Swift looks ahead to address security and business challenges

Facing security challenges at its member banks and competition from other tech providers, the Society for Worldwide Interbank Financial Telecommunication [Swift] plans to put its best foot forward in 2017.

Swift is ready to move ahead with a worldwide rollout of its Global Payments Innovation Initiative, which it revealed in early 2016, taking the approach that when rules, procedures and standards are working as one it is as effective, or more so, than rushing into new upgrades.

The global financial messaging system network began testing the payments initiative in April of 2016, essentially providing a playbook (through a series of service level agreements) for the banks to better track cross-border payments.

"We are providing a major improvement to corresponding banking, improving the service banks offer to each other and their clients," said Harry Newman, head of banking for Swift.

Swift's major capabilities for transparency, real-time payments, cost disclosures and other information will be the network's main focus in the service level agreements for banks. Only banks that can fully support those SLAs can participate.

Moving into the new year, Swift has finished its pilot with 22 banks, and currently has 92 banks signed up for the GPII, which brings a cloud-based tracking service to those banks. With the initiative addressing transparency and speed for cross-border transactions, Swift does not have to wait on other faster payments projects to determine how it will operate within those parameters, Newman said.

"We had been working on Australia's real-time payments solution up to 2015, and we are already in discussions with many of these other initiatives," Newman said.

A key initiative has been unfolding in the U.S. the past three years, as the country is taking various steps toward faster payments, starting with a conversion to same-day Automated Clearing House payments, which began in September.

"We have to determine how we will integrate into these domestic systems and we feel there is a great deal of improvement we can make with international payments with the GPII already," Newman added.

In that regard, any faster payments initiative has to build in the ability to communicate and operate with Swift messaging standards, a major example being consideration in the U.S. and other countries to adopt the ISO 20022 standard for payments because of its ability to include vital information about cross-border business payments.

Australia built its New Payments Platform, or NPP, infrastructure with ISO 20022 as a key piece of that foundation.

"Everything is speeding up, but we are not convinced that everything will go to real-time, because that is tricky when you start going around the globe with different time zones," Newman said. "But there is no doubt the world is speeding up and it is time to address cross-border payments with a more modern approach."

Because the GPII is a cloud-based transaction tracker, it is being built with an application interface that banks could in turn offer to corporate clients as a mobile app in the future.

"I would envision it being used often through a range of service offerings to corporates and subsequently to retail clients," Newman said.

On another front, Swift hasn't avoided the intensity of cyber security threats. Even though Swift says its financial messaging system network has not been compromised, the hackers are increasingly infecting member bank systems with malware.

Swift began issuing daily validation reports in September to banks to help them spot any type of payments fraud.

Two weeks ago, Swift again sent an alert to member banks about ongoing cyber threats, saying these threats are "here to stay." Swift didn't disclose any new breaches, but the message has been the same — that fraudsters are continuing to attack vulnerable banks, then using Swift messaging to send bogus payments.

Better payments tracking, as will occur through GPII, could improve security, but the degree of that improvement would depend on banks providing information through the service level agreement, which is not fool-proof, said Nancy Atkinson, wholesale banking expert and senior analyst with Aite Group.

"Arguably, were Swift to convert to a blockchain infrastructure, with multiple reviewers having to agree on what is posted to the distributed ledger, that would provide greater security," Atkinson said. However, while Swift has a roadmap for blockchain technology, it "will not be a quick trip," Atkinson added.

It's also an area where Swift is facing some competition for the first time in its 40-plus years of operation. Crypto-currency provider Ripple has been pushing blockchain technology for banks, most recently through a bank-based payments steering group that would oversee Ripple transactions and establish standards for banks to follow, Atkinson said.

"Assuming that steering group addresses the need for a standardized approach and agreement to participate in Ripple, that would make Swift's advantage in that area null," Atkinson added.

While the security issues and movement toward a blockchain distributed ledger within Swift remain on the "to do" list, the network knows what it can improve right away through the GPII.

"One might think this is a pretty straightforward thing to do, but handling payments in over 200 countries that are all different is not a straightforward process," Newman said. "So the GPII represents a huge step forward."