Professional Documents
Culture Documents
Service Description: Alliance Access 7.1
Service Description: Alliance Access 7.1
Service Description
This service description provides information about the features and functions of Alliance Access and describes the roles
and responsibilities of SWIFT and the customer in relation to Alliance Access. This document is for Alliance Access
users, SWIFT partners, and service bureaux.
27 March 2015
Alliance Access 7.1
Table of Contents
.Preface .............................................................................................................................................................................4
2 Service Description
Table of Contents
14 Resilience ......................................................................................................................................................... 44
17 Ordering ............................................................................................................................................................ 49
18 Support .............................................................................................................................................................. 50
27 March 2015 3
Alliance Access 7.1
Preface
Purpose of this document
This service description provides information about the features and functions of Alliance
Access and describes the roles and responsibilities of SWIFT and the customer in relation to
Alliance Access.
It also provides information about the features and functions of the Standalone Access. To
activate and use the Standalone Access functionality, customers must license Alliance Access
7.1 for Standalone Access only.
Customers can find the latest available version of this document at www.swift.com > Support >
Documentation.
Note This service description, together with the SWIFT General Terms and Conditions
and other relevant SWIFT contractual documentation, is an integral part of the
contractual arrangements between SWIFT and its customers for the provision and
the use of Alliance Access.
Audience
This document is for the following audience:
Customers that require information about the features and the functions of Alliance Access.
Customers that require information about the roles and the responsibilities that relate to
Alliance Access.
SWIFT-defined terms
This document contains terms that have a specific meaning in the context of SWIFT
documentation (for example, customer, user, or SWIFT services and products).
These terms, which are either defined in this document or in the SWIFT Glossary, are identified
as shown in this example:
SWIFT provides secure, standardised messaging services and interface software to its
customers.
Significant changes
The following tables list all significant changes to the content of the Alliance Access Service
Description since the January 2014 edition. For more information, see the Alliance Access
Release Letter. These tables do not include editorial or structural changes that SWIFT makes to
improve the usability and comprehension of the document.
4 Service Description
Preface
Related documentation
Customers can also refer to the following documents in relation to the information in this service
description.
Connectivity Packs
27 March 2015 5
Alliance Access 7.1
6 Service Description
Overview of Alliance Access
File Transfer
MQ Workstation Browser
IPLA SOAP
Web Services Direct FileAct
ADK Web Platform
Message Management
and Routing
RMA
FIN
InterAct SWIFTNet D0540196
FileAct
Software components
The Alliance Access software comprises a number of different applications. Depending on the
licence options that the customer selects, the customer can perform the following tasks:
connect to SWIFTNet
27 March 2015 7
Alliance Access 7.1
2 System Requirements
2.1 Hardware
Basic configuration
Customers can implement Alliance Access in a client-server configuration. A minimal Alliance
Access configuration is an IBM AIX, Oracle Solaris, Red Hat Enterprise Linux, or Microsoft
Windows system that has a graphical user interface running on a Microsoft Windows system.
SWIFT can help potential Alliance Access customers to assess individual hardware
requirements.
The Alliance Access/Entry Release Letters, the System Configuration Recommendations and
Guidelines and the Connectivity Packs documents define, based on the anticipated throughput,
the memory and the Central Processing Unit (CPU) that systems require to run Alliance Access.
SWIFT recommends that customers implement a hardware backup system to protect data and
software.
Note Only Internet Explorer and Firefox web browsers are supported.
8 Service Description
System Requirements
Note Alliance Workstation is not available for Alliance Access on Red Hat Enterprise
Linux.
Alliance Workstation will be retired by end of March 2017.
a hosted database
In both configurations, customers are not allowed to directly access and manipulate the content
of the Alliance Access database.
Hosted database
The use of the hosted database model is subject to the activation of a licence option.
In this configuration, Alliance Access installs its database on an Oracle instance provided by the
customer.
27 March 2015 9
Alliance Access 7.1
FIN
Customers can use Alliance Access to exchange MT messages over the FIN service.
InterAct
Customers can use Alliance Access to exchange XML-based messages over an InterAct
service.
FileAct
Customers can use Alliance Access to exchange files over a FileAct service.
RMA
Customers can use Alliance Access to exchange authorisations with correspondents over the
RMA service.
10 Service Description
Message Formats
4 Message Formats
Introduction
File Transfer
MQ Workstation Browser
IPLA SOAP
Web Services Direct FileAct
ADK Web Platform
Messaging Alliance
Software Access MT XML File
Communications Alliance
Software Gateway Alliance Remote Gateway
Alliance Gateway
Network
Connection
SWIFTNet
D0540203
XML-based messages (such as, MXs, FpML, AnyXML) carried over InterAct
MT messages
Alliance Access processes, stores, and routes MT messages. SWIFT develops and deploys the
MT messages.
MT messages standards are loaded in Alliance Access through the Message Syntax table. A
Message Syntax Table contains the information that relates to a specific MT Standards
Release.
27 March 2015 11
Alliance Access 7.1
MX messages
Alliance Access processes, stores, and routes MXs, XML-based messages. SWIFT develops
and deploys the MX messages using the ISO 20022 methodology.
