importance of acting on IOCs published on SWIFT ISAC
The voting app and interactions with the audience captured some feedback confirming the growing interest in cyber intelligence exchange within the SWIFT Community
The session on cyber resiliency first set the scene by presenting the evolving cyber threat landscape Cyber-attacks are becoming more frequent and sophisticated The industry is trying to keep pace by implementing security frameworks and moving from a position of control to one of resilience The session discussed the difference between cyber security and cyber resilience whilst for cyber security the focus is set on protecting and surviving a cyber-attack cyber resilience is composed of a broader range of measures taken to bounce back (recover) from a cyber-incident in a timely manner
During the second part of the session the multi-layered security approach taken by SWIFT was discussed and illustrated with resiliency functionalities available at different levels in the SWIFT application stack Finally the different steps in the recovery process after indication of a compromise were covered highlighting the common mistakes financial institutions make
1313
Improving the security of paymentsHow the Shared Infrastructure Programme (SIP) can increase the effectiveness of your risk management
This session explored the changing face of cyber-fraud and explained how financial institutions themselves are the new targets for the attackers This represents a significant challenge requiring institutions to protect themselves against these ever-present and changing cyber-fraud risks The attack vectors were characterised as well as why the cyber attackers want you to know nothing see nothing and do nothing
SWIFTrsquos recently launched Payment Controls service helps financial institutions reduce their fraud and reputational risks and build trust This zero-footprint in-network solution offers the ability to protect against the risk of fraudulent payments via real-time monitoring alerting and payment blocking It offers flexible configurable correspondent banking focused models designed in association with the community The capabilities and benefits were illustrated via an interactive hands-on demonstration using the live service showing examples of rule configuration activation and alert management This was followed by a detailed and lively QampA sessionwwwswiftcompaymentcontrols
The session covered the further evolution of the Shared Infrastructure Programme (SIP) in 2019 listed the tangible risk mitigating results of SIP since beginning of last year and provided an overview of the most common hurdles Service Bureaux are struggling with to reach full compliance with SIP 2018
Compliance with the SIP security and operational requirements is not only needed after a one-time assessment but throughout the year It was therefore explained how SWIFT captures the required security configuration data to enable the monitoring of such a continued compliance The session was attended by a very good representation of the service bureau community in EMEA by service bureau customers and their counterparties and by regulators The diverse audience was a unique opportunity to engage in a dialogue and to capture suggestions for increasing the effectiveness of the programme
Understanding your counterpartyrsquos CSP attestation level
Security Controls 2019
By now all SWIFT customers should be checking what the attestation level of their counterparties is and integrating this compliance data into their risk management processes One take away of the session was a need to adapt the cybersecurity risk governance model to support the assessment of counterparty cybersecurity attestation data eg Identify the appropriate representatives from across the organisation for lsquograntingrsquo lsquorequestingrsquo attestation data
The second take way is that KYC-SA attestation data should be viewed as an additional dimension within the institutionrsquos existing counterparty risk management framework Finally the participants confirmed the interest from the community to integrate the KYC-SA attestation data in their risk management system It is currently available by exporting data and in the future it will be done thanks to a new set of API We also spent some time in the session discussing considerations in granting and requesting access to attestation data
As the threat landscape evolves so must the CSP Details of the changes brought by the Customer Security Control Framework (CSCF) 2019 version were shared with the audience leading to very interactive exchanges We took the opportunity in this session to remind customers about(i) their obligation as per the CSP Policy to comply with the mandatory
controls of the CSCF v2017 by the 31 December 2018(ii) about the next upcoming milestones for 2019 and onwards and (iii) about the possibility to leverage the new reporting functionalities in the
KYC-SA application to integrate counterpartiesrsquo self-attestation results in their own risk management potentially along with the financial and legal due diligence aspects already covered in the KYC Registry application
On the risk management integration topic we strongly advised the audience to attend the session lsquoUnderstanding your counterpartyrsquos CSP attestation levelrsquo Finally we provided the attendees with a vade mecum of tactical actions to undertake to mitigate cyber risks This yearrsquos session was complemented by the opportunity for hands-on demos of the KYC-SA application at the SWIFT Lab
Work session summaries
1414
Alliance portfolio ndash Whatrsquos new whatrsquos next
In the session we took a look at the various key trends observed in the market ndash cloud UX data APIs ISO 20022 and cyber security ndash and presented to the audience the Alliance Portfolio plans to embrace those new trends The session started with a presentation of the new cloud platform that SWIFT is building The new cloud platform provides a fully managed interface and connectivity to SWIFT with improved availability resiliency and scalability It also comes with a completely new user experience with amongst others a very intuitive graphical user interface
The same team of user experience experts at SWIFT helped to design the Alliance Warehouse the brand new solution from SWIFT for long-term message archive with powerful search and investigation capabilities which was also presented during the session Finally we covered a brief introduction to APIs ISO 20022 and cyber security and looked at their impact on the Alliance portfolio
Work session summaries
Operational Excellence
Alliance interfaces roadmap 2019-2020
Alliance Messaging Hub ndash the future in financial messaging
This yearrsquos session was a traditional roadmap session that looked at what has been released over the last 6 months and what is coming up in the next 2 years
With the community having gone through the heavy CSPrelease 72SR2018 migration in 2018 everybody is now looking at what to plan next Release 72 support ends end January 2020 and by that time the community must have updated the fill stack of SWIFTNet and Alliance products to release 73 or release 74
Release 73 was made available in September 2018 and introduces amongst others new ways to implement multi-factor authentication Release 74 planned for mid-2019 will provide additional security and other features will support IBM MQ 91 and a slightly updated OS baseline Release 75 will focus on features for the ISO 20022 migration and ESMIG All along we will provide for AccessEntry the standard updates in the annual release as well as on the two preceding releases During and after the sessions customers took the opportunities to ask questions and exchange views with the product manager This was key information to ensure that the portfolio evolves in line with customer needs
In this session a high-level introduction was provided around Alliance Messaging Hub (AMH) SWIFTrsquos messaging hub that offers functionality beyond classic SWIFTNet interfacing AMH offers an orchestration layer on top of its SWIFTNet messaging capabilities allowing for flexible integration into banksrsquo systems and into other networks The 247365 capable architecture offers top class resilience and serves as a solid foundation for real-time processing
The product is able to process and orchestrate messages under high load and respecting low latency requirements AMH for Hong Kong Faster Payments is a real-life testimony to AMHrsquos processing capabilities
where it runs as a messaging hub for key banks in the region AMH version 40 will be launched in March 2019 and will offer an even richer set of security and gpi related functionality The application will be further shielded and installation and deployment will become more standardized to further reduce the banksrsquo TCO
Further strengthening its real-time offering AMH v40 will offer flows into RT1 and TIPS leveraging SWIFTrsquos Instant channel for the EBA and the Eurosystem In the multi-network space AMH v40 will provide flows for Fedwire Funds and TCH CHIPS
Beyond v40 and in the same way as financial institutions are evolving we are continuously innovating AMH The core will become more modular embracing the trends of containerised systems and we will introduce more integration options such as more standardized yet flexible API support With ISO 20022 migration and ISO 20022-powered APIs coming up we believe AMH will offer the complete package for a bank to face the upcoming challenges in the financial messaging eco-system
1515
Operational challenges Find out how we can help you manage them better
mySWIFT ndash Enhance your gateway to support the most of data analytics
SWIFT continues to invest in the support portfolio Over the past two years we have consulted customers to ensure that it remains healthy and future proof The findings led SWIFT to focus on customer experience as the central theme of the portfolio refresh
In the session the rebranded Professional Services organisation was shared It is now set up to take customers on the full solution journey from design to deployment to maintenance The deep-dive into the updated Advanced Support and Care offering gave further insights into the newly modularised and clarified support deliverables
The overall value proposition of SWIFT Community Support the backbone of support given to all customers and then the Premium and Care options was underlined Customers will now better understand and choose the appropriate pro-active reactive preventive andor hands-on support option with Premium Plus being perhaps the most attractive option as the dedicated service manager especially adds significant value
The sessions were very well attended and although it requires no specific action from customers it is an important evolution to keep track of
Last year at SOFE SWIFT ran exploratory sessions on Support Tools This year we were pleased to show the result of this consultation with newly- and to be released applications on mySWIFTndash New ldquoKnowledge Centrerdquo (since Q4 2018) ndash an easy-to-use and
customisable portal covering all documentation resources (User Handbook Knowledge Base tips how-to videos SWIFTSmart)
ndash New ldquoNotification Centrerdquo (since Q4 2018) ndash a trusted notification tool for SWIFT Operational messages
ndash Coming ldquomyStatusrdquo (H1 2019) ndash a real-time snapshot providing the status of your connectivity components - VPNs SNLs LTs per location and per environment
During the second part of the session we shared our insights about data analytics and predictive capabilities performed on operational data showing how it could allow operators to focus on the most relevant issues while discarding the noise This interactive session ended by a digi-voting exercise where participants were asked through 4 use cases to provide their appetite on ldquohow pattern deviation algorithms could be useful to the communityrdquo We look forward to seeing you next year for more insights and results on the subject
Using Alliance Managed Operations to your strategic advantage
Market trends show a growing appetite for IT teams to (re-)focus on their core business Employees are becoming overburdened with staying on top of regulatory compliance and security challenges and at the same time remaining mindful of resourcing needs to manage the highly critical and sometimes complex SWIFT infrastructures
In this session we outlined and demonstrated how these aspects can be addressed through SWIFTrsquos managed service offering This service brings relevant expertise discipline and rigour into any organisation by becoming a natural extension of the existing team A highlight of the session was the near real-time monitoring feature With this service SWIFT monitors Alliance Gateway and Alliance Access events and VPN lines which can trigger corrective actions with minimal delay
The session clearly resonated with all participants and we look forward to meeting your future managed service needs
Work session summaries
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
99
Work session summaries
Business amp ComplianceFinancial crime compliance in the real-time world
This work session considered the challenges faced by institutions in meeting their financial crime compliance obligations in an increasingly fast-paced world and how SWIFTrsquos Financial Crime Compliance (FCC) portfolio can help institutions respond ndash today and in the future The session discussed the challenges associated with the rate of regulatory change how gpi is increasing the speed and volume of correspondent payments the dynamic rate of change of lists and screening requirements for sanctions compliance and the increasing fraud risks faced by institutions with the adoption of real-time payments SWIFTrsquos FCC solutions allow customers to manage the complete compliance life-cycle with solutions forbull Know Your Customer
The KYC Registry provides a secure shared platform for financial institutions to exchange standardised know your customer information
bull Anti-Money Laundering The Compliance Analytics portfolio pinpoints compliance risks and gives a new way to monitor your correspondents to identify activities indicative of money laundering
bull Sanctions Compliance Provides fully-managed securely-hosted screening of your customers and transactions against the latest sanctions and PEP lists with instant alerts of any matches Provides up-to-date sanctions lists and capabilities to test your own filters
bull Fraud Prevention Payment Controls helps you manage your payment policy and identify unusual or uncharacteristic payment risk that may be indicative of fraud and provides an independent snapshot of your SWIFT transaction activity
