Information about international settlements

Type of payment Currency Payment is sent to the beneficiary's or correspondent bank Transfer charges are shared Payment order to be transmitted to the bank*
Internet bank In the branch or phone bank
EUROPEAN PAYMENT
normal payment
EUR on the next settlement day 0,38€ 3,20€
urgent payment on the same settlement day - up to 10 000 € (incl.) - 7 €;
- over 10 000 €- 30 €
- up to 10 000 € (incl) - 9 €;
- over 10 000 € - 32 €
before 16:00
PAYMENTS WITHIN SWEDBANK GROUP EUR on the same settlement day 0,38€ 3,20€ before 17:30
SEK, USD 2€ 3,20€ before 16:00
NOK, DKK before 15:00
Latvia, Lithuania other currencies
Sweden, Finland, Denmark, Norway other currencies after next settlement day
 
NORMAL PAYMENT all currencies after next settlement day 5,45€ 9,45€
URGENT PAYMENT EUR, USD on the next settlement day 9,85€ 14,85€ before 15:00
other currencies before 14:00
EXPRESS PAYMENT EUR, USD on the same settlement day 34,85€ 39,85€ before 14:00

* Payments are transfered to the beneficiary's bank on a settlement day. A settlement day is a calendar day that is not a Saturday, Sunday, national or public holiday.
You will find the complete price list and conditions of international payments here.

Terms and conditions of European payments

  • The payment currency is EUR.
  • Payments can be made in any amount.
  • Fee for European payments made by private and business customers in our Internet Bank or through Swedbank Gateways is 0,38 EUR.
  • The correct IBAN of the beneficiary is indicated on the payment.
  • The service fee type is shared costs (SHA).
  • Ordinary payment will be received by beneficiary´s bank on the next business day. Urgent payment will be received by beneficiary´s bank on the same business day, if you forward your payment order to the bank until 4 pm.
  • The beneficiary's bank is located in a member state of the European Union and/or the European Economic Area (or Andorra, French Guyana, Gibraltar, Guadeloupe, Martinique, Reunion, Monaco, San Marino, Switzerland, Vatican City).
  • European payments enable you to send more than just the ordinary payment explanation to the beneficiary – you can also include the originator’s reference number and the identification code of either the originator or the beneficiary.

Member States of the European Union and the European Economic Area
Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Iceland, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden and the United Kingdom.

Other countries to which EU payments can be made
Andorra, French Guyana, Gibraltar, Guadeloupe, Martinique, Reunion, Monaco, San Marino, Switzerland and Vatican City.

Latvia Lithuania Sweden Denmark Norway Finland
EUR on the same settlement day if the payment order is submitted to the bank before 17.30 pm.
USD on the same settlement day if the payment order is submitted to the bank before 16.00 pm.
SEK on the same settlement day if the payment order is submitted to the bank before 16.00 pm.
NOK on the same settlement day if the payment order is submitted to the bank before 15.00 pm.
DKK on the same settlement day if the payment order is submitted to the bank before 15.00 pm.
Other currencies on the same settlement day if the payment order
is submitted to the bank before 15.00 pm.
day after next settlement day

Payments are transfered to the beneficiary's bank on a settlement day. A settlement day is a calendar day that is not a Saturday, Sunday, national or public holiday.

Restrictions in executing and performing international payments

Due to Financial Sanctions, Risk Appetite and policies adopted by Swedbank and terms and conditions of Swedbank's correspondent banks, Swedbank has the right not to execute international payments (incl. crediting of incoming payments) in any currencies related to the EU and U.S. comprehensively sanctioned countries/ regions:

  1. Iran;
  2. Syria;
  3. North Korea;
  4. Crimea, Sevastopol.

Swedbank may also hold the customer’s payment in order to investigate whether the international payment is not related to Financial Sanctions and is in line with Swedbank internal decisions and correspondent banks’ risk appetite to/from any country/region where embargoes, other restrictive measures are imposed or to/from other high-risk countries/ regions. The execution of stopped international payments may be delayed and customers may be asked to provide additional information about their transactions as a consequence of such investigation.