MX messages are used in the scope of SWIFT Solutions, such as Exceptions and
Investigations, Cash Reporting, and Funds. These solutions and the MX messages are loaded
in Alliance Access with Deployment Packages.
Deployment Packages downloaded from MyStandards can provide MX messages restricted to
the Business Usage Guidelines of the publisher of these packages. It is the responsibility of the
publisher to test these packages before making them available to the community.
FpML messages
Alliance Access supports the exchange of FpML messages used in the scope of the Derivatives
solution.
AnyXML messages
Alliance Access supports the exchange of any well-formed XML business messages to and
from SWIFTNet. To achieve such transfers, Alliance Access supports an exchange mechanism
AnyXML. AnyXML allows a back-office application to exchange XML message with Alliance
Access when no Deployment Packages are available in Alliance Access. Such messages
cannot be manually edited when residing in Alliance Access.
FileAct messages
Alliance Access supports the exchange of files over FileAct.
To generate a FileAct exchange, the following two elements are required:
Proprietary messages
Alliance Access supports exchange of messages in proprietary format in the context of
processing developed for the Integration Platform. Such messages cannot be manually edited
when residing in Alliance Access. For more information see 7.1 "Alliance Access Integration
Platform".
12 Service Description
Message Validation
5 Message Validation
MT messages
Alliance Access uses the following criteria to validate MT messages that the customer sends:
MX messages
Alliance Access uses the following criteria to validate MX messages that the customer sends or
receives:
if a Deployment Package is loaded, then keywords are extracted (no syntax check is done,
except for manual entry)
The Deployment Packages define how Alliance Access processes the MX messages. A
Deployment Package contains the information that relates to a specific MX Standards Release.
Alliance Access does not perform a syntax validation of MX messages based on the content of
the Deployment Package. Alliance Access only validates that the XML is well formed and refers
to a service with an associated Deployment Package loaded in Alliance Access.
The Deployment Package is also used by the Message Management GUI of Alliance Web
Platform SE to generate the expanded view of an MX message. On Alliance Web Platform SE,
the Deployment Package is required for the manual creation of MX messages. When creating
messages manually and with the Deployment Package installed, the syntax validation feature is
provided in the message entry GUI.
FpML messages
Alliance Access does not perform validation of FpML messages.
The FpML Deployment Package can be used to view the message and perform keyword
extraction when applicable. Alliance Access does not support the manual creation of FpML
messages.
AnyXML messages
Alliance Access does not perform validation of AnyXML messages. Alliance Access only
validates that the MX message is a well-formed XML document.
When a back-office application provides an MX message flagged as AnyXML, Alliance Access
does not attempt to locate an associated Deployment Package for the service referenced in the
MX message. Consequently, Alliance Access only validates that the MX message is a well-
formed XML document, and does not perform any routing keyword extraction. MX messages
received from SWIFTNet, with no corresponding Deployment Package in Alliance Access, are
also marked as AnyXML when stored in Alliance Access and transferred to back-office
applications.
FileAct messages
Alliance Access does not check the file content and does not perform validation of FileAct
messages. Consequently, Alliance Access does not validate FileAct header information related
to the file content.
27 March 2015 13
Alliance Access 7.1
Proprietary messages
Processing developed for the Integration Platform can support validation of source or target
messages in the context of message transformation.
Alliance Access allows the import of Business Usage Guidelines defined through Deployment
Packages downloaded from MyStandards. MT and MX messages created manually in Alliance
Access using such a Business Usage Guideline will also be validated against the following
restriction types of MyStandards:
reduce the multiplicity of a field (enforce less iterations of the same field)
Validation process
Alliance Access can validate messages for structure and content when messages arrive at
certain points in the application.
Alliance Access can validate a message at the following stages:
at the point at which the user manually creates a message or after text modification (including
validating the Business Usage Guidelines).
when Alliance Access receives a message from a back-office application, and before Alliance
Access sends a message to the message destination (depending on the validation level set
of the message partner handling the back-office messages).
when Alliance Access receives a message from a messaging service (for example, from
FIN).
14 Service Description
Message Management
6 Message Management
Overview
Alliance Access offers comprehensive message management functionality, such as manual
message creation, verification, authorisation, repair (modification) and consultation.
When applicable, customers can also consult, verify, authorise and modify messages created
by back-office applications. Back-office applications can send a message as read-only, meaning
that it cannot be modified in Alliance Access.
Messages received from SWIFT are consulted only (repair only deals with authentication
issues).
To create messages, customers can also use any third-party solution that conforms to the
SWIFT message standards and that can connect to Alliance Access over its host adapters or
through connectivity with a project running in the Integration Platform.
(1) Fields to be verified are defined through the Deployment Package, customers can also define additional fields.
Related information
For more information about the Message Management GUI package of Alliance Web Platform
SE, see "Desktop Access" on page 31.
Customers can use the Message Management package of Alliance Web Platform SE or the
Message Creation application of Alliance Workstation to create MT messages.
Customers must use the Message Management package of Alliance Web Platform SE to
create MX messages.
Customers can use the Message Management package of Alliance Web Platform SE to
create FileAct files and initiate real-time file download requests.
27 March 2015 15
Alliance Access 7.1
Note With the FileAct messaging service, customers can initiate real-time or store-
and-forward file emission and real-time file download.