The session considered how these solutions can help institutions be more operationally agile in terms of deployment and response to changing regulation through the use of hosted utility based solutions why understanding of counterparts and their behaviour improves trust and helps streamline STP how quality and effectiveness of systems and data is key to process payments quickly and efficiently and how institutions can best defend themselves from new patterns of cyber-fraudwwwswiftcomcompliance
How SWIFT Business Intelligence solutions support your gpi journey
During this yearrsquos Business Intelligence sessions at SOFE the team delivered in depth presentations on SWIFTrsquos Business Intelligence (BI) for gpi solutions which consist of the Watch and gpi Observer portfolios combined with BI services These solutions are specifically designed to support customerrsquos gpi business cases prioritisation strategies and help identify business development opportunities They demonstrated how these BI solutions provide tangible and unique insights that bring value and a competitive advantage to customers as well as to their customers The recently launched gpi Observer
Analytics solution was central to the discussion and as the team explained these cutting-edge insights provide all the payments routing intelligence and data for gpi members to see where to optimise or adapt their existing payment routings leading to lower costs and faster payments The sessions also highlighted how financial institutions that deploy the new solution are gaining speed benchmarking capabilities and are able to now act upon fact-based information to steer their cross-border payments strategy through improved operational and market analysis
1010
ISO 20022 for managers ndash the time is now
ISO 20022 for beginners ndash what you really need to know
As announced in September in 2021 SWIFT will begin migrating all cross-border and many-to-many payments onto ISO 20022 This decision comes after large scale community consultation that took in feedback from a wide variety of stakeholders We want to ensure the entire SWIFT community is well informed and prepared for the migration The session provided information about the approach we are taking and what it means for you
We have aligned the start date of our migration in 2021 with the adoption of ISO 20022 of the Eurozonersquos high value payments systems The migration will cover MT categories 1 2 and 9 and will impact correspondent banks as well as other users of these messages including securities players A four-year co-existence
The workshop focused on the following key aspectsbull What is ISO 20022 and how it
constitutes a single approach for financial standardisation initiatives
bull SWIFTrsquos involvement and unparalleled expertise in ISO 20022 adoption
bull Status on ISO 20022 implementations around the globe and how ISO 20022 has become the dominant language of financial transactions
bull The importance of Market Practice and zoom on HVPS+ (High-Value Payment System+) the ISO 20022 global market practice for Payment Market Infrastructures
bull A new challenge ISO 20022 migration for cross-border payments as a result of the September 2018 Board decision
phase will allow all members of the SWIFT community to make the switch
SWIFT will work closely with the community to formulate and refine market practice guidelines In tandem with the Payments Market Practice Group (PMPG) we have created the Cross-Border Payments and Reporting Plus (CBPR+) working group to develop global usage guidelines We will invite our community to review and give feedback on these guidelines as they mature
We will also provide a central translation service to ensure successful community migration and to facilitate the co-existence phase This service will also implement the rules formulated by CBPR+ and all users will be automatically enrolled
As result of the session participants gained a broader appreciation of the industryrsquos journey towards ISO 20022 adoption how global groups like HVPS+ are working together to create global industry standards and common principals
Work session summaries
Optimise your back-office functions with SWIFTRef the must-have global reference data utility
In this session we explained the new files including Standing Settlement Instructions (SSI) National ID History and National ID Format Account Number Format and the gpi directory We also presented the recent Entity Plus product and a revamp of our Bankers World Online tool (live on 15 December) and gave you some insight into our planned future developments of APIs
Finally we discussed the impact of the BIC migration to the new version of the ISO 9362 standard on SWIFTRef From March 2019 it will no longer be possible to derive the connectivity of an organisation from the 8th character in the BIC nor the time-zone from the 7th character This information is now reflected in dedicated data elements in the SWIFTRef portfolio As a consequence all
current BIC Directory customers need to migrate to the BIC Plus or BIC Directory 2018
More information on the SWIFTRef portfolio can be found at wwwswiftcomswiftref
1111
Work session summaries
Innovation
DLT e-Voting solution ndash A proof of concept with SWIFT and Slib
In this session SWIFT shared its vision on the role it can play related to DLT technology when the technology matures and strong use cases emerge SWIFT can become the market place for DLT-based services that are provided by third parties and deployed on the SWIFT network This can be achieved by leveraging existing infrastructure and services The eVoting proof of concept fits into this vision Slib acting as provider of a DLT-based service has developed an application for distributing shareholder meeting notifications and collecting votes from shareholders SWIFT has provided the DLT sandbox on which this application has been deployed
Evolution of SWIFTrsquos cloud platform
SWIFT AI ndash How to get structure out of your unstructured data
10 years ago SWIFT launched its first cloud platform lsquoAlliance Litersquo Since then the trend to outsource has scaled up significantly and SWIFT has continued to evolve its offering Today SWIFTrsquos cloud solutions (Alliance Lite2 Alliance Remote Gateway and Alliance Lifeline) are highly successful and serve more than 2300 customers In recent years constant change has become the new norm in the financial industry It is therefore important that our cloud solution provide our customers the agility they need to prepare for the future In that perspective SWIFT is developing a brand new cloud platform It is based on state-of-the-art technology offering 24x7 availability built-in resilience highest
This session presented a new SWIFT RampD solution based on artificial intellgence (AI) that can be used in order to get structure out of unstructured data
The goal of this AI research is to bring transparency to data by transforming legacy data into ISO 20022 format The solution can be used as a SWIFTNet API or as an onsite solution It is currently trained in SWIFT premises and is used in order to clean data such as the SWIFTRef data The conversion rate is currently of 95 but as it is a Machine Learning model it learns as it goes and the precision is improving every day
security and larger throughput Another key ingredient is the integration capability not only with the customerrsquos back-office application but also with SWIFTrsquos local archive solution lsquoAlliance Warehousersquo or SWIFT services such as gpi and transaction screening The platform will also have flexible message processing abilities and is being developed with a continuous attention to the user experience The go-live of this new cloud platform is planned for 2020 In addition to an overview of the main values customers can expect from this new cloud solution the session also offered a sneak preview of the graphical user interface More to come in the course of 2019
1212
SWIFTrsquos API strategy SWIFT gpi ndash the new norm in cross-border payments
This session built on the White Paper ldquoAPIs Delivering a global platform for the financial services API economyrdquo (httpswwwswiftcomresourceswift-api) that SWIFT published just before SIBOS 2018 It positioned SWIFTrsquos overall strategy on APIs building on its year-long experience in standardisation leveraging its security and reliability paradigm to the API world Finally both the standardisation and the platform aspects were brought to life by walking through a number of use-cases (including PSD2) There was a lot of interest shown during and after the session by attendees who are already closely involved in API implementations as well as those who will be in the near future
This year at SOFE the SWIFT gpi sessions were scheduled every day and welcomed 100+ delegates and vendors over the three days The sessions covered the features of the existing services (gCCT gCOV and gSRP) the eco-system and future roadmap Throughout SOFE a large screen projected the rapid take-up of gpi more than 105 gpi banks are now live on gpi representing 410+ BICs and covering 140 currencies Gpi sent traffic has grown to over 12 million cross-border payments daily with more than 50 gpi to gpi As a result gpi messages flow across 800+ country corridors representing a value superior to $100 bn daily
Work session summaries
Cyber security and the Customer Security Programme
Cyber intelligence sharing
Cyber resilience
The SWIFT ISAC shares information that customers can use to better protect their environment
After having explained how the SWIFT Customer Security Intelligence team usually performs its forensic investigations we reinforced the necessity for customers to regularly consume the Indicators of Compromise (IOCs) published on the portal
Additional focus was put on automated sharing of IOCs via STIXTAXII which was made available since February 2018 Participants left with a clear understanding of different ways in which SWIFT shares cyber intelligence with the SWIFT Community and of importance of acting on IOCs published on SWIFT ISAC
The voting app and interactions with the audience captured some feedback confirming the growing interest in cyber intelligence exchange within the SWIFT Community
The session on cyber resiliency first set the scene by presenting the evolving cyber threat landscape Cyber-attacks are becoming more frequent and sophisticated The industry is trying to keep pace by implementing security frameworks and moving from a position of control to one of resilience The session discussed the difference between cyber security and cyber resilience whilst for cyber security the focus is set on protecting and surviving a cyber-attack cyber resilience is composed of a broader range of measures taken to bounce back (recover) from a cyber-incident in a timely manner
During the second part of the session the multi-layered security approach taken by SWIFT was discussed and illustrated with resiliency functionalities available at different levels in the SWIFT application stack Finally the different steps in the recovery process after indication of a compromise were covered highlighting the common mistakes financial institutions make
1313
Improving the security of paymentsHow the Shared Infrastructure Programme (SIP) can increase the effectiveness of your risk management
This session explored the changing face of cyber-fraud and explained how financial institutions themselves are the new targets for the attackers This represents a significant challenge requiring institutions to protect themselves against these ever-present and changing cyber-fraud risks The attack vectors were characterised as well as why the cyber attackers want you to know nothing see nothing and do nothing
SWIFTrsquos recently launched Payment Controls service helps financial institutions reduce their fraud and reputational risks and build trust This zero-footprint in-network solution offers the ability to protect against the risk of fraudulent payments via real-time monitoring alerting and payment blocking It offers flexible configurable correspondent banking focused models designed in association with the community The capabilities and benefits were illustrated via an interactive hands-on demonstration using the live service showing examples of rule configuration activation and alert management This was followed by a detailed and lively QampA sessionwwwswiftcompaymentcontrols
The session covered the further evolution of the Shared Infrastructure Programme (SIP) in 2019 listed the tangible risk mitigating results of SIP since beginning of last year and provided an overview of the most common hurdles Service Bureaux are struggling with to reach full compliance with SIP 2018
Compliance with the SIP security and operational requirements is not only needed after a one-time assessment but throughout the year It was therefore explained how SWIFT captures the required security configuration data to enable the monitoring of such a continued compliance The session was attended by a very good representation of the service bureau community in EMEA by service bureau customers and their counterparties and by regulators The diverse audience was a unique opportunity to engage in a dialogue and to capture suggestions for increasing the effectiveness of the programme
Understanding your counterpartyrsquos CSP attestation level
Security Controls 2019
By now all SWIFT customers should be checking what the attestation level of their counterparties is and integrating this compliance data into their risk management processes One take away of the session was a need to adapt the cybersecurity risk governance model to support the assessment of counterparty cybersecurity attestation data eg Identify the appropriate representatives from across the organisation for lsquograntingrsquo lsquorequestingrsquo attestation data
The second take way is that KYC-SA attestation data should be viewed as an additional dimension within the institutionrsquos existing counterparty risk management framework Finally the participants confirmed the interest from the community to integrate the KYC-SA attestation data in their risk management system It is currently available by exporting data and in the future it will be done thanks to a new set of API We also spent some time in the session discussing considerations in granting and requesting access to attestation data
As the threat landscape evolves so must the CSP Details of the changes brought by the Customer Security Control Framework (CSCF) 2019 version were shared with the audience leading to very interactive exchanges We took the opportunity in this session to remind customers about(i) their obligation as per the CSP Policy to comply with the mandatory
