|Headquarters||La Hulpe, Belgium|
|Yawar Shah |
Number of employees
|Part of a series on financial services|
The Society for Worldwide Interbank Financial Telecommunication (SWIFT) provides a network that enables financial institutions worldwide to send and receive information about financial transactions in a secure, standardized and reliable environment. SWIFT also sells software and services to financial institutions, much of it for use on the SWIFTNet network, and ISO 9362. Business Identifier Codes (BICs, previously Bank Identifier Codes) are popularly known as "SWIFT codes".
Financial institutions, otherwise known as banking institutions, are corporations that provide services as intermediaries of financial markets. Broadly speaking, there are three major types of financial institutions:
A financial transaction is an agreement, or communication, carried out between a buyer and a seller to exchange an asset for payment.
Computer software, or simply software, is a collection of data or computer instructions that tell the computer how to work. This is in contrast to physical hardware, from which the system is built and actually performs the work. In computer science and software engineering, computer software is all information processed by computer systems, programs and data. Computer software includes computer programs, libraries and related non-executable data, such as online documentation or digital media. Computer hardware and software require each other and neither can be realistically used on its own.
The majority of international interbank messages use the SWIFT network. As of 2015 [update] , SWIFT linked more than 11,000 financial institutions in more than 200 countries and territories, who were exchanging an average of over 32 million messages per day (compared to an average of 2.4 million daily messages in 1995). SWIFT transports financial messages in a highly secure way but does not hold accounts for its members and does not perform any form of clearing or settlement.
In banking and finance, clearing denotes all activities from the time a commitment is made for a transaction until it is settled. This process turns the promise of payment into the actual movement of money from one account to another. Clearing houses were formed to facilitate such transactions among banks.
Settlement of securities is a business process whereby securities or interests in securities are delivered, usually against payment of money, to fulfill contractual obligations, such as those arising under securities trades.
SWIFT does not facilitate funds transfer: rather, it sends payment orders, which must be settled by correspondent accounts that the institutions have with each other. Each financial institution, to exchange banking transactions, must have a banking relationship by either being a bank or affiliating itself with one (or more) so as to enjoy those particular business features.
Payment order, in international banking, is a directive to a bank from a bank account holder instructing the bank to make a payment or series of payments to a third party.
A correspondent account is an account established by a banking institution to receive deposits from, make payments on behalf of, or handle other financial transactions for another financial institution. Correspondent accounts are established through bilateral agreements between the two banks.
SWIFT is a cooperative society under Belgian law owned by its member financial institutions with offices around the world. SWIFT headquarters, designed by Ricardo Bofill Taller de Arquitectura are in La Hulpe, Belgium, near Brussels. The chairman of SWIFT is Yawar Shah,originally from Pakistan, and its CEO is Gottfried Leibbrandt, originally from the Netherlands. SWIFT hosts an annual conference, called Sibos, specifically aimed at the financial services industry. Starting from July 2019, the CEO will be Javier Pérez-Tasso.
Belgium, officially the Kingdom of Belgium, is a country in Western Europe. It is bordered by the Netherlands to the north, Germany to the east, Luxembourg to the southeast, France to the southwest, and the North Sea to the northwest. It covers an area of 30,688 square kilometres (11,849 sq mi) and has a population of more than 11.4 million. The capital and largest city is Brussels; other major cities are Antwerp, Ghent, Charleroi and Liège.
Ricardo Bofill Taller de Arquitectura (RBTA) is a Spanish architecture firm that was founded in 1963. It is headquartered in a re-purposed cement factory in Barcelona, referred to as ”La Fabrica”. El Taller consists of a diverse team of architects and urban planner, graphic designers and economists, from over 20 countries. To date, the firm has over 1000 projects in over 40 countries.
La Hulpe is a Walloon municipality located in the Belgian province of Walloon Brabant, 20 km south-east of the centre of Brussels, but only about 3 km from the edge of the Brussels-Capital Region. On January 1, 2007, La Hulpe had a total population of 7,309. The total area is 15.60 km², including 3 km² of the Sonian Forest; this gives a population density of 463 inhabitants per km².