Message templates
Customers can use message templates to create new MT and MX messages according to
requirements and business use. On-screen guidance for message creation is also available. MT
message templates are defined centrally in Alliance Access and are available to both Alliance
Workstation and Web Platform users. MX message templates are available only to Alliance
Web Platform SE users.
Verify messages
Customers can verify all MT and MX messages that contain business-critical information (for
example, Currency, Amount, or Value Date). Customers can either use the Message
Management package of Alliance Web Platform SE or the Message Approval application in
Alliance Workstation to verify manually created messages or messages that the customer has
received through a message partner. Customers must verify messages individually.
To ensure accuracy, a second operator usually verifies each SWIFT financial message before
transmission. This operator displays a message from the verification queue. The application
shows the important verifiable fields (usually Currency, Amount, and Value Date) without any
data. The second operator must re-enter this data. The application automatically compares the
new data with the original data. If there are any discrepancies, then the disputed field changes
to the error colour, and the application records an event in the Event Journal. The operator can
then try to re-verify that particular field.
Note Customers can bypass verification and authorisation processing for non-business-
critical messages.
Authorise messages
Customers can use Alliance Access to authorise manually created messages, or messages that
the customer has received through a message partner.
To authorise messages in Alliance Access, customers have different options:
For the authorisation of MT messages, customers can use either the Message Management
package of Alliance Web Platform SE or the Message Approval application in Alliance
Workstation.
For the authorisation of MX or FileAct messages, customers must use the Message
Management package on Alliance Web Platform SE.
Customers can either authorise individual messages or batches of messages.
16 Service Description
Message Management
Customers are responsible for building appropriate processes and usage practices around
verification and authorisation to ensure that all messages are sent as intended and that no
unintended messages (like duplicate messages without Possible Duplicate indicator) are sent to
the correspondent.
Repair messages
To repair messages manually in Alliance Access, customers have different options:
Customers can use the Message Management package of Alliance Web Platform SE or
Alliance Workstation to repair MT messages.
Customers must use the Message Management package of Alliance Web Platform SE to
repair MX messages.
Alliance Access automatically routes messages that require modification after initial message
creation, or that have failed verification or authorisation, to one of the message modification
queues for repair. Alliance Access also routes messages that the SWIFT network negatively
acknowledges (NAKs), to a message modification queue.
Alliance Access does not support the repair of FileAct messages.
Note Customers can also use a standalone Alliance Access system for manual message
creation and repair. For licence details, see section "Alliance Access Licence" on
page 51.
Re-activate messages
Customers can re-activate a message and direct it to a message queue. Customers can also re-
activate a completed message for further processing on the same or another exit point. Alliance
Access can reset the message status to live and can route the message to an exit point. For
more information about the life cycle of a message, see the Alliance Access Getting Started
Guide.
27 March 2015 17
Alliance Access 7.1
Message priority
Alliance Access provides an internal message priority feature, which allows users to assign/
change the priority of messages at or after message creation. Alliance Access will then ensure
that these messages are treated according to their current priority during their whole lifecycle in
Alliance Access.
Message information
Customers can retrieve information about a message from the Message File. The Message File
stores information that Alliance Access has received from the messaging service. Examples of
this information are the acknowledgements or negative acknowledgements that the customer
receives from SWIFT.
Duplicate detection
Alliance Access supports full duplicate detection. The full message payload (FIN text block,
InterAct payload, FileAct digest) is taken into account to detect a message as duplicate.
The detection occurs against all non-archived, live or completed messages present in the
Alliance Access database.
the requestor and responder Distinguished Names (DNs) and SWIFTNet Public Key
Infrastructure to authenticate MX messages and FileAct messages
18 Service Description
Message Management
Authorisation
Alliance Access uses the RMA data and the application service profiles (ASPs) to verify whether
messages and files are authorised to be exchanged with correspondents.
Note Customers can use the Message Management package of Alliance Web Platform
SE to consult MX, FileAct, and proprietary messages.
The content of file payload for FileAct messages is never displayed or printed.
Routing points
Alliance Access routes messages through a series of routing points. Each routing point links to
a message processing function that fetches, processes, and routes the queued messages at
this routing point. Alliance Access does not impose a fixed flow or any rigid routing requirements
at these routing points. However, there is a minimal set of internal rules to protect the integrity
and behaviour of Alliance Access.
Message queues
Alliance Access stores messages internally in queues. Each message queue has a set of
routing rules that determines the flow of messages from one queue to the next queue for
processing.
During message preparation, Alliance Access holds messages in queues according to the
message status. At all stages of processing, Alliance Access can generate message status
changes, return message changes to the sender, and copy messages.
27 March 2015 19
Alliance Access 7.1
User-defined queues
The Alliance Access administrator can define additional queues, the user-defined queues, used
solely for the purpose of routing messages based on their content. Alliance Access routing
allows to route messages from one user-defined queue to another user-defined queue.
Routing rules
Alliance Access uses routing rules to route messages between queues. Alliance Access assigns
routing rules to routing points, and can also associate these rules with routing schemas.