controls of the CSCF v2017 by the 31 December 2018(ii) about the next upcoming milestones for 2019 and onwards and (iii) about the possibility to leverage the new reporting functionalities in the
KYC-SA application to integrate counterpartiesrsquo self-attestation results in their own risk management potentially along with the financial and legal due diligence aspects already covered in the KYC Registry application
On the risk management integration topic we strongly advised the audience to attend the session lsquoUnderstanding your counterpartyrsquos CSP attestation levelrsquo Finally we provided the attendees with a vade mecum of tactical actions to undertake to mitigate cyber risks This yearrsquos session was complemented by the opportunity for hands-on demos of the KYC-SA application at the SWIFT Lab
Work session summaries
1414
Alliance portfolio ndash Whatrsquos new whatrsquos next
In the session we took a look at the various key trends observed in the market ndash cloud UX data APIs ISO 20022 and cyber security ndash and presented to the audience the Alliance Portfolio plans to embrace those new trends The session started with a presentation of the new cloud platform that SWIFT is building The new cloud platform provides a fully managed interface and connectivity to SWIFT with improved availability resiliency and scalability It also comes with a completely new user experience with amongst others a very intuitive graphical user interface
The same team of user experience experts at SWIFT helped to design the Alliance Warehouse the brand new solution from SWIFT for long-term message archive with powerful search and investigation capabilities which was also presented during the session Finally we covered a brief introduction to APIs ISO 20022 and cyber security and looked at their impact on the Alliance portfolio
Work session summaries
Operational Excellence
Alliance interfaces roadmap 2019-2020
Alliance Messaging Hub ndash the future in financial messaging
This yearrsquos session was a traditional roadmap session that looked at what has been released over the last 6 months and what is coming up in the next 2 years
With the community having gone through the heavy CSPrelease 72SR2018 migration in 2018 everybody is now looking at what to plan next Release 72 support ends end January 2020 and by that time the community must have updated the fill stack of SWIFTNet and Alliance products to release 73 or release 74
Release 73 was made available in September 2018 and introduces amongst others new ways to implement multi-factor authentication Release 74 planned for mid-2019 will provide additional security and other features will support IBM MQ 91 and a slightly updated OS baseline Release 75 will focus on features for the ISO 20022 migration and ESMIG All along we will provide for AccessEntry the standard updates in the annual release as well as on the two preceding releases During and after the sessions customers took the opportunities to ask questions and exchange views with the product manager This was key information to ensure that the portfolio evolves in line with customer needs
In this session a high-level introduction was provided around Alliance Messaging Hub (AMH) SWIFTrsquos messaging hub that offers functionality beyond classic SWIFTNet interfacing AMH offers an orchestration layer on top of its SWIFTNet messaging capabilities allowing for flexible integration into banksrsquo systems and into other networks The 247365 capable architecture offers top class resilience and serves as a solid foundation for real-time processing
The product is able to process and orchestrate messages under high load and respecting low latency requirements AMH for Hong Kong Faster Payments is a real-life testimony to AMHrsquos processing capabilities
where it runs as a messaging hub for key banks in the region AMH version 40 will be launched in March 2019 and will offer an even richer set of security and gpi related functionality The application will be further shielded and installation and deployment will become more standardized to further reduce the banksrsquo TCO
Further strengthening its real-time offering AMH v40 will offer flows into RT1 and TIPS leveraging SWIFTrsquos Instant channel for the EBA and the Eurosystem In the multi-network space AMH v40 will provide flows for Fedwire Funds and TCH CHIPS
Beyond v40 and in the same way as financial institutions are evolving we are continuously innovating AMH The core will become more modular embracing the trends of containerised systems and we will introduce more integration options such as more standardized yet flexible API support With ISO 20022 migration and ISO 20022-powered APIs coming up we believe AMH will offer the complete package for a bank to face the upcoming challenges in the financial messaging eco-system
1515
Operational challenges Find out how we can help you manage them better
mySWIFT ndash Enhance your gateway to support the most of data analytics
SWIFT continues to invest in the support portfolio Over the past two years we have consulted customers to ensure that it remains healthy and future proof The findings led SWIFT to focus on customer experience as the central theme of the portfolio refresh
In the session the rebranded Professional Services organisation was shared It is now set up to take customers on the full solution journey from design to deployment to maintenance The deep-dive into the updated Advanced Support and Care offering gave further insights into the newly modularised and clarified support deliverables
The overall value proposition of SWIFT Community Support the backbone of support given to all customers and then the Premium and Care options was underlined Customers will now better understand and choose the appropriate pro-active reactive preventive andor hands-on support option with Premium Plus being perhaps the most attractive option as the dedicated service manager especially adds significant value
The sessions were very well attended and although it requires no specific action from customers it is an important evolution to keep track of
Last year at SOFE SWIFT ran exploratory sessions on Support Tools This year we were pleased to show the result of this consultation with newly- and to be released applications on mySWIFTndash New ldquoKnowledge Centrerdquo (since Q4 2018) ndash an easy-to-use and
customisable portal covering all documentation resources (User Handbook Knowledge Base tips how-to videos SWIFTSmart)
ndash New ldquoNotification Centrerdquo (since Q4 2018) ndash a trusted notification tool for SWIFT Operational messages
ndash Coming ldquomyStatusrdquo (H1 2019) ndash a real-time snapshot providing the status of your connectivity components - VPNs SNLs LTs per location and per environment
During the second part of the session we shared our insights about data analytics and predictive capabilities performed on operational data showing how it could allow operators to focus on the most relevant issues while discarding the noise This interactive session ended by a digi-voting exercise where participants were asked through 4 use cases to provide their appetite on ldquohow pattern deviation algorithms could be useful to the communityrdquo We look forward to seeing you next year for more insights and results on the subject
Using Alliance Managed Operations to your strategic advantage
Market trends show a growing appetite for IT teams to (re-)focus on their core business Employees are becoming overburdened with staying on top of regulatory compliance and security challenges and at the same time remaining mindful of resourcing needs to manage the highly critical and sometimes complex SWIFT infrastructures
In this session we outlined and demonstrated how these aspects can be addressed through SWIFTrsquos managed service offering This service brings relevant expertise discipline and rigour into any organisation by becoming a natural extension of the existing team A highlight of the session was the near real-time monitoring feature With this service SWIFT monitors Alliance Gateway and Alliance Access events and VPN lines which can trigger corrective actions with minimal delay
The session clearly resonated with all participants and we look forward to meeting your future managed service needs
Work session summaries
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
1010
ISO 20022 for managers ndash the time is now
ISO 20022 for beginners ndash what you really need to know
As announced in September in 2021 SWIFT will begin migrating all cross-border and many-to-many payments onto ISO 20022 This decision comes after large scale community consultation that took in feedback from a wide variety of stakeholders We want to ensure the entire SWIFT community is well informed and prepared for the migration The session provided information about the approach we are taking and what it means for you
We have aligned the start date of our migration in 2021 with the adoption of ISO 20022 of the Eurozonersquos high value payments systems The migration will cover MT categories 1 2 and 9 and will impact correspondent banks as well as other users of these messages including securities players A four-year co-existence
The workshop focused on the following key aspectsbull What is ISO 20022 and how it
constitutes a single approach for financial standardisation initiatives
bull SWIFTrsquos involvement and unparalleled expertise in ISO 20022 adoption
bull Status on ISO 20022 implementations around the globe and how ISO 20022 has become the dominant language of financial transactions
bull The importance of Market Practice and zoom on HVPS+ (High-Value Payment System+) the ISO 20022 global market practice for Payment Market Infrastructures
bull A new challenge ISO 20022 migration for cross-border payments as a result of the September 2018 Board decision
phase will allow all members of the SWIFT community to make the switch
SWIFT will work closely with the community to formulate and refine market practice guidelines In tandem with the Payments Market Practice Group (PMPG) we have created the Cross-Border Payments and Reporting Plus (CBPR+) working group to develop global usage guidelines We will invite our community to review and give feedback on these guidelines as they mature
We will also provide a central translation service to ensure successful community migration and to facilitate the co-existence phase This service will also implement the rules formulated by CBPR+ and all users will be automatically enrolled
As result of the session participants gained a broader appreciation of the industryrsquos journey towards ISO 20022 adoption how global groups like HVPS+ are working together to create global industry standards and common principals
Work session summaries
Optimise your back-office functions with SWIFTRef the must-have global reference data utility
In this session we explained the new files including Standing Settlement Instructions (SSI) National ID History and National ID Format Account Number Format and the gpi directory We also presented the recent Entity Plus product and a revamp of our Bankers World Online tool (live on 15 December) and gave you some insight into our planned future developments of APIs
Finally we discussed the impact of the BIC migration to the new version of the ISO 9362 standard on SWIFTRef From March 2019 it will no longer be possible to derive the connectivity of an organisation from the 8th character in the BIC nor the time-zone from the 7th character This information is now reflected in dedicated data elements in the SWIFTRef portfolio As a consequence all
current BIC Directory customers need to migrate to the BIC Plus or BIC Directory 2018
More information on the SWIFTRef portfolio can be found at wwwswiftcomswiftref
1111
Work session summaries
Innovation
DLT e-Voting solution ndash A proof of concept with SWIFT and Slib
In this session SWIFT shared its vision on the role it can play related to DLT technology when the technology matures and strong use cases emerge SWIFT can become the market place for DLT-based services that are provided by third parties and deployed on the SWIFT network This can be achieved by leveraging existing infrastructure and services The eVoting proof of concept fits into this vision Slib acting as provider of a DLT-based service has developed an application for distributing shareholder meeting notifications and collecting votes from shareholders SWIFT has provided the DLT sandbox on which this application has been deployed
Evolution of SWIFTrsquos cloud platform
SWIFT AI ndash How to get structure out of your unstructured data
10 years ago SWIFT launched its first cloud platform lsquoAlliance Litersquo Since then the trend to outsource has scaled up significantly and SWIFT has continued to evolve its offering Today SWIFTrsquos cloud solutions (Alliance Lite2 Alliance Remote Gateway and Alliance Lifeline) are highly successful and serve more than 2300 customers In recent years constant change has become the new norm in the financial industry It is therefore important that our cloud solution provide our customers the agility they need to prepare for the future In that perspective SWIFT is developing a brand new cloud platform It is based on state-of-the-art technology offering 24x7 availability built-in resilience highest
This session presented a new SWIFT RampD solution based on artificial intellgence (AI) that can be used in order to get structure out of unstructured data
The goal of this AI research is to bring transparency to data by transforming legacy data into ISO 20022 format The solution can be used as a SWIFTNet API or as an onsite solution It is currently trained in SWIFT premises and is used in order to clean data such as the SWIFTRef data The conversion rate is currently of 95 but as it is a Machine Learning model it learns as it goes and the precision is improving every day
security and larger throughput Another key ingredient is the integration capability not only with the customerrsquos back-office application but also with SWIFTrsquos local archive solution lsquoAlliance Warehousersquo or SWIFT services such as gpi and transaction screening The platform will also have flexible message processing abilities and is being developed with a continuous attention to the user experience The go-live of this new cloud platform is planned for 2020 In addition to an overview of the main values customers can expect from this new cloud solution the session also offered a sneak preview of the graphical user interface More to come in the course of 2019
1212
SWIFTrsquos API strategy SWIFT gpi ndash the new norm in cross-border payments