SWIFT was founded in Brussels in 1973 under the leadership of its inaugural CEO, Carl Reuterskiöld (1973–1989), and was supported by 239 banks in fifteen countries. It started to establish common standards for financial transactions and a shared data processing system and worldwide communications network designed by Logica and developed by the Burroughs Corporation.Fundamental operating procedures, rules for liability, etc., were established in 1975 and the first message was sent in 1977. SWIFT's first United States operating center was inaugurated by Governor John N. Dalton of Virginia in 1979.
Brussels, officially the Brussels-Capital Region, is a region of Belgium comprising 19 municipalities, including the City of Brussels, which is the capital of Belgium. The Brussels-Capital Region is located in the central portion of the country and is a part of both the French Community of Belgium and the Flemish Community, but is separate from the Flemish Region and the Walloon Region. Brussels is the most densely populated and the richest region in Belgium in terms of GDP per capita. It covers 161 km2 (62 sq mi), a relatively small area compared to the two other regions, and has a population of 1.2 million. The metropolitan area of Brussels counts over 2.1 million people, which makes it the largest in Belgium. It is also part of a large conurbation extending towards Ghent, Antwerp, Leuven and Walloon Brabant, home to over 5 million people.
Carl Reuterskiöld was the founding CEO of the Belgium-based Society for Worldwide Interbank Financial Telecommunication (SWIFT), a position which he held for a decade from SWIFT's founding in 1973 until 1983.
Logica was a multinational IT and management consultancy company headquartered in Reading, United Kingdom. Founded in 1969, the company became a wholly owned subsidiary of CGI Group in 2012.
SWIFT has become the industry standard for syntax in financial messages. Messages formatted to SWIFT standards can be read by, and processed by, many well-known financial processing systems, whether or not the message traveled over the SWIFT network. SWIFT cooperates with international organizations for defining standards for message format and content. SWIFT is also Registration authority (RA) for the following ISO standards:
In linguistics, syntax is the set of rules, principles, and processes that govern the structure of sentences in a given language, usually including word order. The term syntax is also used to refer to the study of such principles and processes. The goal of many syntacticians is to discover the syntactic rules common to all languages.
Registration authorities exist for many standards organizations, such as ANNA, the Object Management Group, W3C, IEEE and others. In general, registration authorities all perform a similar function, in promoting the use of a particular standard through facilitating its use. This may be by applying the standard, where appropriate, or by verifying that a particular application satisfies the standard's tenants. Maintenance agencies, in contrast, may change an element in a standard based on set rules – such as the creation or change of a currency code when a currency is created or revalued. The Object Management Group has an additional concept of certified provider, which is deemed an entity permitted to perform some functions on behalf of the registration authority, under specific processes and procedures documented within the standard for such a role.
The International Organization for Standardization is an international standard-setting body composed of representatives from various national standards organizations.
In RFC 3615 urn:swift: was defined as Uniform Resource Names (URNs) for SWIFT FIN.
The SWIFT secure messaging network is run from three data centers, one in the United States, one in the Netherlands and one in Switzerland. These centers share information in near real-time. In case of a failure in one of the data centers, the other is able to handle the traffic of the complete network. SWIFT uses submarine communications cables to transmit its data.
SWIFT opened the fourth data center in Switzerland, which started operating in 2009.Since then, data from European SWIFT members are no longer mirrored to the U.S. data center. The distributed architecture partitions messaging into two messaging zones: European and Trans-Atlantic. European zone messages are stored in the Netherlands and in a part of the Switzerland operating center; Trans-Atlantic zone messages are stored in the United States and in a part of the Switzerland operating center that is segregated from the European zone messages. Countries outside of Europe were by default allocated to the Trans-Atlantic zone but could choose to have their messages stored in the European zone.
SWIFT moved to its current IP network infrastructure, known as SWIFTNet, from 2001 to 2005,providing a total replacement of the previous X.25 infrastructure. The process involved the development of new protocols that facilitate efficient messaging, using existing and new message standards. The adopted technology chosen to develop the protocols was XML, where it now provides a wrapper around all messages legacy or contemporary. The communication protocols can be broken down into:
SWIFT provides a centralized store-and-forward mechanism, with some transaction management. For bank A to send a message to bank B with a copy or authorization with institution C, it formats the message according to standard and securely sends it to SWIFT. SWIFT guarantees its secure and reliable delivery to B after the appropriate action by C. SWIFT guarantees are based primarily on high redundancy of hardware, software, and people.