Customers can use Alliance Access to define message routing rules. Customers can specify
that Alliance Access routes messages to a queue and sends these messages to a
correspondent. Alliance Access accesses the Correspondent Information File to find the
network that the customer prefers. Customers can define routing rules to ensure that Alliance
Access directs messages in specific message formats to the appropriate network.
The Message Syntax Table and the deployment packages are used in Alliance Access to
perform the routing keyword extraction. A list of keywords are defined by default, such as
Reference, Currency, Amount and Value Date. Customers can also define additional routing
keywords for extraction of specific fields (full or partial) of a given message. The values of these
fields are used as message search criteria and for routing purposes.
Routing schemas
An Alliance Access routing schema groups a set of routing rules. When Alliance Access has
assigned the routing rules to a schema, the schema must be approved and then activated. To
process messages that arrive at a routing point, Alliance Access uses only those routing rules
that it has assigned to the active schema. Customers can use the pre-defined routing schema
or duplicate the schema and modify it to match specific processing requirements.
Note Operational Reporting is available only with the Message Management package.
Licensing
When ordering Alliance Access Operational Reporting, the customer must specify the total
number of production BICs that can be used for reporting. When licensing the option on the
system, the customer must choose the production BICs to report against, up to the maximum
allowed BICs by the licence.
20 Service Description
Message Management
Ready-to-use reports
Alliance Access Operational Reporting provides a set of ready-to-use reports, addressing
various operational reporting needs linked to message activity within the system. The reports
are grouped by categories based on their operational purpose. The environment is designed to
allow SWIFT to provide additional reports in the future.
Alliance Access Operational Reporting is available as a function of the Message Management
package of Web Platform, allowing the customer to browse through the various reports installed
on the system to select the report to execute. When executing a report, the system allows the
customer to provide a value for the various parameters supported by each report, as well as to
specify the report delivery options and the report output format. Each report has its own set of
parameters. Customers can generate the reports in PDF, CSV, browser, Microsoft Word, or
Microsoft Excel format.
The customer can either execute the report interactively, and wait for the output to be generated
and displayed on screen, or execute the report in background mode and display the report
output later (see "Report history").
The customer can also save the provided report parameters for future re-use (see "My reports").
Report history
For each report execution, Alliance Access logs the execution details and the associated report
output. The customer can access this execution log in the Message Management package of
Alliance Web Platform SE, looking at the details of each report execution and possibly
displaying again the report output without having to re-execute the report.
This list is dynamic per user of Alliance Access, showing only the report executions that can be
accessed by a given user.
My reports
The customer can save the parameter values used to generate a given report, under a user-
specified name.
The customer can execute a report directly using saved parameter values. This function
facilitates the periodic execution of reports. The customer can specify relative values instead of
absolute values for date-based parameters, to support periodic execution.
Alliance Access Operational Reporting also provides a command-line tool to set up automatic
generation of reports. When executed from the command-line tool, the customer must specify
the saved set of parameter values to use to generate the report output.
27 March 2015 21
Alliance Access 7.1
7 Application Integration
Introduction
Alliance Access offers different integration capabilities:
Web Services
Web Services is an industry standard technology and provide services allowing an external
application to query specific content in the Alliance Access database.
the customer
22 Service Description
Application Integration
File connector
Web services (acting as a server), deployed in IPLA based on either the SOAP or RESTful
protocol
IBM WebSphere MQ connector, which relies on the WebSphere MQ Java API (MQI)
Apache Camel JMS connector, which is used in combination with the WebSphere MQ JMS
API
JDBC connector, with which the customer can optionally use stored procedures. The
customer is responsible for providing and maintaining the database. SWIFT supports JDBC
connectivity and stored procedures with an Oracle database only.
Message standards
IPLA supports the following message standards:
MT message structure that can be found in SWIFT libraries, which are located in and used by
the mapping tool of IPLA.
MX messages (deployment packages available from SWIFT or schemas available from the
ISO 20022 web site)
Other XML message definitions can be used through the AnyXML format. The schemas must
be obtained from the respective defining organisations.
27 March 2015 23
Alliance Access 7.1
Transformation tools
IPLA includes a mapping tool to assist SWIFT Consulting Services in the development of
custom logic for transforming proprietary messages to SWIFT standard messages and vice
versa. IPLA includes utilities that SWIFT Consulting Services can use for transformation to and
from the structures needed for data exchanged with Alliance Access.
Single to single
A single message of one format is transformed to a single message of a different format.
A file containing multiple messages is processed without transforming any messages in the
file (that is, a pass-through flow).
Group to group
A group of messages, typically a file, is split into individual messages, each of which is
transformed to a different format. The transformed messages are subsequently grouped
again and sent for further processing.
24 Service Description
Application Integration
Singles to group
Individual messages are grouped according to a set of criteria. The resulting group of
messages is sent for further processing.
Group to singles
A group of messages is split into individual messages, each of which is transformed to a
different format. The resulting individual messages are sent for further processing.
27 March 2015 25
Alliance Access 7.1
IPLA uses of the Alliance Access database to store messages, operational data, and
configuration data. The content of this database is accessible only through the usage of the API
provided with IPLA.