The list of countries/ regions inter alia includes (the provided list is not full as Financial Sanctions as well as internal decisions can be imposed/ revoked over the time):

  1. Cuba;
  2. Iraq;
  3. Myanmar (Burma);
  4. Libya
  5. Sudan and South Sudan
  6. Yemen;
  7. Somalia;
  8. Transnistria region;
  9. Lugansk/Donetsk.

In assessing if the international payment is related to above mentioned countries/ regions the Bank will check connections to international sanctions imposed and analyse additionally:

  • If the payment is related to a customer located or operating in one of above-mentioned countries. The relation could be direct (e.g. payment is received from the sender with the address in Crimea) or indirect (e.g. payment is received from other country (e.g. Turkey), but goods are sent to Syria);
  • If the payment is related to front companies, which helps to avoid direct connection to above-mentioned countries;
  • If information provided in payment details could be linked to above-mentioned countries (e.g. person name, vessel, name of city, harbour etc);
  • If the payment details lack substantial information to understand the payment purpose.

Additional observations

Swedbank would like to draw your attention to the fact that the term of executing international payments or when it already executed (incl crediting of incoming payments), may be extended or international payments may be blocked or frozen by other banks than Swedbank, which also participate in the execution of payment (correspondent banks, bank of beneficiary or sender). Swedbank will not compensate its clients for any damage resulting from the payment being frozen. Therefore, the Customers should always evaluate potential International Sanctions risks by themselves.

Useful links:

International Bank Account Number

IBAN always starts with the two-digit country code, which is followed by two check digits, a reference to the bank (local code of the bank) and the payee’s domestic account number.

Using IBAN reduces delays and errors in payments, because the bank that sends out the payment can check whether the international bank account number is correct before the payment leaves the bank.

To obtain your international bank account number, please use the IBAN calculator

Please note, if you or your company operates in the field of shipping or is connected to mentioned field, then according to international shipping area regulations it is mandatory to add following information to the field 'details of payment':

  • M/V: name of the ship;
  • IMO: international maritime organisation number;
  • FLAG: flag state;
  • OWNERSHIP: name of the owner;
  • REGISTRATION: number and the country.

Otherwise, payment might be delayed since the missing details will be inquired from the bank of payer. If the payment is not in accordance with international standards (including the U.S. legal acts) the payment might be frozen in the correspondent bank.

Swedbank would like to draw attention to the fact that both the EU and the U.S. imposed broad (comprehensive) International Sanctions related to Crimea and Sevastopol regions. These sanctions cover restrictions and prohibitions on imports, exports, investments and financing in relation to these regions.

Due to the current situation, internal decisions and the risk policies of the main correspondent banks, Swedbank will not, as a rule, perform international payments (both outgoing and incoming) to these regions or related to these regions (i.e. beneficiary address is indicated in Crimea) in any currencies.

Swedbank would like to draw its clients’ attention to the fact that all payments in US dollars to Gazprombank, VEB, VTB, the Russian Agricultural Bank, the Bank of Moscow and Sberbank, any of their subsidiaries and foreign branches are at high risk of being frozen due to the prohibition on financing the USA has established on these banks.

The risk is high because payments associated with concealed financing are difficult to detect, as a result of which unforeseen misinterpretation and different handling by other banks cannot be ruled out.

For ordinary clients (i.e. not financial institutions) the high risk is associated with payments whose recipient (not the recipient’s bank) is listed above or whose payment explanation refers to financing or is directly or indirectly connected to a particular individual (e.g. an owner or representative) associated with a named subject.

In addition to the banks listed above, USD payments to the Donetsk and Lugansk regions of Ukraine also face a heightened risk of being frozen, since both the USA and the European Union have imposed sanctions on ‘national structures’ and related individuals in these areas.