During 2007 and 2008, the entire SWIFT Network migrated its infrastructure to a new protocol called SWIFTNet Phase 2. The main difference between Phase 2 and the former arrangement is that Phase 2 requires banks connecting to the network to use a Relationship Management Application (RMA) instead of the former bilateral key exchange (BKE) system. According to SWIFT's public information database on the subject, RMA software should eventually prove more secure and easier to keep up-to-date; however, converting to the RMA system meant that thousands of banks around the world had to update their international payments systems to comply with the new standards. RMA completely replaced BKE on 1 January 2009.
SWIFT means several things in the financial world:
Under 3 above, SWIFT provides turn-key solutions for members, consisting of linkage clients to facilitate connectivity to the SWIFT network and CBTs or "computer based terminals" which members use to manage the delivery and receipt of their messages. Some of the more well-known interfaces and CBTs provided to their members are:
There are four key areas that SWIFT services fall under in the financial marketplace: Securities, Treasury & Derivatives, Trade Services and Payments & Cash Management.
Treasury & Derivatives
Swift Ref, the global payment reference data utility, is SWIFT's unique reference data service. Swift Ref sources data direct from data originators, including central banks, code issuers and banks making it easy for issuers and originators to maintain data regularly and thoroughly. SWIFTRef constantly validates and cross-checks data across the different data sets.
SWIFT offers a secure person-to-person messaging service, SWIFTNet Mail, which went live on 16 May 2007.SWIFT clients can configure their existing email infrastructure to pass email messages through the highly secure and reliable SWIFTNet network instead of the open Internet. SWIFTNet Mail is intended for the secure transfer of sensitive business documents, such as invoices, contracts and signatories, and is designed to replace existing telex and courier services, as well as the transmission of security-sensitive data over the open Internet. Seven financial institutions, including HSBC, FirstRand Bank, Clearstream, DnB NOR, Nedbank, and Standard Bank of South Africa, as well as SWIFT piloted the service.
A series of articles published on 23 June 2006 in The New York Times , The Wall Street Journal , and the Los Angeles Times revealed a program, named the Terrorist Finance Tracking Program, which the US Treasury Department, Central Intelligence Agency (CIA), and other United States governmental agencies initiated after the 11 September attacks to gain access to the SWIFT transaction database.
After the publication of these articles, SWIFT quickly came under pressure for compromising the data privacy of its customers by allowing governments to gain access to sensitive personal information. In September 2006, the Belgian government declared that these SWIFT dealings with American governmental authorities were a breach of Belgian and European privacy laws.
In response, and to satisfy members' concerns about privacy, SWIFT began a process of improving its architecture by implementing a distributed architecture with a two-zone model for storing messages (see Operations centers).
Concurrently, the European Union negotiated an agreement with the United States government to permit the transfer of intra-EU SWIFT transaction information to the United States under certain circumstances. Because of concerns about its potential contents, the European Parliament adopted a position statement in September 2009, demanding to see the full text of the agreement and asking that it be fully compliant with EU privacy legislation, with oversight mechanisms emplaced to ensure that all data requests were handled appropriately.An interim agreement was signed without European Parliamentary approval by the European Council on 30 November 2009, the day before the Lisbon Treaty—which would have prohibited such an agreement from being signed under the terms of the Codecision procedure—formally came into effect. While the interim agreement was scheduled to come into effect on 1 January 2010, the text of the agreement was classified as "EU Restricted" until translations could be provided in all EU languages and published on 25 January 2010.
On 11 February 2010, the European Parliament decided to reject the interim agreement between the EU and the US by 378 to 196 votes.One week earlier, the parliament's civil liberties committee had already rejected the deal, citing legal reservations.
In March 2011, it was reported that two mechanisms of data protection had failed: EUROPOL released a report complaining that the USA's requests for information had been too vague (making it impossible to make judgments on validity)and that the guaranteed right for European citizens to know whether their information had been accessed by USA authorities had not been put into practice.
In January 2012, the advocacy group United Against Nuclear Iran (UANI) implemented a campaign calling on SWIFT to end all relations with Iran's banking system, including the Central Bank of Iran. UANI asserted that Iran's membership in SWIFT violated U.S. and EU financial sanctions against Iran as well as SWIFT's own corporate rules.