This session built on the White Paper ldquoAPIs Delivering a global platform for the financial services API economyrdquo (httpswwwswiftcomresourceswift-api) that SWIFT published just before SIBOS 2018 It positioned SWIFTrsquos overall strategy on APIs building on its year-long experience in standardisation leveraging its security and reliability paradigm to the API world Finally both the standardisation and the platform aspects were brought to life by walking through a number of use-cases (including PSD2) There was a lot of interest shown during and after the session by attendees who are already closely involved in API implementations as well as those who will be in the near future
This year at SOFE the SWIFT gpi sessions were scheduled every day and welcomed 100+ delegates and vendors over the three days The sessions covered the features of the existing services (gCCT gCOV and gSRP) the eco-system and future roadmap Throughout SOFE a large screen projected the rapid take-up of gpi more than 105 gpi banks are now live on gpi representing 410+ BICs and covering 140 currencies Gpi sent traffic has grown to over 12 million cross-border payments daily with more than 50 gpi to gpi As a result gpi messages flow across 800+ country corridors representing a value superior to $100 bn daily
Work session summaries
Cyber security and the Customer Security Programme
Cyber intelligence sharing
Cyber resilience
The SWIFT ISAC shares information that customers can use to better protect their environment
After having explained how the SWIFT Customer Security Intelligence team usually performs its forensic investigations we reinforced the necessity for customers to regularly consume the Indicators of Compromise (IOCs) published on the portal
Additional focus was put on automated sharing of IOCs via STIXTAXII which was made available since February 2018 Participants left with a clear understanding of different ways in which SWIFT shares cyber intelligence with the SWIFT Community and of importance of acting on IOCs published on SWIFT ISAC
The voting app and interactions with the audience captured some feedback confirming the growing interest in cyber intelligence exchange within the SWIFT Community
The session on cyber resiliency first set the scene by presenting the evolving cyber threat landscape Cyber-attacks are becoming more frequent and sophisticated The industry is trying to keep pace by implementing security frameworks and moving from a position of control to one of resilience The session discussed the difference between cyber security and cyber resilience whilst for cyber security the focus is set on protecting and surviving a cyber-attack cyber resilience is composed of a broader range of measures taken to bounce back (recover) from a cyber-incident in a timely manner
During the second part of the session the multi-layered security approach taken by SWIFT was discussed and illustrated with resiliency functionalities available at different levels in the SWIFT application stack Finally the different steps in the recovery process after indication of a compromise were covered highlighting the common mistakes financial institutions make
1313
Improving the security of paymentsHow the Shared Infrastructure Programme (SIP) can increase the effectiveness of your risk management
This session explored the changing face of cyber-fraud and explained how financial institutions themselves are the new targets for the attackers This represents a significant challenge requiring institutions to protect themselves against these ever-present and changing cyber-fraud risks The attack vectors were characterised as well as why the cyber attackers want you to know nothing see nothing and do nothing
SWIFTrsquos recently launched Payment Controls service helps financial institutions reduce their fraud and reputational risks and build trust This zero-footprint in-network solution offers the ability to protect against the risk of fraudulent payments via real-time monitoring alerting and payment blocking It offers flexible configurable correspondent banking focused models designed in association with the community The capabilities and benefits were illustrated via an interactive hands-on demonstration using the live service showing examples of rule configuration activation and alert management This was followed by a detailed and lively QampA sessionwwwswiftcompaymentcontrols
The session covered the further evolution of the Shared Infrastructure Programme (SIP) in 2019 listed the tangible risk mitigating results of SIP since beginning of last year and provided an overview of the most common hurdles Service Bureaux are struggling with to reach full compliance with SIP 2018
Compliance with the SIP security and operational requirements is not only needed after a one-time assessment but throughout the year It was therefore explained how SWIFT captures the required security configuration data to enable the monitoring of such a continued compliance The session was attended by a very good representation of the service bureau community in EMEA by service bureau customers and their counterparties and by regulators The diverse audience was a unique opportunity to engage in a dialogue and to capture suggestions for increasing the effectiveness of the programme
Understanding your counterpartyrsquos CSP attestation level
Security Controls 2019
By now all SWIFT customers should be checking what the attestation level of their counterparties is and integrating this compliance data into their risk management processes One take away of the session was a need to adapt the cybersecurity risk governance model to support the assessment of counterparty cybersecurity attestation data eg Identify the appropriate representatives from across the organisation for lsquograntingrsquo lsquorequestingrsquo attestation data
The second take way is that KYC-SA attestation data should be viewed as an additional dimension within the institutionrsquos existing counterparty risk management framework Finally the participants confirmed the interest from the community to integrate the KYC-SA attestation data in their risk management system It is currently available by exporting data and in the future it will be done thanks to a new set of API We also spent some time in the session discussing considerations in granting and requesting access to attestation data
As the threat landscape evolves so must the CSP Details of the changes brought by the Customer Security Control Framework (CSCF) 2019 version were shared with the audience leading to very interactive exchanges We took the opportunity in this session to remind customers about(i) their obligation as per the CSP Policy to comply with the mandatory
controls of the CSCF v2017 by the 31 December 2018(ii) about the next upcoming milestones for 2019 and onwards and (iii) about the possibility to leverage the new reporting functionalities in the
KYC-SA application to integrate counterpartiesrsquo self-attestation results in their own risk management potentially along with the financial and legal due diligence aspects already covered in the KYC Registry application
On the risk management integration topic we strongly advised the audience to attend the session lsquoUnderstanding your counterpartyrsquos CSP attestation levelrsquo Finally we provided the attendees with a vade mecum of tactical actions to undertake to mitigate cyber risks This yearrsquos session was complemented by the opportunity for hands-on demos of the KYC-SA application at the SWIFT Lab
Work session summaries
1414
Alliance portfolio ndash Whatrsquos new whatrsquos next
In the session we took a look at the various key trends observed in the market ndash cloud UX data APIs ISO 20022 and cyber security ndash and presented to the audience the Alliance Portfolio plans to embrace those new trends The session started with a presentation of the new cloud platform that SWIFT is building The new cloud platform provides a fully managed interface and connectivity to SWIFT with improved availability resiliency and scalability It also comes with a completely new user experience with amongst others a very intuitive graphical user interface
The same team of user experience experts at SWIFT helped to design the Alliance Warehouse the brand new solution from SWIFT for long-term message archive with powerful search and investigation capabilities which was also presented during the session Finally we covered a brief introduction to APIs ISO 20022 and cyber security and looked at their impact on the Alliance portfolio
Work session summaries
Operational Excellence
Alliance interfaces roadmap 2019-2020
Alliance Messaging Hub ndash the future in financial messaging
This yearrsquos session was a traditional roadmap session that looked at what has been released over the last 6 months and what is coming up in the next 2 years
With the community having gone through the heavy CSPrelease 72SR2018 migration in 2018 everybody is now looking at what to plan next Release 72 support ends end January 2020 and by that time the community must have updated the fill stack of SWIFTNet and Alliance products to release 73 or release 74
Release 73 was made available in September 2018 and introduces amongst others new ways to implement multi-factor authentication Release 74 planned for mid-2019 will provide additional security and other features will support IBM MQ 91 and a slightly updated OS baseline Release 75 will focus on features for the ISO 20022 migration and ESMIG All along we will provide for AccessEntry the standard updates in the annual release as well as on the two preceding releases During and after the sessions customers took the opportunities to ask questions and exchange views with the product manager This was key information to ensure that the portfolio evolves in line with customer needs
In this session a high-level introduction was provided around Alliance Messaging Hub (AMH) SWIFTrsquos messaging hub that offers functionality beyond classic SWIFTNet interfacing AMH offers an orchestration layer on top of its SWIFTNet messaging capabilities allowing for flexible integration into banksrsquo systems and into other networks The 247365 capable architecture offers top class resilience and serves as a solid foundation for real-time processing
The product is able to process and orchestrate messages under high load and respecting low latency requirements AMH for Hong Kong Faster Payments is a real-life testimony to AMHrsquos processing capabilities
where it runs as a messaging hub for key banks in the region AMH version 40 will be launched in March 2019 and will offer an even richer set of security and gpi related functionality The application will be further shielded and installation and deployment will become more standardized to further reduce the banksrsquo TCO
Further strengthening its real-time offering AMH v40 will offer flows into RT1 and TIPS leveraging SWIFTrsquos Instant channel for the EBA and the Eurosystem In the multi-network space AMH v40 will provide flows for Fedwire Funds and TCH CHIPS
Beyond v40 and in the same way as financial institutions are evolving we are continuously innovating AMH The core will become more modular embracing the trends of containerised systems and we will introduce more integration options such as more standardized yet flexible API support With ISO 20022 migration and ISO 20022-powered APIs coming up we believe AMH will offer the complete package for a bank to face the upcoming challenges in the financial messaging eco-system
1515
Operational challenges Find out how we can help you manage them better
mySWIFT ndash Enhance your gateway to support the most of data analytics
SWIFT continues to invest in the support portfolio Over the past two years we have consulted customers to ensure that it remains healthy and future proof The findings led SWIFT to focus on customer experience as the central theme of the portfolio refresh
In the session the rebranded Professional Services organisation was shared It is now set up to take customers on the full solution journey from design to deployment to maintenance The deep-dive into the updated Advanced Support and Care offering gave further insights into the newly modularised and clarified support deliverables
The overall value proposition of SWIFT Community Support the backbone of support given to all customers and then the Premium and Care options was underlined Customers will now better understand and choose the appropriate pro-active reactive preventive andor hands-on support option with Premium Plus being perhaps the most attractive option as the dedicated service manager especially adds significant value
The sessions were very well attended and although it requires no specific action from customers it is an important evolution to keep track of
Last year at SOFE SWIFT ran exploratory sessions on Support Tools This year we were pleased to show the result of this consultation with newly- and to be released applications on mySWIFTndash New ldquoKnowledge Centrerdquo (since Q4 2018) ndash an easy-to-use and
customisable portal covering all documentation resources (User Handbook Knowledge Base tips how-to videos SWIFTSmart)
ndash New ldquoNotification Centrerdquo (since Q4 2018) ndash a trusted notification tool for SWIFT Operational messages
ndash Coming ldquomyStatusrdquo (H1 2019) ndash a real-time snapshot providing the status of your connectivity components - VPNs SNLs LTs per location and per environment
During the second part of the session we shared our insights about data analytics and predictive capabilities performed on operational data showing how it could allow operators to focus on the most relevant issues while discarding the noise This interactive session ended by a digi-voting exercise where participants were asked through 4 use cases to provide their appetite on ldquohow pattern deviation algorithms could be useful to the communityrdquo We look forward to seeing you next year for more insights and results on the subject
Using Alliance Managed Operations to your strategic advantage
Market trends show a growing appetite for IT teams to (re-)focus on their core business Employees are becoming overburdened with staying on top of regulatory compliance and security challenges and at the same time remaining mindful of resourcing needs to manage the highly critical and sometimes complex SWIFT infrastructures
In this session we outlined and demonstrated how these aspects can be addressed through SWIFTrsquos managed service offering This service brings relevant expertise discipline and rigour into any organisation by becoming a natural extension of the existing team A highlight of the session was the near real-time monitoring feature With this service SWIFT monitors Alliance Gateway and Alliance Access events and VPN lines which can trigger corrective actions with minimal delay
The session clearly resonated with all participants and we look forward to meeting your future managed service needs