The Alliance Access database includes a specific unstructured file that customers' applications
can use for storing or accessing run-time data. The database connection provided with IPLA
allows direct access to this data. The customer must not use this database connection for direct
access to any other table of Alliance Access. Customers are solely responsible for any
application code that uses this file. Customers are responsible for managing the content of this
file and for cleaning up data that is no longer required. Content of this file is present in the
database recovery backup, but not included in the backup/restore for configuration data. This
data file cannot be used for business data.
RMA-based services
The following RMA Web Services queries are available:
get the full data of a specific RMA authorisation, including references to the exchanged
queries and answers
get the approval on whether or not you are authorised to exchange a message or file with a
correspondent
26 Service Description
Application Integration
get a list with full details of the events based on a set of search criteria
Note Since Alliance Access for Linux does not support Alliance Workstation, Alliance
Access Developers Kit applications with an Alliance Workstation-based GUI are not
available for customers using the Linux platform for their Alliance Access.
27 March 2015 27
Alliance Access 7.1
File Transfer
MQ Workstation Browser
IPLA SOAP
Web Services Direct FileAct
ADK Web Platform
Message Management
and Routing
RMA
FIN
InterAct SWIFTNet
D0540198
FileAct
Note Alliance Workstation is not available for Alliance Access servers on Linux.
Integration features
Alliance Access uses its application interface to link to other applications, back-office systems,
printers, and customer's internal networks.
Customers can integrate proprietary, legacy, or third-party banking applications with Alliance
Access to facilitate automatic message creation, processing, transfer, routing, and delivery.
Customers can configure Alliance Access to perform these tasks regardless of the originating or
destination system, or regardless of the message format.
28 Service Description
Integration with Customer Business Applications
Host adapters
Alliance Access's integrated host adapters enable customers to transfer messages and files
between the Alliance Access system and a business application.
Alliance Access provides different types of host adapters, supporting different connection
methods, either in batch mode or interactive mode. In interactive mode, the host adapter
performs real-time message exchange without manual intervention.
The customer selects a host adapter type based on the business requirements to integrate
business applications with Alliance Access.
Message partners
The Alliance Access application interface host adapter manages message exchange with
external applications through entities called message partners.
A message partner provides Alliance Access with the following types of information about the
message exchange:
the connection point (for example, a directory for file transfer, a queue for MQ Host Adapter)
27 March 2015 29
Alliance Access 7.1
8.5 CREST
Overview
Alliance Access can also be used to handle CREST traffic, given the appropriate licensing.
For more details, see the CREST over SWIFTNet Service Description.
30 Service Description
Desktop Access
9 Desktop Access
Alliance Web Platform Server-Embedded (SE) and Alliance Workstation
Alliance Access supports two types of graphical user interface (GUI):
Important In this document, references to the GUI packages running on Alliance Web
Platform SE are often referred to as Alliance Web Platform SE.
Alliance Workstation
Alliance Workstation is a fat-client GUI application, requiring the installation of SWIFT
software on each desktop using Alliance Access. Alliance Workstation is in maintenance
mode and is no longer enhanced with additional functionality. Alliance Workstation is not
available as a desktop GUI for Alliance Access running on Linux.
27 March 2015 31
Alliance Access 7.1
File Transfer
MQ Workstation Browser
IPLA SOAP
Web Services Direct FileAct
ADK Web Platform
Message Management
and Routing
RMA
FIN
InterAct SWIFTNet
D0540197
FileAct
Functionality
Customers can use Alliance Web Platform SE and Alliance Workstation concurrently with the
same Alliance Access server, facilitating the migration of users from the Workstation to the Web
Platform environment.
All users defined on Alliance Access can use either Alliance Web Platform SE or Alliance
Workstation. The permissions assigned to a user of Alliance Access define the set of functions
that this user can perform through Alliance Web Platform SE or Alliance Workstation.
32 Service Description
Desktop Access
Evolution
As of release 7.0, Alliance Workstation is in maintenance mode. Some of the 7.0 features that
require GUI support are only accessible from the GUI packages of Alliance Web Platform SE.
27 March 2015 33
Alliance Access 7.1
Operator authentication
There are three possible authentication methods for operators:
local authentication
one-time password
One-time passwords
One-time passwords require two additional components:
Note Customers must acquire the necessary secure hardware tokens and the
authentication server.
Alliance Access implementation for one-time passwords includes the following functions for all
authentication servers that support the RADIUS protocol:
Alliance Access forwards the user name and the one-time password to the authentication
server for validation.
Alliance Access locks operator accounts after a pre-defined number of invalid one-time
password attempts.
SWIFT provides no support for the RADIUS challenge-response authentication feature.
34 Service Description
Operator Profile Management
For an LDAP-based authentication, the administrator associates the local definition of the
operator with an LDAP identifier.
To log in successfully, the operator must provide an Alliance Access operator name, and the
password of the associated LDAP identifier.
Alliance Access operator naming rules have been adapted to provide a local operator name that
can correspond to an LDAP account name (for example, john.smith@foo.com).
Types of operators
There are two types of operators: human operators and application-based operators.
The application-based operators can only be used by a Web Service application. That is, they
cannot log in from Alliance Web Platform SE or Alliance Workstation.
The application-based operator accounts have specific password management rules,
guaranteeing that an application based on this type of operator can always authenticate against
Alliance Access. That is, the password does not lock or does not expire.
