BDO in Ukraine has successfully implemented the audit and security improvement project

The objective of the project was to ensure compliance with the new standards of SWIFT Customer Security Controls Framework (CSCF) 2024 version. The main goal is to enhance the protection of IT infrastructure, mitigate the risk of data leakage and ensure compliance with international requirements.


The client (a financial institution) was assigned the task of complying with the new SWIFT Customer Security Controls Framework (CSCF) security standards in the 2024 version.

The primary objective of the project was to enhance IT security, mitigate the risk of data breaches and ensure regulatory compliance. This objective was hindered by an outdated IT infrastructure and inefficient upgrade processes. In order to comply with the new standards, it was also imperative to adapt business processes according to the new standards’ requirements.

Project implementation stages:

As part of the project, the specialists of BDO in Ukraine conducted a detailed analysis of the client’s infrastructure. It was tested to ensure its alignment with the mandatory control points.

The project comprised the following stages:

1. Security audit, which identified security gaps, analysed the architecture of IT systems and evaluated access control processes.
2. Development of a roadmap, which incorporates a plan for implementing recommendations to address the identified shortcomings.
3. During the technical implementation stage, we updated the access control systems, implemented critical areas of the environment to improve security, and automated system updates.
4. Training sessions that equip the client’s team with the necessary skills to respond effectively to cyber incidents and raise awareness of security issues.
5. The final stage of the process involved conducting additional inspections to assess compliance and prepare the final report.

The client’s achievements subsequent to project completion 

• Staff training has had a significant impact on employee awareness and reduced the response times to threats.
• The project has enhanced the client’s credibility with partners, regulators and clients. 
• Architectural solutions ensured the system’s flexibility for future changes, while compliance with industry standards consolidated the company’s competitive advantage. 

The outcome of this initiative was the strengthening of the company’s IT security measures. Multi-level authentication and protection of privileged accounts have now been introduced. The automation of update processes has been shown to reduce the risk of vulnerabilities. In order to protect information, we have implemented data encryption both during transmission and at rest. 

The client has been made resilient to future cyber threats with the assistance of BDO in Ukraine 

• An integrated approach ensured maximum efficiency

The project has demonstrated that a comprehensive approach to risk assessment, implementation of technical solutions and staff training is a key factor in the successful implementation of security programmes. The IT infrastructure was comprehensively strengthened thanks to a holistic vision.

• Substantial improvement in cybersecurity

The implementation of best practices, including the creation of critical environment zones, multi-level authentication and automation of update processes, enabled the client to minimise the risk of vulnerabilities. The IT system is not only compliant with current security standards, but is also future proof, meaning it is ready for any changes in requirements.

• Save time and resources through automation

The automation of access control system updates and processes has led to a substantial reduction in the time spent on manual operations. This has enabled the company to improve its operational efficiency and reduce infrastructure management expenses.

• Employee trainings as a strategic asset

A key element of the project was the training of the client’s employees. Raising the team’s awareness of cybersecurity has had a number of positive outcomes. These include a reduction in human error risks and an improvement in their readiness to respond to potential threats.

• Building market trust

The project demonstrated the client’s high level of responsibility to financial market participants. This created greater levels of trust among partners, clients and regulators.

• Focus on the future

The project established a solid foundation for the subsequent enhancement of the client’s IT systems. In light of the anticipated changes to security requirements, architectural solutions ensure flexibility and scalability of the system.

• Reputation and competitiveness 

By adhering to the SWIFT CSCF 2024 security standards, the client has secured a distinct competitive edge within the market. This allows not only to protect the business, but also to provide more dependable services to their customers.

The implementation project was successful due to the coordinated work of the BDO in Ukraine team and its focus on modern security requirements. The client received a reliable solution that not only meets the current standards, but also ensures resilience to future challenges. This implementation was an example of effective IT infrastructure transformation and demonstrated the importance of integrating cybersecurity into strategic business planning.

Please contact BDO in Ukraine if you want to improve the cyber security of your business, adapt to new standards or optimise your IT processes. We will help you find reliable and effective solutions to ensure the stability and protection of your business.