Work session summaries
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
1111
Work session summaries
Innovation
DLT e-Voting solution ndash A proof of concept with SWIFT and Slib
In this session SWIFT shared its vision on the role it can play related to DLT technology when the technology matures and strong use cases emerge SWIFT can become the market place for DLT-based services that are provided by third parties and deployed on the SWIFT network This can be achieved by leveraging existing infrastructure and services The eVoting proof of concept fits into this vision Slib acting as provider of a DLT-based service has developed an application for distributing shareholder meeting notifications and collecting votes from shareholders SWIFT has provided the DLT sandbox on which this application has been deployed
Evolution of SWIFTrsquos cloud platform
SWIFT AI ndash How to get structure out of your unstructured data
10 years ago SWIFT launched its first cloud platform lsquoAlliance Litersquo Since then the trend to outsource has scaled up significantly and SWIFT has continued to evolve its offering Today SWIFTrsquos cloud solutions (Alliance Lite2 Alliance Remote Gateway and Alliance Lifeline) are highly successful and serve more than 2300 customers In recent years constant change has become the new norm in the financial industry It is therefore important that our cloud solution provide our customers the agility they need to prepare for the future In that perspective SWIFT is developing a brand new cloud platform It is based on state-of-the-art technology offering 24x7 availability built-in resilience highest
This session presented a new SWIFT RampD solution based on artificial intellgence (AI) that can be used in order to get structure out of unstructured data
The goal of this AI research is to bring transparency to data by transforming legacy data into ISO 20022 format The solution can be used as a SWIFTNet API or as an onsite solution It is currently trained in SWIFT premises and is used in order to clean data such as the SWIFTRef data The conversion rate is currently of 95 but as it is a Machine Learning model it learns as it goes and the precision is improving every day
security and larger throughput Another key ingredient is the integration capability not only with the customerrsquos back-office application but also with SWIFTrsquos local archive solution lsquoAlliance Warehousersquo or SWIFT services such as gpi and transaction screening The platform will also have flexible message processing abilities and is being developed with a continuous attention to the user experience The go-live of this new cloud platform is planned for 2020 In addition to an overview of the main values customers can expect from this new cloud solution the session also offered a sneak preview of the graphical user interface More to come in the course of 2019
1212
SWIFTrsquos API strategy SWIFT gpi ndash the new norm in cross-border payments
This session built on the White Paper ldquoAPIs Delivering a global platform for the financial services API economyrdquo (httpswwwswiftcomresourceswift-api) that SWIFT published just before SIBOS 2018 It positioned SWIFTrsquos overall strategy on APIs building on its year-long experience in standardisation leveraging its security and reliability paradigm to the API world Finally both the standardisation and the platform aspects were brought to life by walking through a number of use-cases (including PSD2) There was a lot of interest shown during and after the session by attendees who are already closely involved in API implementations as well as those who will be in the near future
This year at SOFE the SWIFT gpi sessions were scheduled every day and welcomed 100+ delegates and vendors over the three days The sessions covered the features of the existing services (gCCT gCOV and gSRP) the eco-system and future roadmap Throughout SOFE a large screen projected the rapid take-up of gpi more than 105 gpi banks are now live on gpi representing 410+ BICs and covering 140 currencies Gpi sent traffic has grown to over 12 million cross-border payments daily with more than 50 gpi to gpi As a result gpi messages flow across 800+ country corridors representing a value superior to $100 bn daily
Work session summaries
Cyber security and the Customer Security Programme
Cyber intelligence sharing
Cyber resilience
The SWIFT ISAC shares information that customers can use to better protect their environment
After having explained how the SWIFT Customer Security Intelligence team usually performs its forensic investigations we reinforced the necessity for customers to regularly consume the Indicators of Compromise (IOCs) published on the portal
Additional focus was put on automated sharing of IOCs via STIXTAXII which was made available since February 2018 Participants left with a clear understanding of different ways in which SWIFT shares cyber intelligence with the SWIFT Community and of importance of acting on IOCs published on SWIFT ISAC
The voting app and interactions with the audience captured some feedback confirming the growing interest in cyber intelligence exchange within the SWIFT Community
The session on cyber resiliency first set the scene by presenting the evolving cyber threat landscape Cyber-attacks are becoming more frequent and sophisticated The industry is trying to keep pace by implementing security frameworks and moving from a position of control to one of resilience The session discussed the difference between cyber security and cyber resilience whilst for cyber security the focus is set on protecting and surviving a cyber-attack cyber resilience is composed of a broader range of measures taken to bounce back (recover) from a cyber-incident in a timely manner
During the second part of the session the multi-layered security approach taken by SWIFT was discussed and illustrated with resiliency functionalities available at different levels in the SWIFT application stack Finally the different steps in the recovery process after indication of a compromise were covered highlighting the common mistakes financial institutions make
1313
Improving the security of paymentsHow the Shared Infrastructure Programme (SIP) can increase the effectiveness of your risk management
This session explored the changing face of cyber-fraud and explained how financial institutions themselves are the new targets for the attackers This represents a significant challenge requiring institutions to protect themselves against these ever-present and changing cyber-fraud risks The attack vectors were characterised as well as why the cyber attackers want you to know nothing see nothing and do nothing
SWIFTrsquos recently launched Payment Controls service helps financial institutions reduce their fraud and reputational risks and build trust This zero-footprint in-network solution offers the ability to protect against the risk of fraudulent payments via real-time monitoring alerting and payment blocking It offers flexible configurable correspondent banking focused models designed in association with the community The capabilities and benefits were illustrated via an interactive hands-on demonstration using the live service showing examples of rule configuration activation and alert management This was followed by a detailed and lively QampA sessionwwwswiftcompaymentcontrols
The session covered the further evolution of the Shared Infrastructure Programme (SIP) in 2019 listed the tangible risk mitigating results of SIP since beginning of last year and provided an overview of the most common hurdles Service Bureaux are struggling with to reach full compliance with SIP 2018
Compliance with the SIP security and operational requirements is not only needed after a one-time assessment but throughout the year It was therefore explained how SWIFT captures the required security configuration data to enable the monitoring of such a continued compliance The session was attended by a very good representation of the service bureau community in EMEA by service bureau customers and their counterparties and by regulators The diverse audience was a unique opportunity to engage in a dialogue and to capture suggestions for increasing the effectiveness of the programme
Understanding your counterpartyrsquos CSP attestation level
Security Controls 2019
By now all SWIFT customers should be checking what the attestation level of their counterparties is and integrating this compliance data into their risk management processes One take away of the session was a need to adapt the cybersecurity risk governance model to support the assessment of counterparty cybersecurity attestation data eg Identify the appropriate representatives from across the organisation for lsquograntingrsquo lsquorequestingrsquo attestation data
The second take way is that KYC-SA attestation data should be viewed as an additional dimension within the institutionrsquos existing counterparty risk management framework Finally the participants confirmed the interest from the community to integrate the KYC-SA attestation data in their risk management system It is currently available by exporting data and in the future it will be done thanks to a new set of API We also spent some time in the session discussing considerations in granting and requesting access to attestation data
As the threat landscape evolves so must the CSP Details of the changes brought by the Customer Security Control Framework (CSCF) 2019 version were shared with the audience leading to very interactive exchanges We took the opportunity in this session to remind customers about(i) their obligation as per the CSP Policy to comply with the mandatory
controls of the CSCF v2017 by the 31 December 2018(ii) about the next upcoming milestones for 2019 and onwards and (iii) about the possibility to leverage the new reporting functionalities in the
KYC-SA application to integrate counterpartiesrsquo self-attestation results in their own risk management potentially along with the financial and legal due diligence aspects already covered in the KYC Registry application
On the risk management integration topic we strongly advised the audience to attend the session lsquoUnderstanding your counterpartyrsquos CSP attestation levelrsquo Finally we provided the attendees with a vade mecum of tactical actions to undertake to mitigate cyber risks This yearrsquos session was complemented by the opportunity for hands-on demos of the KYC-SA application at the SWIFT Lab
Work session summaries
1414
Alliance portfolio ndash Whatrsquos new whatrsquos next
In the session we took a look at the various key trends observed in the market ndash cloud UX data APIs ISO 20022 and cyber security ndash and presented to the audience the Alliance Portfolio plans to embrace those new trends The session started with a presentation of the new cloud platform that SWIFT is building The new cloud platform provides a fully managed interface and connectivity to SWIFT with improved availability resiliency and scalability It also comes with a completely new user experience with amongst others a very intuitive graphical user interface
The same team of user experience experts at SWIFT helped to design the Alliance Warehouse the brand new solution from SWIFT for long-term message archive with powerful search and investigation capabilities which was also presented during the session Finally we covered a brief introduction to APIs ISO 20022 and cyber security and looked at their impact on the Alliance portfolio
Work session summaries
Operational Excellence
Alliance interfaces roadmap 2019-2020
Alliance Messaging Hub ndash the future in financial messaging
This yearrsquos session was a traditional roadmap session that looked at what has been released over the last 6 months and what is coming up in the next 2 years
With the community having gone through the heavy CSPrelease 72SR2018 migration in 2018 everybody is now looking at what to plan next Release 72 support ends end January 2020 and by that time the community must have updated the fill stack of SWIFTNet and Alliance products to release 73 or release 74
Release 73 was made available in September 2018 and introduces amongst others new ways to implement multi-factor authentication Release 74 planned for mid-2019 will provide additional security and other features will support IBM MQ 91 and a slightly updated OS baseline Release 75 will focus on features for the ISO 20022 migration and ESMIG All along we will provide for AccessEntry the standard updates in the annual release as well as on the two preceding releases During and after the sessions customers took the opportunities to ask questions and exchange views with the product manager This was key information to ensure that the portfolio evolves in line with customer needs
In this session a high-level introduction was provided around Alliance Messaging Hub (AMH) SWIFTrsquos messaging hub that offers functionality beyond classic SWIFTNet interfacing AMH offers an orchestration layer on top of its SWIFTNet messaging capabilities allowing for flexible integration into banksrsquo systems and into other networks The 247365 capable architecture offers top class resilience and serves as a solid foundation for real-time processing
The product is able to process and orchestrate messages under high load and respecting low latency requirements AMH for Hong Kong Faster Payments is a real-life testimony to AMHrsquos processing capabilities
where it runs as a messaging hub for key banks in the region AMH version 40 will be launched in March 2019 and will offer an even richer set of security and gpi related functionality The application will be further shielded and installation and deployment will become more standardized to further reduce the banksrsquo TCO
Further strengthening its real-time offering AMH v40 will offer flows into RT1 and TIPS leveraging SWIFTrsquos Instant channel for the EBA and the Eurosystem In the multi-network space AMH v40 will provide flows for Fedwire Funds and TCH CHIPS
Beyond v40 and in the same way as financial institutions are evolving we are continuously innovating AMH The core will become more modular embracing the trends of containerised systems and we will introduce more integration options such as more standardized yet flexible API support With ISO 20022 migration and ISO 20022-powered APIs coming up we believe AMH will offer the complete package for a bank to face the upcoming challenges in the financial messaging eco-system
1515
Operational challenges Find out how we can help you manage them better
mySWIFT ndash Enhance your gateway to support the most of data analytics
SWIFT continues to invest in the support portfolio Over the past two years we have consulted customers to ensure that it remains healthy and future proof The findings led SWIFT to focus on customer experience as the central theme of the portfolio refresh
