Most of SWIFT's problems have nothing to do with SWIFT itself.
2FA can not and will not fix the rest of the shitty software running inside banks.
On many institution's networks, network access alone will do.
There are open FTP servers and SMB shares on those networks into which you can drop files containing fraudulent, but correctly formatted MT1xx/MT2xx messages with no authentication required.
The bank's various pieces of poorly written middleware will then dutifully pick up those messages and push them out across the SWIFT gateway and into the network.
AC for obvious reasons.
Biting the hand that feeds IT
