Effective March 19, 2021, Nacha’s account validation rule requires ACH originators of WEB entries to use a commercially reasonable fraud detection system to verify new consumer account information. WEB debit entries, by definition, are debits to consumer’s accounts where authorization is communicated via the internet or a wireless network. Nacha does not require a specific method be used for account validation, but has provided examples of acceptable forms of validation.
The addition of Nacha’s account validation rule supplements existing guidance which simply required the originatorthe creator or sender of the paymentto use a commercially reasonable fraudulent transaction detection system.The purpose of this rule is to clarify that a commercially reasonable fraud detection system must have the capability to validate accounts. This means that before a WEB entry is processed, Nacha will require validation that the account it originated from is, in fact, a valid account for that financial institution, and that it is able to accept an ACH transaction.
From Guidelines To Explicit Rules
Before cementing account validation as a requirement in the rules, Nacha advocated for its inclusion as part of fraudulent transaction detection systems. The responsibility of account validation was placed on ACH originators as Nacha has explained they are in the best position to detect and prevent fraud related to the payments they create. Part of the decision to revise WEB account validation from informal guidance to a formal requirement was the prevalence of fraud across the network that would not have taken place had account validation been used by ACH originators of WEB entries.
While account validation for WEB transactions is now an explicit requirement, Nacha kept the rule language relatively neutral with regard to the different methods and technologies ACH originators can select from to achieve compliance. There are many services available to meet these needs with varying settlement times and amounts of information each one can validate.
First, there is an ACH pre-notification, a zero-dollar amount that is validated by the receiving financial institution prior to the processing of an actual transaction. With this method, you can reach any financial institution and receive feedback that meets the exact requirements of the rule. ACH pre-notification allows for precise, reliable validation; however, it may not be a good fit for ACH originators whose customers rely on a swift payment experience as you may have to wait several days for the receiving financial institution to potentially issue a correction or return before another entry can be sent.
ACH micro-transaction verification is another acceptable validation method. With this method, low-dollar transactions flow through the network and consumers validate their accounts by confirming the dollar amounts of the posted micro-transactions. Transactions validated using this method can typically be sent and verified in the same day, however, they require action on the part of the consumer.
There are other commercially available validation services that can validate information through a number of methods, such as data consortiums and online credentials. Through the use of APIs, these services can often verify accounts instantly. To learn more about Nacha’s Fraud Detection Standards for WEB Debits, visit their website.
SWBC has partnered with Finicity, a Nacha Preferred Partner and Payments Innovation Alliance Member, to allow consumers using new account information to instantly validate their account before processing transactions via WEB. Finicity uses consumer-permissioned instant account verification to meet the account validation requirement while maintaining a quick, user-friendly experience for consumers.
SWBC Payments continues to strive to ensure our service is fast, reliable, and compliant. To learn how your credit union can ensure your enterprise payments program meets the risk-mitigation check marks and your members’ needs, register for our live webinar at 12 ET on Wednesday, Aug. 11, Wading in the Digital Payments Deep End: Lessons in Risk Management and UX Design. Click here to register!
Author Bio: As a payments compliance supervisor, Elizabeth Cardenas is responsible for identifying fraud and money laundering concerns in electronic cash management (ECM) to support SWBC’s Payments clients. Elizabeth is CAMS certified, has a bachelor’s degree in modern languages and linguistics from the University of Texas at San Antonio, and is fluent in Japanese and proficient in several other languages.