In the session the rebranded Professional Services organisation was shared It is now set up to take customers on the full solution journey from design to deployment to maintenance The deep-dive into the updated Advanced Support and Care offering gave further insights into the newly modularised and clarified support deliverables
The overall value proposition of SWIFT Community Support the backbone of support given to all customers and then the Premium and Care options was underlined Customers will now better understand and choose the appropriate pro-active reactive preventive andor hands-on support option with Premium Plus being perhaps the most attractive option as the dedicated service manager especially adds significant value
The sessions were very well attended and although it requires no specific action from customers it is an important evolution to keep track of
Last year at SOFE SWIFT ran exploratory sessions on Support Tools This year we were pleased to show the result of this consultation with newly- and to be released applications on mySWIFTndash New ldquoKnowledge Centrerdquo (since Q4 2018) ndash an easy-to-use and
customisable portal covering all documentation resources (User Handbook Knowledge Base tips how-to videos SWIFTSmart)
ndash New ldquoNotification Centrerdquo (since Q4 2018) ndash a trusted notification tool for SWIFT Operational messages
ndash Coming ldquomyStatusrdquo (H1 2019) ndash a real-time snapshot providing the status of your connectivity components - VPNs SNLs LTs per location and per environment
During the second part of the session we shared our insights about data analytics and predictive capabilities performed on operational data showing how it could allow operators to focus on the most relevant issues while discarding the noise This interactive session ended by a digi-voting exercise where participants were asked through 4 use cases to provide their appetite on ldquohow pattern deviation algorithms could be useful to the communityrdquo We look forward to seeing you next year for more insights and results on the subject
Using Alliance Managed Operations to your strategic advantage
Market trends show a growing appetite for IT teams to (re-)focus on their core business Employees are becoming overburdened with staying on top of regulatory compliance and security challenges and at the same time remaining mindful of resourcing needs to manage the highly critical and sometimes complex SWIFT infrastructures
In this session we outlined and demonstrated how these aspects can be addressed through SWIFTrsquos managed service offering This service brings relevant expertise discipline and rigour into any organisation by becoming a natural extension of the existing team A highlight of the session was the near real-time monitoring feature With this service SWIFT monitors Alliance Gateway and Alliance Access events and VPN lines which can trigger corrective actions with minimal delay
The session clearly resonated with all participants and we look forward to meeting your future managed service needs
Work session summaries
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
1212
SWIFTrsquos API strategy SWIFT gpi ndash the new norm in cross-border payments
This session built on the White Paper ldquoAPIs Delivering a global platform for the financial services API economyrdquo (httpswwwswiftcomresourceswift-api) that SWIFT published just before SIBOS 2018 It positioned SWIFTrsquos overall strategy on APIs building on its year-long experience in standardisation leveraging its security and reliability paradigm to the API world Finally both the standardisation and the platform aspects were brought to life by walking through a number of use-cases (including PSD2) There was a lot of interest shown during and after the session by attendees who are already closely involved in API implementations as well as those who will be in the near future
This year at SOFE the SWIFT gpi sessions were scheduled every day and welcomed 100+ delegates and vendors over the three days The sessions covered the features of the existing services (gCCT gCOV and gSRP) the eco-system and future roadmap Throughout SOFE a large screen projected the rapid take-up of gpi more than 105 gpi banks are now live on gpi representing 410+ BICs and covering 140 currencies Gpi sent traffic has grown to over 12 million cross-border payments daily with more than 50 gpi to gpi As a result gpi messages flow across 800+ country corridors representing a value superior to $100 bn daily
Work session summaries
Cyber security and the Customer Security Programme
Cyber intelligence sharing
Cyber resilience
The SWIFT ISAC shares information that customers can use to better protect their environment
After having explained how the SWIFT Customer Security Intelligence team usually performs its forensic investigations we reinforced the necessity for customers to regularly consume the Indicators of Compromise (IOCs) published on the portal
Additional focus was put on automated sharing of IOCs via STIXTAXII which was made available since February 2018 Participants left with a clear understanding of different ways in which SWIFT shares cyber intelligence with the SWIFT Community and of importance of acting on IOCs published on SWIFT ISAC
The voting app and interactions with the audience captured some feedback confirming the growing interest in cyber intelligence exchange within the SWIFT Community
The session on cyber resiliency first set the scene by presenting the evolving cyber threat landscape Cyber-attacks are becoming more frequent and sophisticated The industry is trying to keep pace by implementing security frameworks and moving from a position of control to one of resilience The session discussed the difference between cyber security and cyber resilience whilst for cyber security the focus is set on protecting and surviving a cyber-attack cyber resilience is composed of a broader range of measures taken to bounce back (recover) from a cyber-incident in a timely manner
During the second part of the session the multi-layered security approach taken by SWIFT was discussed and illustrated with resiliency functionalities available at different levels in the SWIFT application stack Finally the different steps in the recovery process after indication of a compromise were covered highlighting the common mistakes financial institutions make
1313
Improving the security of paymentsHow the Shared Infrastructure Programme (SIP) can increase the effectiveness of your risk management
This session explored the changing face of cyber-fraud and explained how financial institutions themselves are the new targets for the attackers This represents a significant challenge requiring institutions to protect themselves against these ever-present and changing cyber-fraud risks The attack vectors were characterised as well as why the cyber attackers want you to know nothing see nothing and do nothing
SWIFTrsquos recently launched Payment Controls service helps financial institutions reduce their fraud and reputational risks and build trust This zero-footprint in-network solution offers the ability to protect against the risk of fraudulent payments via real-time monitoring alerting and payment blocking It offers flexible configurable correspondent banking focused models designed in association with the community The capabilities and benefits were illustrated via an interactive hands-on demonstration using the live service showing examples of rule configuration activation and alert management This was followed by a detailed and lively QampA sessionwwwswiftcompaymentcontrols
The session covered the further evolution of the Shared Infrastructure Programme (SIP) in 2019 listed the tangible risk mitigating results of SIP since beginning of last year and provided an overview of the most common hurdles Service Bureaux are struggling with to reach full compliance with SIP 2018
Compliance with the SIP security and operational requirements is not only needed after a one-time assessment but throughout the year It was therefore explained how SWIFT captures the required security configuration data to enable the monitoring of such a continued compliance The session was attended by a very good representation of the service bureau community in EMEA by service bureau customers and their counterparties and by regulators The diverse audience was a unique opportunity to engage in a dialogue and to capture suggestions for increasing the effectiveness of the programme
Understanding your counterpartyrsquos CSP attestation level
Security Controls 2019
By now all SWIFT customers should be checking what the attestation level of their counterparties is and integrating this compliance data into their risk management processes One take away of the session was a need to adapt the cybersecurity risk governance model to support the assessment of counterparty cybersecurity attestation data eg Identify the appropriate representatives from across the organisation for lsquograntingrsquo lsquorequestingrsquo attestation data
The second take way is that KYC-SA attestation data should be viewed as an additional dimension within the institutionrsquos existing counterparty risk management framework Finally the participants confirmed the interest from the community to integrate the KYC-SA attestation data in their risk management system It is currently available by exporting data and in the future it will be done thanks to a new set of API We also spent some time in the session discussing considerations in granting and requesting access to attestation data
As the threat landscape evolves so must the CSP Details of the changes brought by the Customer Security Control Framework (CSCF) 2019 version were shared with the audience leading to very interactive exchanges We took the opportunity in this session to remind customers about(i) their obligation as per the CSP Policy to comply with the mandatory
controls of the CSCF v2017 by the 31 December 2018(ii) about the next upcoming milestones for 2019 and onwards and (iii) about the possibility to leverage the new reporting functionalities in the
KYC-SA application to integrate counterpartiesrsquo self-attestation results in their own risk management potentially along with the financial and legal due diligence aspects already covered in the KYC Registry application
On the risk management integration topic we strongly advised the audience to attend the session lsquoUnderstanding your counterpartyrsquos CSP attestation levelrsquo Finally we provided the attendees with a vade mecum of tactical actions to undertake to mitigate cyber risks This yearrsquos session was complemented by the opportunity for hands-on demos of the KYC-SA application at the SWIFT Lab
Work session summaries
1414
Alliance portfolio ndash Whatrsquos new whatrsquos next
In the session we took a look at the various key trends observed in the market ndash cloud UX data APIs ISO 20022 and cyber security ndash and presented to the audience the Alliance Portfolio plans to embrace those new trends The session started with a presentation of the new cloud platform that SWIFT is building The new cloud platform provides a fully managed interface and connectivity to SWIFT with improved availability resiliency and scalability It also comes with a completely new user experience with amongst others a very intuitive graphical user interface
The same team of user experience experts at SWIFT helped to design the Alliance Warehouse the brand new solution from SWIFT for long-term message archive with powerful search and investigation capabilities which was also presented during the session Finally we covered a brief introduction to APIs ISO 20022 and cyber security and looked at their impact on the Alliance portfolio
Work session summaries
Operational Excellence
Alliance interfaces roadmap 2019-2020
Alliance Messaging Hub ndash the future in financial messaging
This yearrsquos session was a traditional roadmap session that looked at what has been released over the last 6 months and what is coming up in the next 2 years
With the community having gone through the heavy CSPrelease 72SR2018 migration in 2018 everybody is now looking at what to plan next Release 72 support ends end January 2020 and by that time the community must have updated the fill stack of SWIFTNet and Alliance products to release 73 or release 74
Release 73 was made available in September 2018 and introduces amongst others new ways to implement multi-factor authentication Release 74 planned for mid-2019 will provide additional security and other features will support IBM MQ 91 and a slightly updated OS baseline Release 75 will focus on features for the ISO 20022 migration and ESMIG All along we will provide for AccessEntry the standard updates in the annual release as well as on the two preceding releases During and after the sessions customers took the opportunities to ask questions and exchange views with the product manager This was key information to ensure that the portfolio evolves in line with customer needs
In this session a high-level introduction was provided around Alliance Messaging Hub (AMH) SWIFTrsquos messaging hub that offers functionality beyond classic SWIFTNet interfacing AMH offers an orchestration layer on top of its SWIFTNet messaging capabilities allowing for flexible integration into banksrsquo systems and into other networks The 247365 capable architecture offers top class resilience and serves as a solid foundation for real-time processing
The product is able to process and orchestrate messages under high load and respecting low latency requirements AMH for Hong Kong Faster Payments is a real-life testimony to AMHrsquos processing capabilities
where it runs as a messaging hub for key banks in the region AMH version 40 will be launched in March 2019 and will offer an even richer set of security and gpi related functionality The application will be further shielded and installation and deployment will become more standardized to further reduce the banksrsquo TCO
Further strengthening its real-time offering AMH v40 will offer flows into RT1 and TIPS leveraging SWIFTrsquos Instant channel for the EBA and the Eurosystem In the multi-network space AMH v40 will provide flows for Fedwire Funds and TCH CHIPS
Beyond v40 and in the same way as financial institutions are evolving we are continuously innovating AMH The core will become more modular embracing the trends of containerised systems and we will introduce more integration options such as more standardized yet flexible API support With ISO 20022 migration and ISO 20022-powered APIs coming up we believe AMH will offer the complete package for a bank to face the upcoming challenges in the financial messaging eco-system