Swedbank hereby informs you that taking into account the international sanctions imposed as a result of the situation in Ukraine as well as the rules of correspondent banks and other partner banks all payments to and from Russia and Ukraine must contain a full address of the beneficiary if the funds are sent to Ukraine or Russia and a full address of the sender if the funds are sent from Ukraine or Russia. Full address shall mean the street, city names and the country information. If a full address is not provided as requested or the bank has a reason to believe that the address is not correct or has been intentionally altered then payment may not be executed. This decision has been made to protect the interests of clients and Swedbank in order to mitigate the risks related to the imposed international sanctions. Swedbank hereby informs you that according rules of correspondent banks and other partner banks all payments to Latvia, Russia and Ukraine must contain a full address of the beneficiary and beneficicary’s bank correspondentbank details. If details are not provided as requested then payment may not be executed. This decision has been made to protect the interests of clients and Swedbank in order to mitigate the risks related to the imposed international sanctions.

International Sanctions are restrictive non-military measures put in place in order to preserve the international peace and security, as well as respect for human rights. They are imposed by United Nations (UN), European Union (EU) or by individual countries (e.g. United States (U.S.)). International sanctions are imposed against entire states, as well as natural and legal persons, who violate the human rights, commit ethnical, territorial conflicts, support terrorism, violate other international norms and principles.

International Sanctions take various forms based on their purpose objective (e.g. to prevent armed conflict, counter terrorism). They can be individual (e.g. travel ban, asset freeze), target goods and services (e.g. arms embargoes or proliferation-related goods, dual-use goods), can be focused on core economic sectors (e.g. oil or financial sectors) or be comprehensive targeting entire country (e.g. North Korea).

Swedbank, as well as all other financial institutions, implements international Financial Sanctions. It has to be pointed out that depending on the countries where the financial institutions operate, the lists of sanctions which the financial institutions follow could slightly differ.

Financial Sanctions implemented by Swedbank:

  • UN. All UN member states are obliged to accept and carry out Resolutions passed by UN Security Council.
  • EU. These are implemented through EU Council Regulations and have direct effect in all member states.
  • Bank also implements relevant U.S. Financial Sanctions based on the Swedbank Group Financial Sanctions Policy. U.S. Financial Sanctions are imposed by U.S. President Executive Orders and implemented by the U.S. Department of the Treasury Office of Foreign Assets Control (OFAC).
    By following U.S. Financial Sanctions, the Bank is being able to keep and maintain relations with banks in U.S. jurisdiction and provides payments and other products/services in USD currency or related to U.S. persons to its customers.

Additionally, Swedbank considers correspondent bank requirements as well as its own risk appetite. Therefore, Swedbank will not engage in any actions that directly or indirectly circumvent the Financial Sanctions prohibitions, correspondent banks and internal decisions.

Below are provided major types of Financial Sanctions implemented within Swedbank:

  • Targeted asset freezes. Swedbank has an obligation to freeze funds of EU blocked person and not to allow making funds available to EU Blocked persons. In case of U.S. imposed sanctions Swedbank will reject transaction or will not provide any products/ services related to OFAC SDN List subjects.
  • Arms embargoes/ restrictions on dual-use goods and technology for military purposes (Defence sector). Swedbank is obliged not to participate in provision of financial assistance related to mentioned goods or related services.
  • Core economic sector sanctions (Financial, Energy sectors). Swedbank will not provide any financial services restricted (e.g. loans, credits, dealings in financial instruments) as well as will not participate in any transactions related to prohibited activities (e.g. restrictions on provision of goods/ services related to oil sector).

It is important to mention that the asset freeze and some sectoral restrictions are also applicable to entities that are owned or controlled, directly or indirectly, by designated persons. Although those entities may not be itself designated and included into sanctions lists the same Financial Sanctions are applicable for them and needed to be implemented by Swedbank.

EU imposed International Sanctions (including implemented UN sanctions) apply within the territory of EU and to all EU persons inside or outside the territory of EU. Thus, both financial institutions and their customers are legally responsible for complying with the EU sanctions and have the obligation to inform the competent authorities on the cases they know or suspect transactions with sanctioned entities.

Each Customer has to assess potential International Sanctions’ risks when involving themselves in business transactions. International Sanctions are generally widely publicised, and Customers, especially operating internationally, have to understand and take action regarding International Sanctions (not only Financial ones) that might be relevant for them. Therefore, Customers have to consider business activities, which could be exposed to International Sanctions and take appropriate risk mitigation steps.

