How SWIFT actually moves money across borders
SWIFT does not transfer money. It transfers instructions. Understanding that distinction is the difference between policy debate and policy theatre.
Key fact
Member banks on SWIFT: ~11,000 across 200+ countries
Most coverage of cross-border payments treats SWIFT as if it were a money-moving network. It is not. SWIFT is a cooperative based in Belgium that runs a secure messaging system. When a bank in Singapore wants to credit a customer at a bank in Frankfurt, SWIFT carries the formatted instruction. The money itself moves through a separate chain of correspondent relationships and settlement systems.
Here is the mechanics. A retail customer initiates a wire. Their bank drafts a MT103 message — the standard customer-credit-transfer format — and signs it. SWIFT routes that message through its global network to the receiving bank. The two banks then settle the underlying claim either directly, if they hold accounts with each other, or through an intermediary correspondent, or via a central-bank-operated real-time gross-settlement system like Fedwire or TARGET2.
This layered architecture is why SWIFT removal is a slow-acting weapon rather than an immediate cutoff. A sanctioned bank can still settle with counterparties it has direct relationships with. It can use telex, fax, encrypted email, or a competing message network. What it cannot do is reach the broad universe of correspondent banks that expects SWIFT authentication. Compliance teams at large banks refuse to process unauthenticated payment instructions because the regulatory cost of an error is too high.
The 2022 sanctions against several Russian banks removed them from SWIFT. The effect was real but partial. Trade with Russia continued through bilateral channels, mostly using rubles, yuan, or a handful of neutral-currency intermediaries. Russian banks built workarounds with Indian, Turkish, and Chinese counterparts. The shock was disruptive, not terminal.
A more accurate frame for SWIFT removal is this: it raises the friction and cost of every transaction the target tries to execute. Friction compounds. Letters of credit take weeks instead of days. Trade financing rates climb. Customers prefer counterparties that have not been complicated. Over months, market share migrates away.
China has been working on a parallel network called CIPS. The volumes are growing but remain a fraction of SWIFT's. India's UPI has international linkages with Singapore and a few Gulf countries. mBridge, the BIS central-bank digital-currency pilot, is small but interesting. None of these are SWIFT replacements yet. They are pressure-release valves.
The geopolitical question is whether the proliferation of partial alternatives erodes the network premium SWIFT enjoys. So far it has not. The reason is simple: every bank that joins a parallel network still wants SWIFT access for the rest of its book. Two networks cost more than one. The dominant network wins by inertia until a critical mass of users defects, which has not happened.
It is also worth understanding the corporate ownership and governance structure. SWIFT is incorporated as a cooperative under Belgian law. Its members are banks, and its board reflects member-bank representation. Belgian regulators supervise the cooperative under EU financial regulation. That structure means SWIFT itself is not directly controlled by any single government, although member-state regulators have meaningful influence through their banking-supervision remit. The cooperative responds to EU-level sanctions decisions, which is why removal of Russian banks in 2022 happened through an EU Council decision rather than a unilateral US directive.
From a technical-security perspective, SWIFT's authentication protocols have evolved significantly since the network's founding in 1973. Modern messages use cryptographic signing tied to hardware security modules at each member bank. A high-profile 2016 attack on Bangladesh Bank exposed weaknesses in member-bank internal controls rather than in the network itself. Several similar attacks followed at smaller member institutions in subsequent years. SWIFT has responded by pushing mandatory security standards on its membership.
It is also worth keeping in mind that SWIFT's message format is now migrating from the older MT standard to a richer ISO 20022 format that carries structured data fields rather than free text. The migration is happening on a multi-year schedule and creates a secondary opportunity for compliance screening to become more automated, since structured fields are easier for sanctions-screening software to parse correctly than free-text descriptions.
What policy should learn from this is that financial chokepoints are real and useful but slower than headlines suggest. The first month of sanctions produces shouting; the third year produces structural change in the target country's settlement habits. By year five the original chokepoint is weaker. Designing sanctions policy without that time horizon in mind produces tools that succeed early and erode late.