1515
Operational challenges Find out how we can help you manage them better
mySWIFT ndash Enhance your gateway to support the most of data analytics
SWIFT continues to invest in the support portfolio Over the past two years we have consulted customers to ensure that it remains healthy and future proof The findings led SWIFT to focus on customer experience as the central theme of the portfolio refresh
In the session the rebranded Professional Services organisation was shared It is now set up to take customers on the full solution journey from design to deployment to maintenance The deep-dive into the updated Advanced Support and Care offering gave further insights into the newly modularised and clarified support deliverables
The overall value proposition of SWIFT Community Support the backbone of support given to all customers and then the Premium and Care options was underlined Customers will now better understand and choose the appropriate pro-active reactive preventive andor hands-on support option with Premium Plus being perhaps the most attractive option as the dedicated service manager especially adds significant value
The sessions were very well attended and although it requires no specific action from customers it is an important evolution to keep track of
Last year at SOFE SWIFT ran exploratory sessions on Support Tools This year we were pleased to show the result of this consultation with newly- and to be released applications on mySWIFTndash New ldquoKnowledge Centrerdquo (since Q4 2018) ndash an easy-to-use and
customisable portal covering all documentation resources (User Handbook Knowledge Base tips how-to videos SWIFTSmart)
ndash New ldquoNotification Centrerdquo (since Q4 2018) ndash a trusted notification tool for SWIFT Operational messages
ndash Coming ldquomyStatusrdquo (H1 2019) ndash a real-time snapshot providing the status of your connectivity components - VPNs SNLs LTs per location and per environment
During the second part of the session we shared our insights about data analytics and predictive capabilities performed on operational data showing how it could allow operators to focus on the most relevant issues while discarding the noise This interactive session ended by a digi-voting exercise where participants were asked through 4 use cases to provide their appetite on ldquohow pattern deviation algorithms could be useful to the communityrdquo We look forward to seeing you next year for more insights and results on the subject
Using Alliance Managed Operations to your strategic advantage
Market trends show a growing appetite for IT teams to (re-)focus on their core business Employees are becoming overburdened with staying on top of regulatory compliance and security challenges and at the same time remaining mindful of resourcing needs to manage the highly critical and sometimes complex SWIFT infrastructures
In this session we outlined and demonstrated how these aspects can be addressed through SWIFTrsquos managed service offering This service brings relevant expertise discipline and rigour into any organisation by becoming a natural extension of the existing team A highlight of the session was the near real-time monitoring feature With this service SWIFT monitors Alliance Gateway and Alliance Access events and VPN lines which can trigger corrective actions with minimal delay
The session clearly resonated with all participants and we look forward to meeting your future managed service needs
Work session summaries
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
1313
Improving the security of paymentsHow the Shared Infrastructure Programme (SIP) can increase the effectiveness of your risk management
This session explored the changing face of cyber-fraud and explained how financial institutions themselves are the new targets for the attackers This represents a significant challenge requiring institutions to protect themselves against these ever-present and changing cyber-fraud risks The attack vectors were characterised as well as why the cyber attackers want you to know nothing see nothing and do nothing
SWIFTrsquos recently launched Payment Controls service helps financial institutions reduce their fraud and reputational risks and build trust This zero-footprint in-network solution offers the ability to protect against the risk of fraudulent payments via real-time monitoring alerting and payment blocking It offers flexible configurable correspondent banking focused models designed in association with the community The capabilities and benefits were illustrated via an interactive hands-on demonstration using the live service showing examples of rule configuration activation and alert management This was followed by a detailed and lively QampA sessionwwwswiftcompaymentcontrols
The session covered the further evolution of the Shared Infrastructure Programme (SIP) in 2019 listed the tangible risk mitigating results of SIP since beginning of last year and provided an overview of the most common hurdles Service Bureaux are struggling with to reach full compliance with SIP 2018
Compliance with the SIP security and operational requirements is not only needed after a one-time assessment but throughout the year It was therefore explained how SWIFT captures the required security configuration data to enable the monitoring of such a continued compliance The session was attended by a very good representation of the service bureau community in EMEA by service bureau customers and their counterparties and by regulators The diverse audience was a unique opportunity to engage in a dialogue and to capture suggestions for increasing the effectiveness of the programme
Understanding your counterpartyrsquos CSP attestation level
Security Controls 2019
By now all SWIFT customers should be checking what the attestation level of their counterparties is and integrating this compliance data into their risk management processes One take away of the session was a need to adapt the cybersecurity risk governance model to support the assessment of counterparty cybersecurity attestation data eg Identify the appropriate representatives from across the organisation for lsquograntingrsquo lsquorequestingrsquo attestation data
The second take way is that KYC-SA attestation data should be viewed as an additional dimension within the institutionrsquos existing counterparty risk management framework Finally the participants confirmed the interest from the community to integrate the KYC-SA attestation data in their risk management system It is currently available by exporting data and in the future it will be done thanks to a new set of API We also spent some time in the session discussing considerations in granting and requesting access to attestation data
As the threat landscape evolves so must the CSP Details of the changes brought by the Customer Security Control Framework (CSCF) 2019 version were shared with the audience leading to very interactive exchanges We took the opportunity in this session to remind customers about(i) their obligation as per the CSP Policy to comply with the mandatory
controls of the CSCF v2017 by the 31 December 2018(ii) about the next upcoming milestones for 2019 and onwards and (iii) about the possibility to leverage the new reporting functionalities in the
KYC-SA application to integrate counterpartiesrsquo self-attestation results in their own risk management potentially along with the financial and legal due diligence aspects already covered in the KYC Registry application
On the risk management integration topic we strongly advised the audience to attend the session lsquoUnderstanding your counterpartyrsquos CSP attestation levelrsquo Finally we provided the attendees with a vade mecum of tactical actions to undertake to mitigate cyber risks This yearrsquos session was complemented by the opportunity for hands-on demos of the KYC-SA application at the SWIFT Lab
Work session summaries
1414
Alliance portfolio ndash Whatrsquos new whatrsquos next
In the session we took a look at the various key trends observed in the market ndash cloud UX data APIs ISO 20022 and cyber security ndash and presented to the audience the Alliance Portfolio plans to embrace those new trends The session started with a presentation of the new cloud platform that SWIFT is building The new cloud platform provides a fully managed interface and connectivity to SWIFT with improved availability resiliency and scalability It also comes with a completely new user experience with amongst others a very intuitive graphical user interface
The same team of user experience experts at SWIFT helped to design the Alliance Warehouse the brand new solution from SWIFT for long-term message archive with powerful search and investigation capabilities which was also presented during the session Finally we covered a brief introduction to APIs ISO 20022 and cyber security and looked at their impact on the Alliance portfolio
Work session summaries
Operational Excellence
Alliance interfaces roadmap 2019-2020
Alliance Messaging Hub ndash the future in financial messaging
This yearrsquos session was a traditional roadmap session that looked at what has been released over the last 6 months and what is coming up in the next 2 years
With the community having gone through the heavy CSPrelease 72SR2018 migration in 2018 everybody is now looking at what to plan next Release 72 support ends end January 2020 and by that time the community must have updated the fill stack of SWIFTNet and Alliance products to release 73 or release 74
Release 73 was made available in September 2018 and introduces amongst others new ways to implement multi-factor authentication Release 74 planned for mid-2019 will provide additional security and other features will support IBM MQ 91 and a slightly updated OS baseline Release 75 will focus on features for the ISO 20022 migration and ESMIG All along we will provide for AccessEntry the standard updates in the annual release as well as on the two preceding releases During and after the sessions customers took the opportunities to ask questions and exchange views with the product manager This was key information to ensure that the portfolio evolves in line with customer needs
In this session a high-level introduction was provided around Alliance Messaging Hub (AMH) SWIFTrsquos messaging hub that offers functionality beyond classic SWIFTNet interfacing AMH offers an orchestration layer on top of its SWIFTNet messaging capabilities allowing for flexible integration into banksrsquo systems and into other networks The 247365 capable architecture offers top class resilience and serves as a solid foundation for real-time processing
The product is able to process and orchestrate messages under high load and respecting low latency requirements AMH for Hong Kong Faster Payments is a real-life testimony to AMHrsquos processing capabilities
where it runs as a messaging hub for key banks in the region AMH version 40 will be launched in March 2019 and will offer an even richer set of security and gpi related functionality The application will be further shielded and installation and deployment will become more standardized to further reduce the banksrsquo TCO
Further strengthening its real-time offering AMH v40 will offer flows into RT1 and TIPS leveraging SWIFTrsquos Instant channel for the EBA and the Eurosystem In the multi-network space AMH v40 will provide flows for Fedwire Funds and TCH CHIPS
Beyond v40 and in the same way as financial institutions are evolving we are continuously innovating AMH The core will become more modular embracing the trends of containerised systems and we will introduce more integration options such as more standardized yet flexible API support With ISO 20022 migration and ISO 20022-powered APIs coming up we believe AMH will offer the complete package for a bank to face the upcoming challenges in the financial messaging eco-system
1515
Operational challenges Find out how we can help you manage them better
mySWIFT ndash Enhance your gateway to support the most of data analytics
SWIFT continues to invest in the support portfolio Over the past two years we have consulted customers to ensure that it remains healthy and future proof The findings led SWIFT to focus on customer experience as the central theme of the portfolio refresh
In the session the rebranded Professional Services organisation was shared It is now set up to take customers on the full solution journey from design to deployment to maintenance The deep-dive into the updated Advanced Support and Care offering gave further insights into the newly modularised and clarified support deliverables
The overall value proposition of SWIFT Community Support the backbone of support given to all customers and then the Premium and Care options was underlined Customers will now better understand and choose the appropriate pro-active reactive preventive andor hands-on support option with Premium Plus being perhaps the most attractive option as the dedicated service manager especially adds significant value
The sessions were very well attended and although it requires no specific action from customers it is an important evolution to keep track of
Last year at SOFE SWIFT ran exploratory sessions on Support Tools This year we were pleased to show the result of this consultation with newly- and to be released applications on mySWIFTndash New ldquoKnowledge Centrerdquo (since Q4 2018) ndash an easy-to-use and
customisable portal covering all documentation resources (User Handbook Knowledge Base tips how-to videos SWIFTSmart)
ndash New ldquoNotification Centrerdquo (since Q4 2018) ndash a trusted notification tool for SWIFT Operational messages
ndash Coming ldquomyStatusrdquo (H1 2019) ndash a real-time snapshot providing the status of your connectivity components - VPNs SNLs LTs per location and per environment
During the second part of the session we shared our insights about data analytics and predictive capabilities performed on operational data showing how it could allow operators to focus on the most relevant issues while discarding the noise This interactive session ended by a digi-voting exercise where participants were asked through 4 use cases to provide their appetite on ldquohow pattern deviation algorithms could be useful to the communityrdquo We look forward to seeing you next year for more insights and results on the subject
Using Alliance Managed Operations to your strategic advantage
Market trends show a growing appetite for IT teams to (re-)focus on their core business Employees are becoming overburdened with staying on top of regulatory compliance and security challenges and at the same time remaining mindful of resourcing needs to manage the highly critical and sometimes complex SWIFT infrastructures