The information provided above is not all-embracing, and Customers are advised to consult competent authorities or should seek independent legal advice in case of any questions related to implementation of International Sanctions.

Military goods cover military technology and equipment which might be used for internal repression or international aggression or contribute to regional instability.

Dual-use good are items, including software and technology, which can be used for both civil and military purposes, and shall include all goods which can be used for both non-explosive uses and assisting in any way in the manufacture of nuclear weapons or other nuclear explosive devices. Usually when arms embargoes/ restrictions on dual-use items are imposed, related technical, financial assistance as well as other services are also prohibited. Although the primary responsibility for the classification of goods and technologies lies with the Customers sending or receiving such items, the prohibition to provide financial assistance is also mandatory for the Bank.

The prohibition on military goods/ dual-use items means that Swedbank cannot participate in any financial transactions, provide business support or any financial support to customers that sell, supply, transfer, mediate or export such goods to restricted countries (e.g. Russian Federation), if they are intended for military purposes, or sell, supply, transfer or export such goods to the certain EU listed entities. Therefore, Swedbank could conduct additional checks on related payments. Thus, the fulfilment of the payment order may be delayed or rejected.

There are items related to Energy sector listed by EU which are restricted to be exported to Russia. U.S. has imposed restrictions on all goods/ non-financial services or technology in support of energy projects. Therefore, Bank must be aware if the Customer has an authorization from authorities in order not to be involved in prohibited transactions.

You can transfer money to foreign banks or receive money from abroad through your account in Swedbank. If your account does not contain the currency in which you wish to make the payment, the bank will convert the relevant amount on the basis of the exchange rate valid at the moment the payment is made. You must fill in an international payment order if you wish to transfer money abroad.

IBAN and BIC

International Bank Account Number (IBAN) is the international standardised format of your account number. BIC (also known as a SWIFT code), is an 8 or 11-digit combination of letters (or letters and numbers), which allows for identification of the beneficiary's bank upon processing international payments. Swedbank's BIC, i.e. SWIFT code, is HABAEE2X.

NB! Using the international account number IBAN and the BIC/SWIFT of the beneficiary’s bank on the international payment order guarantees that money moves faster and you save on costs. If the beneficiary’s account number has not been given in the IBAN format and foreign bank therefore submits a service fee claim to Swedbank, it will be deducted from the client’s account.

More about IBAN

Conversion of the currency

You do not need current accounts in foreign currencies if you wish to make international payments. The amount required for the transfers will be converted in your account according to the current exchange rate. The bank automatically offers special exchange rates for amounts starting at 10 000 euros converted between 8 am and 5 pm on business days. The special rate depends on the amount and the specific currency.

The same conversion principle is also applied to international receipts. The foreign currency received in your account as a result of an international payment is automatically converted into euros on the basis of the current exchange rate.

Foreign currency can be held in the account by separate agreement.

International payments in Chinese renminbi yuan (CNY)

According to Chinese Republic law International payments in CNY are not allowed from/to private persons.

International payments in CNY between Companies are allowed only for Chinese Companies which have local license to receive international payments in CNY.

Bank has the right (as per correspondent bank requests) to require and customer has liability provide to bank export-import documents or other trade documentation.

CNY payments mandatory requirements:
  • Beneficiary’s bank name, address and branch name.
  • Beneficicary’s bank (branch) BIC (SWIFT code).
  • Beneficiary’s bank’s branch 12-digit code – CNAPS number (CN).

Example:
Beneficiary’s bank: CNxxxxxxxxxxxx, BANK OF CHINA, NO.1 FUXINGMEINEI ST. XICHEN DISTRICT, BEIJING
  • Beneficiary’s full name and address.
  • Payment details – payment details and business category codeword which you can choose from attached link.

Example:

Payment details: /GOD/ payment for clothes, invoice nr. 123, contract nr.5 etc.

If mandatory details are missing payment will be cancelled.