The password management rules are as follows:
Data segregation
Alliance Access enables left security officers (LSO) and right security officers (RSO) to assign
profiles to operators. Operators can use only the Business Identifier Codes (BICs) that the
specified operator profiles allow. Alliance Access uses these operator profiles to segregate the
access to message data. The operator profiles govern access for individual Alliance Access
users to the entities that control message delivery. The use of operator profiles enables a
customer to ensure that the users can only access their own message data.
For more information about data segregation, see the Alliance Access System Management
Guide and the Alliance Access Security Guide.
27 March 2015 35
Alliance Access 7.1
11 Correspondent Management
Reference data available in the Correspondent Information File
Alliance Access stores information about correspondents from institutions in the Correspondent
Information File. This information includes country, network, currency , and preferred network
interface records.
Customers can define shorter names, known as aliases, for correspondents. These aliases
speed up the processing during message creation. Customers can store alias information in the
Correspondent Information File.
Alliance Access uses information from the Correspondent Information File for message routing,
to automate message processing and during message creation.
36 Service Description
Relationship Management Application
RMA Plus
A licence option called Relationship Management Application Plus extends the basic
Relationship Management Application functionality so that it has the capability to create
authorisations that have additional granularity. Customers can use RMA Plus to establish an
authorisation for a specified correspondent that also defines the type of messages for that
correspondent. RMA Plus can also create granular authorisations for multiple selected BICs that
customers have licensed as own destinations.
27 March 2015 37
Alliance Access 7.1
13 System Management
Logical terminals Monitor the status of the live and the Test and Training logical
terminals, and the number of messages that the logical terminals
send and receive
Message partners Monitor the status of sessions with message partners, which
includes the number of exchanged messages
Queues Monitor the system's queues and show how many messages these
queues currently hold
System resources Monitor the available disk space for the database, the current
server mode, the progress of archiving and backups
Processes Monitor the status of the Alliance Access processes that are in
progress
SWIFTNet profiles Monitor the status of the emission and reception profiles
IPLA Component Monitor the status of IPLA Component (an integration solution
developed with the compiled integration code), and the number of
Inflight Exchanges (messages)
IPLA Component Route Monitor the status of IPLA Component Routes (an integration flow
developed with the compiled integration code), the number of
Inflight Exchanges (messages), the number of Completed
messages, the number of Failed messages, and the Last
Processing Time
Event Journal
The Alliance Access Event Journal application logs all user actions, events, and alarms that
occur in the system. These actions are the result of either user actions or system operations.
The Event Journal provides an audit trail of all Alliance Access events. Customers can query
and search the Event Journal for audit information or specific events.
Customers can schedule automatic event archival and can archive events to any peripheral
device.
38 Service Description
System Management
Alarms
Customers can set many events to operate as alarms. This facility can reduce the workload for
users that must monitor certain business functions or the connectivity status.
Examples of events that can trigger an alarm are as follows:
Monitoring dashboard
Alliance Web Platform SE offers a monitoring dashboard that provides at-a-glance a colour
coded view of the status of one or multiple Alliance Access systems.
Operational
The operational mode is the normal, multi-user mode for Alliance Access operations. This
mode provides access to all Alliance Access functionality and is the default operating mode.
Housekeeping
The housekeeping mode is a maintenance mode in which only one user can log on to
Alliance Access at any one time. In this mode, Alliance Access freezes the message queues
and does not permit message transmission or receipt.
Customers can perform certain maintenance tasks in housekeeping mode. For more
information about these tasks, see the Alliance Access System Management Guide.
Calendar
Customers can configure multiple Alliance Access calendars. Customers can configure these
calendars to recognise weekends, national holidays, and peak days and to automate certain
operational functions. For more information about how to configure a calendar, see the Alliance
Access System Management Guide.
27 March 2015 39
Alliance Access 7.1
Message archival
Customers can use either manual mode or automated mode to archive completed messages.
SWIFT recommends that customers archive messages regularly.
For more information about how to archive messages, see the Alliance Access System
Management Guide.
Schedule
Examples of Alliance Access functions that customers can schedule and automate are as
follows:
database backup
archive backup
archive removal
Configuration management
Alliance Access provides two command-line tools to export and import the configuration of
Alliance Access.
The export tool only operates in operational mode and supports mostly all the configuration
entities of Alliance Access. The tool does not support the export of operational data like
messages, events, and calendar entries.
40 Service Description
System Management
archival, backup and restore of Alliance Access operational data (messages and events)
on-line database backup, available only with the Database Recovery licence option
Activation
Customers can activate the configuration data backup using either of the following options:
27 March 2015 41
Alliance Access 7.1
Customers can restore configuration data manually either from the Alliance Web Platform SE
and Alliance Workstation, or using a command-line tool.
Activation
The archival works by specifying the number of active days to keep in the database. All days of
messages and events beyond these active days are flagged as archived.
Customers can activate the operational data archival using either of the following options:
42 Service Description
System Management
Activation
Customers can activate the operational data backup using either of the following options:
Activation
Customers can activate the on-line database backup using either of the following options:
27 March 2015 43
Alliance Access 7.1
14 Resilience
Options available to customers
SWIFT recommends that customers configure the Alliance Access operational environment for
increased resilience.