In this session we outlined and demonstrated how these aspects can be addressed through SWIFTrsquos managed service offering This service brings relevant expertise discipline and rigour into any organisation by becoming a natural extension of the existing team A highlight of the session was the near real-time monitoring feature With this service SWIFT monitors Alliance Gateway and Alliance Access events and VPN lines which can trigger corrective actions with minimal delay
The session clearly resonated with all participants and we look forward to meeting your future managed service needs
Work session summaries
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
1414
Alliance portfolio ndash Whatrsquos new whatrsquos next
In the session we took a look at the various key trends observed in the market ndash cloud UX data APIs ISO 20022 and cyber security ndash and presented to the audience the Alliance Portfolio plans to embrace those new trends The session started with a presentation of the new cloud platform that SWIFT is building The new cloud platform provides a fully managed interface and connectivity to SWIFT with improved availability resiliency and scalability It also comes with a completely new user experience with amongst others a very intuitive graphical user interface
The same team of user experience experts at SWIFT helped to design the Alliance Warehouse the brand new solution from SWIFT for long-term message archive with powerful search and investigation capabilities which was also presented during the session Finally we covered a brief introduction to APIs ISO 20022 and cyber security and looked at their impact on the Alliance portfolio
Work session summaries
Operational Excellence
Alliance interfaces roadmap 2019-2020
Alliance Messaging Hub ndash the future in financial messaging
This yearrsquos session was a traditional roadmap session that looked at what has been released over the last 6 months and what is coming up in the next 2 years
With the community having gone through the heavy CSPrelease 72SR2018 migration in 2018 everybody is now looking at what to plan next Release 72 support ends end January 2020 and by that time the community must have updated the fill stack of SWIFTNet and Alliance products to release 73 or release 74
Release 73 was made available in September 2018 and introduces amongst others new ways to implement multi-factor authentication Release 74 planned for mid-2019 will provide additional security and other features will support IBM MQ 91 and a slightly updated OS baseline Release 75 will focus on features for the ISO 20022 migration and ESMIG All along we will provide for AccessEntry the standard updates in the annual release as well as on the two preceding releases During and after the sessions customers took the opportunities to ask questions and exchange views with the product manager This was key information to ensure that the portfolio evolves in line with customer needs
In this session a high-level introduction was provided around Alliance Messaging Hub (AMH) SWIFTrsquos messaging hub that offers functionality beyond classic SWIFTNet interfacing AMH offers an orchestration layer on top of its SWIFTNet messaging capabilities allowing for flexible integration into banksrsquo systems and into other networks The 247365 capable architecture offers top class resilience and serves as a solid foundation for real-time processing
The product is able to process and orchestrate messages under high load and respecting low latency requirements AMH for Hong Kong Faster Payments is a real-life testimony to AMHrsquos processing capabilities
where it runs as a messaging hub for key banks in the region AMH version 40 will be launched in March 2019 and will offer an even richer set of security and gpi related functionality The application will be further shielded and installation and deployment will become more standardized to further reduce the banksrsquo TCO
Further strengthening its real-time offering AMH v40 will offer flows into RT1 and TIPS leveraging SWIFTrsquos Instant channel for the EBA and the Eurosystem In the multi-network space AMH v40 will provide flows for Fedwire Funds and TCH CHIPS
Beyond v40 and in the same way as financial institutions are evolving we are continuously innovating AMH The core will become more modular embracing the trends of containerised systems and we will introduce more integration options such as more standardized yet flexible API support With ISO 20022 migration and ISO 20022-powered APIs coming up we believe AMH will offer the complete package for a bank to face the upcoming challenges in the financial messaging eco-system
1515
Operational challenges Find out how we can help you manage them better
mySWIFT ndash Enhance your gateway to support the most of data analytics
SWIFT continues to invest in the support portfolio Over the past two years we have consulted customers to ensure that it remains healthy and future proof The findings led SWIFT to focus on customer experience as the central theme of the portfolio refresh
In the session the rebranded Professional Services organisation was shared It is now set up to take customers on the full solution journey from design to deployment to maintenance The deep-dive into the updated Advanced Support and Care offering gave further insights into the newly modularised and clarified support deliverables
The overall value proposition of SWIFT Community Support the backbone of support given to all customers and then the Premium and Care options was underlined Customers will now better understand and choose the appropriate pro-active reactive preventive andor hands-on support option with Premium Plus being perhaps the most attractive option as the dedicated service manager especially adds significant value
The sessions were very well attended and although it requires no specific action from customers it is an important evolution to keep track of
Last year at SOFE SWIFT ran exploratory sessions on Support Tools This year we were pleased to show the result of this consultation with newly- and to be released applications on mySWIFTndash New ldquoKnowledge Centrerdquo (since Q4 2018) ndash an easy-to-use and
customisable portal covering all documentation resources (User Handbook Knowledge Base tips how-to videos SWIFTSmart)
ndash New ldquoNotification Centrerdquo (since Q4 2018) ndash a trusted notification tool for SWIFT Operational messages
ndash Coming ldquomyStatusrdquo (H1 2019) ndash a real-time snapshot providing the status of your connectivity components - VPNs SNLs LTs per location and per environment
During the second part of the session we shared our insights about data analytics and predictive capabilities performed on operational data showing how it could allow operators to focus on the most relevant issues while discarding the noise This interactive session ended by a digi-voting exercise where participants were asked through 4 use cases to provide their appetite on ldquohow pattern deviation algorithms could be useful to the communityrdquo We look forward to seeing you next year for more insights and results on the subject
Using Alliance Managed Operations to your strategic advantage
Market trends show a growing appetite for IT teams to (re-)focus on their core business Employees are becoming overburdened with staying on top of regulatory compliance and security challenges and at the same time remaining mindful of resourcing needs to manage the highly critical and sometimes complex SWIFT infrastructures
In this session we outlined and demonstrated how these aspects can be addressed through SWIFTrsquos managed service offering This service brings relevant expertise discipline and rigour into any organisation by becoming a natural extension of the existing team A highlight of the session was the near real-time monitoring feature With this service SWIFT monitors Alliance Gateway and Alliance Access events and VPN lines which can trigger corrective actions with minimal delay
The session clearly resonated with all participants and we look forward to meeting your future managed service needs
Work session summaries
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
1515
Operational challenges Find out how we can help you manage them better
mySWIFT ndash Enhance your gateway to support the most of data analytics
SWIFT continues to invest in the support portfolio Over the past two years we have consulted customers to ensure that it remains healthy and future proof The findings led SWIFT to focus on customer experience as the central theme of the portfolio refresh
In the session the rebranded Professional Services organisation was shared It is now set up to take customers on the full solution journey from design to deployment to maintenance The deep-dive into the updated Advanced Support and Care offering gave further insights into the newly modularised and clarified support deliverables
The overall value proposition of SWIFT Community Support the backbone of support given to all customers and then the Premium and Care options was underlined Customers will now better understand and choose the appropriate pro-active reactive preventive andor hands-on support option with Premium Plus being perhaps the most attractive option as the dedicated service manager especially adds significant value
The sessions were very well attended and although it requires no specific action from customers it is an important evolution to keep track of
Last year at SOFE SWIFT ran exploratory sessions on Support Tools This year we were pleased to show the result of this consultation with newly- and to be released applications on mySWIFTndash New ldquoKnowledge Centrerdquo (since Q4 2018) ndash an easy-to-use and
customisable portal covering all documentation resources (User Handbook Knowledge Base tips how-to videos SWIFTSmart)
ndash New ldquoNotification Centrerdquo (since Q4 2018) ndash a trusted notification tool for SWIFT Operational messages
ndash Coming ldquomyStatusrdquo (H1 2019) ndash a real-time snapshot providing the status of your connectivity components - VPNs SNLs LTs per location and per environment
During the second part of the session we shared our insights about data analytics and predictive capabilities performed on operational data showing how it could allow operators to focus on the most relevant issues while discarding the noise This interactive session ended by a digi-voting exercise where participants were asked through 4 use cases to provide their appetite on ldquohow pattern deviation algorithms could be useful to the communityrdquo We look forward to seeing you next year for more insights and results on the subject
Using Alliance Managed Operations to your strategic advantage
Market trends show a growing appetite for IT teams to (re-)focus on their core business Employees are becoming overburdened with staying on top of regulatory compliance and security challenges and at the same time remaining mindful of resourcing needs to manage the highly critical and sometimes complex SWIFT infrastructures
In this session we outlined and demonstrated how these aspects can be addressed through SWIFTrsquos managed service offering This service brings relevant expertise discipline and rigour into any organisation by becoming a natural extension of the existing team A highlight of the session was the near real-time monitoring feature With this service SWIFT monitors Alliance Gateway and Alliance Access events and VPN lines which can trigger corrective actions with minimal delay
The session clearly resonated with all participants and we look forward to meeting your future managed service needs
Work session summaries
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
1616
The SWIFTLab has become a popular venue to experience the various components of SWIFTrsquos product and service portfolio This year the SWIFTLab was present at SOFE providing our customers with the opportunity to experience the range of SWIFT products at this yearly event
In addition to featuring demo pods at the SWIFTHub the SWIFTLab also hosted lunch sessions on Artificial Intelligence and DLT
SWIFTLab SWIFT
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
1717
Welcome cocktail
Networking is a key component of SOFE In addition to the networking time during the coffee breaks and lunches we also offer opportunities for delegates to spend time together in the evenings all whilst leaving room for spare time The welcome cocktail at the end of day 1 has become a fixture in the SOFE agenda and is sponsored by the exhibiting partners Our thanks go to the partners for their participation and support and to all delegates for making the most of this networking opportunity
Off-site dinner
This yearrsquos off-site dinner took place at Beurs van Berlage We hope that you enjoyed the evening and look forward to hosting another SOFE dinner at another great venue in Amsterdam in 2019
Networking activities
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
1818
For the SWIFT Operations Forum Europe in Amsterdam we were happy to provide financial support to WATCH Nederland a professional civil participation platform set up by Terre des Hommes to discover and fight teenage prostitution in the Netherlands
Through its hotline WATCH Nederland collects information from youth care professionals teachers and other civilians including victims or their family who do not want or dare to report to the police This information is researched both online by forensic ICT specialists and on the ground
by private investigators Additionally WATCH Nederland aims to identify child sexual exploiters and abusers including advertisements from exploiters trying to sell teenagers for sex and customers of teenage prostitution WATCH Nederland works closely together with the Dutch law enforcement agencies to free the victims of teenage prostitution and to stop the exploiters Freed victims undergo rehabilitation and reintegration treatment in co-operation with youth care institutions and are monitored regularly by WATCH Nederland to prevent revictimisation
CSR
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
1919
Our thanks go to each and every one of you for your active participation in this yearrsquos SWIFT Operations Forum Europe We hope that you all had an engaging thought-provoking productive informative and highly collaborative SOFE As always should you have any questions about or suggestions for next yearrsquos event please do not hesitate to contact your account manager or customer support We look forward to working with you in 2019
Thank you
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019
For more information about SWIFT visit wwwswiftcom
SWIFT copy 2019