Please be informed that as of 16 June 2017 Swedbank AS will close EUR and USD accounts in Deutsche Bank AG (DEUTDEFF) and in Deutsche Bank Trust Company Americas (BKTRUS33) and continues with the following main service providers for payments in EUR and USD:

Currency Correspondent bank SWIFT/BIC
EUR SWEDBANK AS, Tallinn –via STEP2, EURO1 or Target2 HABAEE2X
USD WELLS FARGO BANK, N.A., New York FED ABA: 026005092 PNBPUS3NNYC

Please ensure that your business partners have these updated payment details.

Data required when making transfers from abroad

In order for an international payment to reach your account, you’ll need to provide the person making the transfer with the following data:

  • beneficiary’s name – your full name (i.e. the name under which your Swedbank account was registered) and address
  • beneficiary’s account – your international bank account number (IBAN)
  • beneficiary’s bank – the bank’s address: Swedbank AS, 8 Liivalaia Street, 15040 Tallinn, Estonia,
  • SWIFT/BIC code of beneficiary’s bank – HABAEE2X
Foreign payments are received in your account in the payment currency. If the foreign currency is not allowed in your account, the amount is automatically converted into euros according to the exchange rate that is valid at that particular moment.

Please note: You must select the correspondent bank according to the currency of the transfer.

European payments - 0,38 EUR

Single Euro Payments Area or SEPA allows you to make payments in euros anywhere in the euro zone on the same terms and conditions. Swedbank is a member of SEPA.

  • the payment currency is EUR
  • the beneficiary's bank is located in a member state of the European Union
Terms and conditions of European payments

Group payment in euros - 0,38 EUR

Money moves from Estonia to Latvia, Lithuania, Sweden, Finland, Denmark and Norway in three hours.

You can make group payments if the payee also holds an account in a Swedbank Group bank. The beneficiary’s IBAN must be specified.

Maturities of group payments

In Swedbank, you can make international payments to all European Union countries and our partner banks in Latvia, Lithuania, Finland, Denmark, Norway and Sweden that are faster and cheaper than usual.

International payments in Russian roubles can be made to all Russian banks and to the foreign banks that have correspondent accounts in Russian roubles.

The Central Bank of the Russian Federation demands that all Russian banks check all rouble payments received from abroad. If you wish your payment to reach the payee in time, you have to make sure that you have filled in the payment order according to requirements. Otherwise Russian banks have the right to check your payment and it means that your payment may be delayed.

Payment orders in Russian roubles

Payments made in Russian roubles must be inserted in Russian using the Latin alphabet according to the character table.
Payee’s name

the taxpayer identification number or INN (and KPP) is inserted in the field “payee’s name” before the name. If the payee’s name is too long, the remainder of the name must be written in the address field without any spaces (without a hyphen).

Example: INN1234567891.KPP123456001 ООО Severnyy Tr/e/vel.

The father’s name (patronymic) of the payee must be added upon making a payment to a private client.

Example: Potapov Ivan Ivanovich

Payee’s address payee's address
Payee’s account number

a 20-digit number, the digits 6-8 of which are 810.

Example: 4xxxx810xxxxxxxxxxxx

Payee’s bank

full name of the payee’s bank + city + BIK of the payee’s bank (9 digits) + correspondent account of the payee’s bank in the Central Bank of the Russian Federation (20 digits, starts with 301). The last three digits of the BIK and the correspondent account must coincide.

Example: OAO AKB Probiznesbank, g.Moskva, 044525986.30101810600000000986

View example
If the final payee bank is a branch of the bank

(presumes a 20-digit account starting with 303), the name of the branch and the account are inserted in the field “payee's bank” and the data of the parent bank will be inserted in the field “correspondent bank”.

Example:

Payee’s bank: Vernadskoe otdelenie 9038, 303xxxxxxxxxxxxxxxxx.

Correspondent bank of the payee’s bank: OAO AKB Probiznesbank, g.Moskva, 044525986.30101810600000000986

View example
Payment details
  • currency transaction code (VO)
  • verbal clarification of the payment (detailed information about goods/service, if payment is executed before goods are delivered then should be written predoplata za...., if payment is executed after goods are delivered then oplata za....)
  • commercial invoice and/or contract number, date
  • VAT amount (NDS). If no tax is imposed on the goods or services, “BEZ NDS” must be added.