The resilience options available to customers are as follows:
hosted database
These options are intended to protect software and data, and they minimise the downtime in the
event of a failure.
Automatic restart
If there is a failure of a system on which Alliance Access operates, then the automatic restart
option restarts Alliance Access automatically when the system recovers.
Automatic switchover
Customers can configure Alliance Access to switch automatically between a primary and three
secondary Alliance Gateway or Alliance Remote Gateway connections. This switchover can
occur if one of the connections between Alliance Access and the Alliance Gateway or the
Alliance Remote Gateway fails.
Manual switchover
If the active Alliance Access system fails, then the user can manually switch to a cold backup
system. The customer must install a backup system on which traffic has to be manually re-
started. There is no automatic takeover mechanism. If recovery from a cold backup is
necessary, then the user can restore the database from the live system to the backup system.
Database recovery
The customer can activate the database recovery licence option to increase the system
resiliency, covering the situation where a major incident results in the unavailability of the
primary Alliance Access database. Once activated and configured, customers can use database
recovery to resume operations on a backup Alliance Access system. When the mirror and
backup disks are fully available, this results in no data loss.
The recovery relies on the database backups and transactions archives that Alliance Access
automatically maintains. The customer invokes a database recovery command to restore the
database content on a backup Alliance Access system up to the exact state prior to the incident.
Two recovery models exist:
Full recovery
This model covers a local database loss. The full data from the mirror disk and backup disk is
available. The restored system is up to date, there is no loss of data.
Partial recovery
This model supports a remote disaster site recovery. Some data on the mirror/backup disk is
missing. This is usually due to asynchronous copy of these disks. In this case, recovery is
44 Service Description
Resilience
possible up to the last committed transaction. A repair service exists to ensure a consistent
recovery of the database.
Hosted database
The hosted database model is an installation option of Alliance Access supporting the
configuration of the Alliance Access database on an Oracle instance supplied and managed by
the customer. The Alliance Access software is installed on a dedicated server system, including
standard Oracle client software to handle the connectivity between the Alliance Access server
and the Oracle server. In this case, the maintenance and backup of the Oracle environment is
the sole responsibility of the customer.
27 March 2015 45
Alliance Access 7.1
Messaging
Software Alliance Access MQ Alliance Access
Standalone Access licence
Communications Alliance
Software Gateway Alliance Remote Gateway
Alliance Gateway
Network
Connection
FIN
InterAct SWIFTNet
FileAct
D0540200
Message flows
This configuration supports the local entry of messages. The messages are created and
managed locally on the Standalone Access and sent over the MQ link, through an MQHA
message partner.
For this entry function, the Standalone Access can receive network acknowledgement over this
MQ link and reconcile these acknowledgements with the original message.
The Standalone Access also supports the repair function, whereby when receiving a network
acknowledgement message (usually a negative one), it creates the associated message
(assuming to original message is provided with the network acknowledgment).
Standalone Access can also receive incoming SWIFT messages from the MQ link.
46 Service Description
Standalone Alliance Access
Functionality
The Standalone Access supports MT, MX and FileAct messages.
The activation of the Standalone Access licence disables the connection to SWIFTNet and
enables the reconciliation of network acknowledgements and messages entry and repair
functions.
The Standalone Access mandates the use of MQHA (and the XMLv2 format) to connect to the
other Alliance Access connected to SWIFTNet.
The Standalone Access does not support the management of RMA authorisations. These
authorisations must still be managed on the other Alliance Access system connected to
SWIFTNet. The Standalone Access supports the import of RMA authorisations and the optional
validation of created messages against these authorisations. The Standalone Access is not
intended for further integration with back-office systems and does not support the Integration
Platform licence option.
27 March 2015 47
Alliance Access 7.1
16 Third-Party Software
Third-party software embedded in Alliance Access and in Alliance Web Platform Server-
Embedded
Alliance Access and Alliance Web Platform SE include embedded third-party software, in whole
or in part, and no other use of the third-party software is allowed. For all commercial
components licence fees due to the third-party software providers are part of the Alliance
Access and Alliance Web Platform SE licence and maintenance fee. Details regarding
embedded third-party software are displayed during the installation, and can be found in the
Installation Notice provided as part of the software installer.
48 Service Description
Ordering
17 Ordering
Order SWIFT services and products
To use SWIFT services and products, a customer must subscribe to, or order, the relevant
services and products.
Related information
For information about SWIFT's online ordering facility and how to order, see www.swift.com/
ordering.
Export restrictions
Due to export control and other sanctions programmes, Alliance Access may not be supplied or
made available to certain customers. If you have any questions about your particular status
regarding the various sanctions programmes, then contact your local Customer Support Centre.
27 March 2015 49
Alliance Access 7.1
18 Support
Support for SWIFT customers
By default, SWIFT is the single point of contact to report all problems and queries that relate to
SWIFT services and products. Support is available to all SWIFT customers.
Individuals within a customer organisation must register to use the Support service.
The different services that SWIFT offers as part of the support packages and the procedure to
order support are described at www.swift.com > Support > Support services > Support offer
overview.