Consequently, in February 2012, the U.S. Senate Banking Committee unanimously approved sanctions against SWIFT aimed at pressuring the Belgian financial telecommunications network to terminate its ties with blacklisted Iranian banks. Expelling Iranian banks from SWIFT would potentially deny Iran access to billions of dollars in revenue and spending using SWIFT but not from using IVTS. Mark Wallace, president of UANI, praised the Senate Banking Committee.
Initially SWIFT denied it was acting illegally,but now says "it is working with U.S. and European governments to address their concerns that its financial services are being used by Iran to avoid sanctions and conduct illicit business." Targeted banks would be—amongst others—Saderat Bank of Iran, Bank Mellat, Post Bank of Iran and Sepah Bank. On 17 March 2012, following agreement two days earlier between all 27 member states of the Council of the European Union and the Council's subsequent ruling, SWIFT disconnected all Iranian banks from its international network that had been identified as institutions in breach of current EU sanctions and warned that even more Iranian financial institutions could be disconnected from the network.
In February 2016, most Iranian banks reconnected to the network following lift of sanctions on Joint Comprehensive Plan of Action.
On 26 February 2012 the Danish newspaper Berlingske reported that US authorities have sufficient control over SWIFT to seize money being transferred between two European Union (EU) countries (Denmark and Germany), since they succeeded in seizing around US$26,000 that was being transferred from a Danish businessman to a German bank. The transaction was automatically routed through the US, possibly because of the USD currency used in the transaction, which is how the United States was able to seize the funds. The money was a payment for a batch of Cuban cigars previously imported to Germany by a German supplier. As justification for the seizure, the U.S. Treasury stated that the Danish businessman had violated the United States embargo against Cuba.
Der Spiegel reported in September 2013 that the National Security Agency (NSA) widely monitors banking transactions via SWIFT, as well as credit card transactions.The NSA intercepted and retained data from the SWIFT network used by thousands of banks to securely send transaction information. SWIFT was named as a "target", according to documents leaked by Edward Snowden. The documents revealed that the NSA spied on SWIFT using a variety of methods, including reading "SWIFT printer traffic from numerous banks". In April 2017, a group known as the Shadow Brokers released files allegedly from the NSA which indicate that the agency monitored financial transactions made through SWIFT.
As mentioned above SWIFT had disconnected all Iranian banks from its international network as a sanction against Iran. However, as of 2016 Iranian banks which are no longer on international sanctions lists were reconnected to SWIFT.Even though this enables movement of money from and to these Iranian banks, foreign banks remain wary of doing business with the country. Due to primary sanctions, transactions of U.S. banks with Iran or transactions in U.S. dollars with Iran both remain prohibited.
Similarly, in August 2014 the UK planned to press the EU to block Russian use of SWIFT as a sanction due to Russian military intervention in Ukraine.However, SWIFT refused to do so. In their official statement they said, "SWIFT regrets the pressure, as well as the surrounding media speculation, both of which risk undermining the systemic character of the services that SWIFT provides its customers around the world". SPFS, a Russia-based SWIFT equivalent, was created by the Central Bank of Russia as a backup measure.
In September 2018 the European Union foreign policy head, Federica Mogherini, proposed the development of a new "special purpose financial vehicle" intended to bypass SWIFT.[ citation needed ] The seven founding members of this new system are to be Iran, the European Commission, Germany, France, the UK, Russia and China – but not the United States.[ citation needed ]
The United States, having withdrawn from the JCPOA – better known as "the Iran Nuclear Deal" – has decreed severe sanctions against any nation trading with Iran. The new payments system is designed to remove certain banking transactions with Iran from the purview of U.S. authorities, and to escape U.S. sanctions against nations trading with Iran. The apparent goal is to encourage Iran to continue to adhere to the terms of the JCPOA, which forbids the testing, development and manufacture of nuclear weapons, even though no claims of breach have been made by any party of the JCPOA except the United States.
It could be used to evade other U.S. sanctions, such as those against the German-Russian pipeline project known as Nordstream 2.
SWIFT has also rejected calls to boycott Israeli banks from its network.