Example: (VO20100) predoplata za transportnye uslugi, schet no.5 ot 15.03.2012, NDS 1500 RUB.

Currency transaction code (VO) should be asked from the foreign partner. In the absence of the code, the payment will be returned. If you want to select the VO code yourself, it must be kept in mind that a non-resident means a non-resident of Russia (i.e. an Estonian citizen or a company registered in Estonia) and a resident means a resident of Russia (i.e. a Russian citizen or a company registered in Russia).

What to do in emergencies?

If you've lost your card or any data used in your Authentication tools or if you suspect that they‘re disclosed to other people, immediately call us at any time of the day or night. We will block your card or access to Internet Bank account immediately and no one else will be able to access money in your bank accounts.

  • For private clients: call 6 310 310
  • For business clients: call 6 132 222

We will also automatically block access to Internet Bank if incorrect login data (User ID or code from the PIN code generator) is entered 5 times in a row. You can unblock it by calling us at 6310310 / 6132222 (from 8:00 to 20:00 on working days, and from 9:00 to 16:00 on Saturdays). In case of a repeated block, you will have to visit the bank’s branch. You should book a visit in advance. Have you discovered any unauthorised transactions on your account performed prior to the blocking of Internet Bank access? Review your account statement and submit the information to us .• We will also automatically block access to Internet Bank if incorrect login data (User ID or code from the PIN code generator) is entered 5 times in a row. You can unblock it by calling us at 6310310 / 6132222 (from 8:00 to 20:00 on working days, and from 9:00 to 16:00 on Saturdays). In case of a repeated block, you will have to visit the bank’s branch . You should book a visit in advance. Have you discovered any unauthorised transactions on your account performed prior to the blocking of Internet Bank access? Review your account statement and submit the information to us.

Secure your login data

  • You shouldn’t confirm transactions or logins to internet bank or app, which are not initiated by you under no circumstances.
  • You shouldn’t ever disclose your personal data or data used for login to internet bank & app to other persons, including family members, friends or bank employees, unless you are calling to the bank.
  • Do not write down, send by e-mail, SMS, etc. or otherwise save any confidential codes and passwords to unlock the screen of your computer or mobile phone. Create complex passwords, that are difficult to guess, memorise them and change them regularly. When creating PIN codes, be sure to make PIN codes in random number combination. Do not use combinations, such as 1111, 1234, dates of birth other personal details etc.
  • Remember that your User ID number is as important as your personal code, thus pay a great deal of attention to its security.
  • Keep in mind that after login you will have access to many services including external ones which do not require additional authentication.

Closing browsing session

The login session is terminated when no activity happens for 5 minutes. You will be asked to re-enter your login details. Time limits are used for security reasons, to prevent Internet Bank access if a user forgets to log off from his/her account after finishing using the Internet Bank.

Once you finish Internet Bank session, log off (by clicking 'Logoff') and close the browser.

Address of the Internet Bank website

On the computer:

By clicking on the lock sign you should see the correct Swedbank certificate:

On the smart device:

Before entering your login data, make sure that the website domain is “swedbank.lt”.

Take a moment to familiarise with our security recommendations:

  • Do not share your personal authentication means. If you want to give your family members or your employees rights to manage funds on your accounts, please, request the Bank to grant them respective rights. They will be able to use company’s accounts on behalf of their own and by using their own personal authentication means. You can revoke these rights at any time. It is also possible to order a supplementary card linked to your account for a family member to use.. Sharing the same authentication mean between the employees or family members is strictly forbidden.
  • Remember, that security of all your data (User ID, PIN codes, mobile phone number provided to the bank, personal number, etc.) is the key for protecting an access to your money.
  • If you’re using a public computer, avoid entering personal information as there might be malware that records your details.
  • Do not keep User ID number together with authentication means and their confidential codes.
  • Never send authentication data by email.
  • Never disclose your login information, unless you are initiating the call with the bank. No one has the right to request you to provide your personal number and authentication mean by phone. If you receive a call from a person stating he is an employee of the bank, end the conversation immediately.
  • Your Smart-ID or PIN code generator PINs should not coincide with any part of your phone number or the sequence of numbers.
  • Always compare control number and read “see what you sign” if available.
  • By entering PIN2 of Smart-ID you are usually confirming a payment or an agreement. Be extra careful when doing it.
  • You will get an SMS when new Smart ID account is created. Contact bank immediately if it wasn’t you who created Smart ID.