Related information
For more information about Support services, see the service description related to the
applicable support package.
50 Service Description
Roles and Responsibilities
A third-party application, using the Web Services, is authenticated against Alliance Access
An Alliance Access base licence automatically includes the entitlement to download from
www.swift.com: patch updates, Application Service Profiles, Standards Deployment Packages,
and the Alliance Bank File.
Test and Training destinations are free of charge and their traffic is not taken
into account for the band calculation.
The daily average traffic is calculated on a monthly basis, taking into account the
number of SWIFT working days in the month under consideration.
27 March 2015 51
Alliance Access 7.1
Alliance Workstation is also delivered with the Alliance Access software, except for the Linux
version.
The Alliance Access base licence includes the right for the customer to install and use Alliance
Workstation and Alliance Web Platform SE on as many systems as reasonably necessary to
support the number of licensed concurrent sessions. In case multiple production systems are
used, the sum of users connecting to the different production systems cannot exceed the
number of licensed concurrent sessions.
Customers can use all the graphical services provided by Alliance Web Platform SE.
Installation options
For each Alliance Access base licence, customers can choose any or all of the following
installation options:
Licence bands
The daily volume of live traffic sent and received determines the band of a SWIFT destination.
One FIN message (MT) or one InterAct message (MX) or one 10,000 characters chunk of a
FileAct message (file) is counted as one unit of traffic. For more information, customers can
contact their SWIFT Account Manager.
Band levels
52 Service Description
Roles and Responsibilities
Band upgrades
The Alliance Access base licence band is the highest of the bands of all the SWIFT
destinations of the Alliance Access base licence. As the traffic increases over time, the band
of a SWIFT destination requires an upgrade whenever the volume threshold of the next band
is exceeded. Consequently, the Alliance Access base licence requires an upgrade whenever
the highest of the SWIFT destination bands exceeds the Alliance Access base licence band.
Once per year, SWIFT recalculates the bands of the SWIFT destinations and the Alliance
Access base licences, based on the traffic volumes of the previous 12 months. The total
traffic volume sent and received during that period is divided by the number of working days
in the period.
Band downgrades
If the traffic sent and received on a SWIFT destination decreases below the level of the
current band, then the customer can order a band downgrade. The customer can also order
a band downgrade if the highest band of the SWIFT destinations belonging to the base
licence decreases.
Standalone Access
The use of Standalone Alliance Access is available as a licence option.
The licence option grants customers with the following installation options:
27 March 2015 53
Alliance Access 7.1
Note Standalone systems are counted as separate systems, independent from the base
Alliance Access systems.
Customers can order additional licence options specifically for Standalone Alliance Access. For
a complete list of available options, customers can contact their SWIFT Account Manager.
Delivery
SWIFT may supply Alliance Access in any form or any medium, including but not limited to DVD
or download through the Internet.
New releases
SWIFT makes new releases of Alliance Access available in accordance with the development of
other SWIFT services and products.
For the latest information about new releases, customers must consult the SWIFT Release
Timeline, the SWIFTNet and Alliance Release Policy, and related information at www.swift.com
> Products & Services > Release timeline.
use of services or products (including any software or custom code) that SWIFT has not
supplied for use in connection with Alliance Access Integration Platform
an act, fault, or omission of the customer or a third party for which SWIFT is not responsible
force majeure
54 Service Description
Roles and Responsibilities
Installation
The customer has the following options for the installation of Alliance Access:
request a third party (typically a SWIFT Certified Specialist) to perform the installation
If the customer does not have all necessary expertise or resources available internally, then
SWIFT strongly recommends that the customer requests either SWIFT or third party such as a
SWIFT Certified Specialist to perform the installation of Alliance Access. For more information
about the installation services offered by SWIFT or a SWIFT Certified Specialist, see the
Software Implementation Service Overview.
27 March 2015 55
Alliance Access 7.1
Intrusion testing
It is not permitted to perform intrusion testing on SWIFT services and systems. SWIFT has its
own intrusion testing programme (which is covered in a third-party assurance report).
56 Service Description
Contractual Framework
20 Contractual Framework
SWIFT General Terms and Conditions
Together with this service description, the SWIFT General Terms and Conditions govern the
provision and the use of Alliance Access.
For the latest available version of the SWIFT General Terms and Conditions, see
www.swift.com > About SWIFT > Legal > SWIFT contracts.
27 March 2015 57
Alliance Access 7.1
Legal Notices
Copyright
SWIFT 2015. All rights reserved.
Restricted Distribution
Do not distribute this publication outside your organisation unless your subscription or order expressly grants
you that right, in which case ensure you comply with any other applicable conditions.
Disclaimer
The information in this publication may change from time to time. You must always refer to the latest
available version.
Translations
The English version of SWIFT documentation is the only official and binding version.
Trademarks
SWIFT is the trade name of S.W.I.F.T. SCRL. The following are registered trademarks of SWIFT: the SWIFT
logo, SWIFT, SWIFTNet, Accord, Sibos, 3SKey, Innotribe, the Standards Forum logo, MyStandards, and
SWIFT Institute. Other product, service, or company names in this publication are trade names, trademarks,
or registered trademarks of their respective owners.
58 Service Description