In 2016 an $81 million theft from the Bangladesh central bank via its account at the New York Federal Reserve Bank was traced to hacker penetration of SWIFT's Alliance Access software, according to a New York Times report. It was not the first such attempt, the society acknowledged, and the security of the transfer system was undergoing new examination accordingly.Soon after the reports of the theft from the Bangladesh central bank, a second, apparently related, attack was reported to have occurred on a commercial bank in Vietnam.
Both attacks involved malware written to both issue unauthorized SWIFT messages and to conceal that the messages had been sent. After the malware sent the SWIFT messages that stole the funds, it deleted the database record of the transfers then took further steps to prevent confirmation messages from revealing the theft. In the Bangladeshi case, the confirmation messages would have appeared on a paper report; the malware altered the paper reports when they were sent to the printer. In the second case, the bank used a PDF report; the malware altered the PDF viewer to hide the transfers.
In May 2016, Banco del Austro (BDA) in Ecuador sued Wells Fargo after Wells Fargo honored $12 million in fund transfer requests that had been placed by thieves.In this case, the thieves sent SWIFT messages that resembled recently canceled transfer requests from BDA, with slightly altered amounts; the reports do not detail how the thieves gained access to send the SWIFT messages. BDA asserts that Wells Fargo should have detected the suspicious SWIFT messages, which were placed outside of normal BDA working hours and were of an unusual size. Wells Fargo claims that BDA is responsible for the loss, as the thieves gained access to the legitimate SWIFT credentials of a BDA employee and sent fully authenticated SWIFT messages.
In the first half of 2016, an anonymous Ukrainian bank, with the episode being investigated by ISACA, and others—even "dozens" that are not being made public—were variously reported to have been "compromised" through the SWIFT network and to have lost money.
The International Bank Account Number (IBAN) is an internationally agreed system of identifying bank accounts across national borders to facilitate the communication and processing of cross border transactions with a reduced risk of transcription errors. It was originally adopted by the European Committee for Banking Standards (ECBS), and later as an international standard under ISO 13616:1997. The current standard is ISO 13616:2007, which indicates SWIFT as the formal registrar. Initially developed to facilitate payments within the European Union, it has been implemented by most European countries and numerous countries in the other parts of the world, mainly in the Middle East and in the Caribbean. As of February 2016, 69 countries were using the IBAN numbering system.
Money laundering is the process of concealing the origins of money obtained illegally by passing it through a complex sequence of banking transfers or commercial transactions.
ISO 9362 defines a standard format of Business Identifier Codes approved by the International Organization for Standardization (ISO). It is a unique identification code for both financial and non-financial institutions. The acronym SWIFT stands for the Society for Worldwide Interbank Financial Telecommunication. The ISO has designated SWIFT as the BIC registration authority. When assigned to a non-financial institution, the code may also be known as a Business Entity Identifier or BEI. These codes are used when transferring money between banks, particularly for international wire transfers, and also for the exchange of other messages between banks. The codes can sometimes be found on account statements.
Online banking, also known as internet banking, is an electronic payment system that enables customers of a bank or other financial institution to conduct a range of financial transactions through the financial institution's website. The online banking system will typically connect to or be part of the core banking system operated by a bank and is in contrast to branch banking which was the traditional way customers accessed banking services.
Wire transfer, bank transfer or credit transfer is a method of electronic funds transfer from one person or entity to another. A wire transfer can be made from one bank account to another bank account or through a transfer of cash at a cash office.
Bank Saderat Iran(BSI) is an Iranian multinational banking and financial services company headquartered in Tehran, Iran. It is Iran's largest bank. It was founded in Tehran in 1952 by the prominent Mofarrah and Bolurfrushan families, represented in the first board by Mohammad Ali Mofarrah and Mohammad Bolurfrushan and commenced operation on 13 November 1952 with a board of three directors and 20 employees.
ISO 20022 is an ISO standard for electronic data interchange between financial institutions. It describes a metadata repository containing descriptions of messages and business processes, and a maintenance process for the repository content. The standard covers financial information transferred between financial institutions that includes payment transactions, securities trading and settlement information, credit and debit card transactions and other financial information.
A Bank State Branch is the name used in Australia for a bank code, which is a branch identifier. The BSB is normally used in association with the account number system used by each financial institution. The structure of the BSB + account number does not permit for account numbers to be transferable between financial institutions. While similar in structure, the New Zealand and Australian systems are only used in domestic transactions and are incompatible with each other. For international transfers, a SWIFT code is used in addition to the BSB and account number.