When accessing internet bank via a laptop or stationary computer, follow these safety measures:

  • Install antivirus software and configure it to automatic update of the virus definitions database (at least one auto-update per day).
  • Install the local firewall. It should be configured so that it prevents connections from the Internet to your computer.
  • Use the latest browser and operating system available.
  • Turn on automatic updates for all software. If it cannot be updated automatically, regularly check on its latest software.
  • Set your browser to block pop-ups.

Check computer safety

  • More information on the ways to secure your device and to safely use other Internet services is available on the following websites:

https://www.ria.ee/en.html

Do not forget to follow safety measures when accessing internet bank via mobile devices:

  • Download applications only from trusted sources such as the App Store, Google Play or Windows Phone Apps – Microsoft store.
  • Do not jailbreak your mobile device to get around limitations set by your mobile network operator or device manufacturer. It will remove protections built into the device to defend against mobile threats.
  • Always screen lock your smart phone or any of your computers. If several levels of screen lock security are offered, always use the highest security level.
  • Do not allow other persons to use your phone or tablet were Swedbank App is installed.
  • Do not reveal the screen lock codes to other persons and do not allow to unlock your phone with other persons’ biometric data.
  • Use antivirus software.
  • Always adhere to the requirements or security alerts of the manufacturer of your phone device.

When shopping online, be prudent with your personal and financial data. Properly assess the threats, which you may encounter on the internet. We recommend to ensure protection of personal devices and always follow these safety tips:

  • Shop in reliable shops only. It is always safe to buy goods and services in well-known Lithuanian and foreign e-shops with a good reputation. Take a critical approach to unknown sellers and try to find out more information about their activity. Study public internet feedback about a specific online shop. Find out whether the website presents detailed contact data of its administrator (address, phone, email, etc.), and make sure it does not contain various errors in their links (additional words or letters, strange symbols), popup windows, advertisings, a great number of links instead of informative content.
  • Be cautious about discounts. You have found a high-quality product offered at a particularly low price? Before making a payment order, be sure that the company that offers the product really exists and is trustworthy. Be careful about advertisements in social networks. They may lead you to a fake online shop.
  • Safe shopping by card. When shopping in foreign e-shops, the most common way of payment is by card. In this case you will have to indicate the details of your payment card. If an online shop participates in international security programmes, special logos such as “MasterCard SecureCode”, and “Verified by Visa” for Visa cards are used in this shop. You may be redirected to internet bank to confirm payment transaction by logging in. Learn more about “Safe online shopping” programme here. Before making payment in online shop, please evaluate safety of such online shop and study public internet feedback about its activity.
  • Safe payment via electronic banking system. When shopping in Lithuanian online shops, usually you will be redirected to Swedbank internet bank account. You will recognise it from the Swedbank logo and internet bank address: https://www.swedbank.ee/banklink. It confirms that payment is made directly through the bank system. After you enter your login details, the website will automatically display the generated payment form.
  • Third party providers. As of 14/09/2019, when you shop online, you might be offered to use payment initiation service, offered by payment institution (PISP), other than the bank, to pay for goods or services. If you choose to initiate payment from your account, kept with the bank, you might be asked to fill in the payment order form in the PISP’s environment, and give your consent to transfer data, necessary for performance of payment transaction, and later to confirm payment order with the Swedbank internet bank authentication mean. If you have noticed any transaction in the account statement, not authorised by you, inform us immediately by calling 6310310 (for private clients) or 6132222 (for business clients).

