<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=905697862838810&amp;ev=PageView&amp;noscript=1">


    Adhering to Nacha’s Fraud Risk Management and Monitoring Rules

    As of March 18, 2022, Nacha’s account validation rule requires ACH originators of WEB entries to use a commercially reasonable fraud detection system to verify the first time a consumer checking account is used for an electronic (ACH) payment, if the payment is initiated over an online channel, the account number must be validated first. WEB debit entries, by definition, are debits to consumers’ accounts where authorization is communicated via the internet or a wireless network. Nacha does not require a specific method to be used for account validation but has provided examples of acceptable forms of validation.

    The addition of Nacha’s account validation rule supplements existing guidance which simply required the originator—the creator or sender of the payment—to use a “commercially reasonable fraudulent transaction detection system.” The purpose of this rule is to clarify that a commercially reasonable fraud detection system must have the capability to validate accounts. This means that, before a WEB entry is processed, Nacha will require validation that the account it originated from is, in fact, a valid account for that financial institution and that it is able to accept an ACH transaction.

    Appropriate Account Validation Methods

    The account validation requirement applies to the first use of an account number or change to the account number. Several methods are available to comply with the new rule. Please note, the methods can be used as part of a waterfall methodology.

    The methods appropriate are:

    • Manual - The organization obtains a voided check from the consumer and uses it to verify the account and routing number with the consumer’s financial institution.

    • ACH Prenote - The organization uses the consumer’s account and routing number to send a zero-dollar transaction to the consumer’s financial institution; by accepting the transaction, the organization can determine whether the account is open and valid.

    • Micro/Trial Deposits - In this two-step process, the organization uses the consumer’s routing and account number to make two small deposits into the consumer’s account. The consumer then confirms the deposit amounts with the organization.

    • Database - The organization uses the consumer’s name, account number, routing number, and other details about the consumer and cross-references them against a third-party database to confirm account status and ownership.

    • Financial Institution Credentials - Consumers select and authenticate with their financial institution through the organization’s digital channels to verify they can access the account.

    There are several pros and cons with each validation method, which is why it is highly recommended to use more than one. Using a combination of methods helps ensure consumers have a frictionless experience while also providing higher levels of fraud prevention.

    2022 Implementation Schedule for Nacha’s Fraud Risk Management and Monitoring Rules

    Here is the schedule for the implementation of Nacha’s Fraud, Risk Management, and Monitoring Rules

    • Rule 1: March 19, 2022: Becomes enforceable: Commercially Reasonable Fraud Detection for WEB Debits (Account Validation)

    • Rule 2: September 16, 2022: Micro-Entries (Phase 1); Originators utilizing micro-entries will be required to use the standard entry descriptions

    • Rule 3: March 17, 2023: Micro-Entries (Phase 2); Originators of micro-entries will be required to use commercially reasonable fraud detection, including the monitoring of Micro-entry forward and return volumes

    SWBC's Financial Institution Group will continue to support the needs of our clients during the evolution of regulatory and rule changes specifically for payments.


    Related Categories

    Regulations & Compliance Payments

    Nicole Hill

    Nicole Hill is the SVP of Payment Risk and Compliance of Swivel, an SWBC Company. She is responsible for supporting the growth and overseeing the Regulatory Compliance and Risk Management for the Payment Organization. Nicole also serves as the designated AML/BSA compliance officer for the payments organization and is expanding the governance framework as the payments team adds new functionality and products to support the client base.

    You may also like:

    Regulations & Compliance Retirement & Succession Plans

    Is Your Retirement Plan Sponsor ERISA Compliant?

    In the recent Supreme Court case of Hughes vs. Northwestern University, current and former plan participants in two of t...

    Regulations & Compliance

    Compliance and Collections: Adhering to the FDCPA and Regulation F

    A new federal debt collection rule enacted under the Fair Debt Collection Practices Act (FDCPA), Regulation F, went into...

    Regulations & Compliance

    Bank Secrecy Act and Anti-Money Laundering Regulations

    Congress has several laws in place to oversee financial institutions—protecting them against illegal activities such as ...

    Let Us Know What You Thought about this Post.

    Put your Comment Below.


    FREE Webinar

    SWBC 2024 Economic Forecast

    Join our experts as they discuss the state of the economy in 2024 and beyond. 

    On Demand | Duration: 75 minutes

    Watch Now