Electronic funds transfer (EFT) are electronic transfer of money from one bank account to another, either within a single financial institution or across multiple institutions, via computer-based systems, without the direct intervention of bank staff.
Payment cards are part of a payment system issued by financial institutions, such as a bank, to a customer that enables its owner to access the funds in the customer's designated bank accounts, or through a credit account and make payments by electronic funds transfer and access automated teller machines (ATMs). Such cards are known by a variety of names including bank cards, ATM cards, MAC, client cards, key cards or cash cards.
The Single Euro Payments Area (SEPA) is a payment-integration initiative of the European Union for simplification of bank transfers denominated in euro. As of 2018, SEPA consists of the 28 member states of the European Union, as well as the four member states of the European Free Trade Association, and Andorra, Monaco, San Marino, and Vatican City.
The Terrorist Finance Tracking Program (TFTP) is a United States government program to access financial transactions on the international SWIFT network that was revealed by The New York Times, The Wall Street Journal and The Los Angeles Times in June 2006. It was part of the Bush administration's War on Terrorism. After the covert action was disclosed, the so-called SWIFT Agreement was negotiated between the United States and the European Union.
Bank Refah Kargaran, also known as Bank Refah, is one of Iran's major banks. Bank Refah, with its headquarters in Tehran, Iran, is a retail commercial bank owned and controlled by Social Security Organization of Iran. Bank Refah provides a full range of products and services to more than a million clients. Its SWIFT address is REFAIRTH.
SWIFT Message types are the format or schema used to send messages to financial institutions on the SWIFT network. The original message types were developed by SWIFT and retrospectively made into an ISO standard, ISO 15022. This was later supplemented by a XML based version under ISO 20022.
The first sanctions against Iran were those imposed by the United States in November 1979 after a group of radical students seized the American Embassy in Tehran and took hostage the people inside. The sanctions by Executive Order 12170 included freezing about $12 billion in Iranian assets, including bank deposits, gold and other properties, and a trade embargo. These sanctions were lifted as part of the Algiers Accords which was a negotiated settlement of the hostages’ release.
The Electronic Banking Internet Communication Standard (EBICS) is a German transmission protocol developed by the German Banking Industry Committee for sending payment information between banks over the internet. It grew out of the earlier BCS-FTAM protocol that was developed in 1995, with the aim of being able to use internet connections and TCP/IP. It is mandated for use by German banks and has also been adopted by France and Switzerland.
Structured Financial Messaging System (SFMS) is a secure messaging standard developed to serve as a platform for intra-bank and inter-bank applications. It is an Indian standard similar to SWIFT which is the international messaging system used for financial messaging globally.
EBA Clearing is a provider of pan-European payment infrastructure wholly owned by shareholders that consist of major European banks.
The Cross-Border Interbank Payment System (CIPS) is a payment system which, offers clearing and settlement services for its participants in cross-border RMB payments and trade. It is a significant financial market infrastructure in China. As planned, CIPS will be developed in two phases. On 8 October 2015, CIPS went live. The first batch of direct participants includes 19 Chinese and foreign banks which were set up in mainland China and 176 indirect participants which cover 6 continents and 47 countries and regions. On 25 March 2016, CIPS signed an MoU with SWIFT with mutual understanding of deploying SWIFT as a secure, efficient and reliable communication channel for CIPS's connection with SWIFT's members, which would provide a network that enables financial institutions worldwide to send and receive information about financial transactions in a secure, standardised and reliable environment. CIPS is sometimes referred to as the China Interbank Payment System.
In 2015 and 2016, a series of cyberattacks using the SWIFT banking network were reported, resulting in the successful theft of millions of dollars. The attacks were perpetrated by a hacker group known as APT 38 whose tactics, techniques and procedure overlap with the infamous Lazarus Group who are believed to be behind the Sony attacks. Experts agree that APT 38 was formed following the March 2013 sanctions and the first known operations connected to this group occurred in February 2014. If the attribution to North Korea is accurate, it would be the first known incident of a state actor using cyberattacks to steal funds.
For example, the Society for Worldwide Interbank Financial Telecommunication (SWIFT), which describes itself as “the global provider of secure financial messaging services,” uses undersea fiber-optic communications cables to transmit financial data between 208 countries