Suspicious SMS messages. Stay alert!

  • Fraudsters could impersonalize bank by sending fraudulent SMS under our name to obtain personal and Authentication mean data. These messages usually offer to click on an indicated link, to open an attachment or to call the indicated phone number in order to allegedly update, revise, check or activate your account in internet bank.
  • Never answer to a SMS message requesting you to submit confidential data. Never click on the links and do not open attachments from the unknown sender because this way you can activate a virus, or you will be redirected to a fraudulent website.
  • In case you are clicked on the link and were redirected to a website resembling our site, do not enter any requested data and contact us. Here you can find the information on how you can recognise the authentic website.
  • If you suspect that other persons have gained access to your login data, contact us immediately.

Suspicious emails or calls. Be cautious!

  • If you receive a suspicious call or email from an alleged “bank employee” or “police officer” requesting you to disclose confidential login details – under no circumstances disclose such information. Do not trust this person only because he or she knows something about you. Fraudsters can have different scenarios to steal money (they request to update data; inform about suspicious bank transactions, etc.), yet they have one common feature – they request to disclose confidential internet bank login data or to enter the generated code of Authentication mean and transaction confirmation.
  • Neither bank employees nor representatives of law enforcement or other institutions contact residents requesting them to disclose their Internet Bank details (User ID, PIN codes, etc.) or initiate as well as confirm transactions not initiated by you. Therefore, stay alert and do not open suspicious emails. Make sure that you log in to the Internet Bank via the right website (https://www.swedbank.ee).

Here are some of the most common indicators that a phone call or email or SMS that you have received is most likely a scam or an attack:

  • Any message that communicates a tremendous sense of urgency. The criminals are trying to rush you into making a mistake.
  • Any message that pressures you into bypassing or ignoring our policies and procedures.
  • Any message that promotes possibilities to gain high profit. If it sounds too good to be true, it probably is.
  • Be very suspicious of any phone call or message that pretends to be an official or government organization urging you to take immediate action.

You have found the security flaw? Notify us!

It is important for us at Swedbank that our customers can feel safe and secure when managing their monetary affairs with our electronic channels. Therefore, we seek to ensure the highest security level in IT systems. Despite this, an error may slip by. If you have found a security flaw, we would like to hear more about it to be able to correct the problem as soon as possible.

How do you report?

Send an email to us at responsible-disclosure@swedbank.com. We prefer that you use our public PGP key to protect the information you send over. Make sure to have included the following information:

  • Detailed description of the vulnerability containing such info as URL and type of vulnerability;
  • The necessary information that we need in order to reproduce the problem;
  • If applicable, a screenshot of the vulnerability you have found;
  • Contact information, name and surname, email, phone number, and your public PGP key (if you have one).

This personal data submitted by you will be processed by Swedbank in order to inform you about the analysis of IT security flaws noticed by you and their correction, and, if necessary, to contact you regarding the revision of the information submitted by you. More information about Swedbank’s data processing procedure is available in the Swedbank Principles of Processing Personal Data at www.swedbank.ee.

What can you report?

You can report security flaws that you have found in any of our services. Examples of security flaws are cross-site scripting, flaws in encryption or flaws with security implications in logic controls. The reporting service is not designated for other logical errors, errors in texts, questions about our services, questions about the security of our services or similar.

What can you expect from Swedbank?

We will confirm that we have received your description, continuously keep you updated while we process the issue, and inform you when the issue is fixed. Claims for compensation as a condition for sending in a vulnerability are not accepted.

What is required from you?

It is important for both us and our clients that you follow good practice, i.e. that:

  • You do not use the vulnerability to access or attempt to access information that does not belong to you;
  • You do not use the vulnerability to remove or modify information;
  • You do not affect the availability of our services;
  • You give us an opportunity to fix the reported vulnerability before going public with it.

Can you file a report anonymously?

Yes, but then we cannot respond back and keep you updated on the status.

PGP key

PGP key

Key ID: 0x0AD6CCAF

Control code: 2D14 4030 6D4B 68C3 F286 3AC6 333B E8E4 0AD6 CCAF