ACH Audit and Risk Assessment: Choose Your Own Adventure
|
|
- Drusilla Douglas
- 6 years ago
- Views:
Transcription
1 THE PAYMENTS INSTITUTE July 17-20, 12-15, Emory Conference Center Hotel, Emory University, Atlanta, Georgia ACH Audit and Risk Assessment: Choose Your Own Adventure Mary Gilmeister AAP, NCP President PAR/WACHA-The Premier Payments Resource
2 Disclaimer WACHA, through its Direct Membership in NACHA, is a specially recognized and licensed provider of ACH education, publications and support. Regional Payments Associations are directly engaged in the NACHA rulemaking process and Accredited ACH Professional (AAP) program. NACHA owns the copyright for the NACHA Operating Rules & Guidelines. The Accredited ACH Professional (AAP) is a service mark of NACHA. This material is derived from collaborative work product developed by NACHA The Electronic Payments Association and its member Regional Payments Associations, and is not intended to provide any warranties or legal advice, and is intended for educational purposes only. This material is not intended to provide any warranties or legal advice, and is intended for educational purposes only. This document could include technical inaccuracies or typographical errors and individual users are responsible for verifying any information contained herein. No part of this material may be used without the prior written permission of WACHA/PAR 2015 PAR/WACHA All rights reserved
3 AGENDA ACH Audit Who & Why All DFIs Receiving Depository Financial Institution (RDFI) Originating Depository Financial Institution (ODFI) Risk Assessment 3
4 Why Do We Need To Do the ACH Audit and Risk Assessment? Manage Risk and Minimize Loss Enhance ACH Quality and Customer Satisfaction Improve Operational Efficiencies and Lower Processing Costs Avoid Fines 4
5 What You Need to Know NACHA Operating Rules 31 Code of Federal Regulations 210 Regulation E Regulation CC Uniform Commercial Code 4A Office of Foreign Assets Control (OFAC) The Green Book FFIEC IT Examination Handbook 5
6 Who Must Do an Audit? Receiving Depository Financial Institution (RDFI) Originating Depository Financial Institution (ODFI) Third Party Service Provider Receiving Point Sending Point Any entity that performs a function of ACH Processing on behalf of a Participating DFI Correspondent Bank Corporate Credit Union Third Party Senders 6
7 Required by the ACH Rules Failure of a Participating DFI to provide proof of completed audit may be considered a Class 2 Rules Violation Must also be able to provide proof of audit for TPSP or its TPS NACHA has started to ask for documentation of proof of audit Audit documentation retained for 6 years 7
8 General Audit Requirements Section 8.1 Requires participants conduct an internal or external audit according to Appendix 8 requirements Audit of ACH operations is required Yearly by December 31 Retain documentation for six years 8
9 What method should we use? NACHA rules do not specify the method for completing the audit Some common auditing methods Interview personnel Sampling Random May wish to cluster transactions by common characteristics before selecting samples so that you are certain to address all audit requirements. Testing Follow transactions Follow procedures 9
10 Preparations: ACH Audit Checklist Audit period - most current x days ACH Policies Receipt Origination Risk BSA and OFAC Written procedures manual Organizational chart of chain of command for ACH department Number of employees involved in processing ACH Core Processing system/internal software updates ACH Operator FED or EPN? Operator Advice Risk Assessment Accountholder statements Accountholder disclosures Origination Agreements and Exposure limits Return activity tracking 10
11 ACH Audit Checklist Prior 6 years of audits How do you receive files? Third-party processor How do you process returns? How do you send origination files? Do you have any Direct-send relationships? Staff training Controls for physical access and passwords, security levels Account balancing Personnel policies OFAC controls NOCs Stop Payments and WSUDs DNEs and Reclamations Rules Violations in the past year Contingency/Disaster Recovery Plans 11
12 Audit Requirements for All DFIs, Third-Party Service Providers, and Third-Party Senders 12
13 Section 8.2.A ACH Rules Reference and Records of Entries Retention Method (paper, optical, disk..) Sampling for each of past 6 years Can Be Reproduced Section 8.2.B All Participating DFIs ACH Rules Reference Electronic Records Accurately Reflect the Information Contained in the Record 13
14 Audit Verification Section 8.2.C ACH Rules Reference Verify that an audit was completed in the previous year Verify that issues raised during the previous audit were corrected Audit reviewed by board of directors? 14
15 NACHA Fees Section 8.2.E ACH Rules Reference 1.12 The Financial Institution must file the N-7 form and pay associated Network Administration fees for sending Entries directly to a nonaffiliated Participating DFI. This section is not applicable if you send all of your ACH entries to the ACH Operator 15
16 ACH Risk Assessment Section 8.2.F ACH Rules Reference FIs are required to assess the risk of their ACH activities and implement a risk management program based on the assessment Has it been reviewed by board How often do you re-assess 16
17 ACH Data Security Section 8.2.G ACH Rules Reference 1.6 Participating DFI and originators/third party senders have established, implemented and updated security policies, procedures and systems 17
18 International ACH Transactions IATs ACH Rules Reference , , , , , , , and ODFIs and Gateway Operators must identify all international payment ACH transactions using the SEC code IAT. IATs must include specific data elements called the Travel Rule so that all parties have information necessary to comply with U.S. Law OFAC Compliance 18
19 Receiving Depository Financial Institution (RDFI) The RDFI is a legal receiver An entry is deemed to be received when it is made available to the RDFI or receiving point 19
20 Prenotifications Section 8.3.A ACH Rules Reference 3.5 Validate account number in prenotification entry: Accept Return or Initiate a Notification of Change on a timely basis We do not recommend NOCs for prenotification entries 20
21 Notification of Change Section 8.3.B ACH Rule Reference Verify that NOC entries are transmitted within two banking days of the settlement date of the original entry to which the NOC relates with the exception of NOCs due to merger or acquisition Dual Control? 21
22 Acceptance of Entries Section 8.3.C ACH Rules Reference 3.1.1, Verify all entries accepted as required Entries not required to be accepted: XCK Non-transaction account Do General Ledger and loan entries post automatically 22
23 Credit Availability & Debit Timing Section 8.3.D ACH Rule reference , , and Credit Entry received must be made available to Receiver no later than the day of settlement More specifically, PPD credit entries made available to the RDFI by 5:00 p.m. the banking day prior to settlement date, are available to the Receiver for withdrawal no later than the opening of business on the settlement date Debit entries are not posted prior to the settlement date Same Day ACH 23
24 Account Statement Content Section 8.3.E ACH Rule reference Verify that the RDFI sends or makes available as part of the account statement for consumer customers information from transactions as dictated by the ACH Rules and Regulation E 24
25 Timely Returns (Part 1)(Excluding RCK) Section 8.3.F ACH Rules Reference 3.8. Verify that return entries (including debit entries to a corporate account returned as unauthorized) are received by the RDFI s ACH Operator by its deposit deadline for the return entry to be made available to the ODFI no later than the opening of business on the second banking day following the Settlement Date of the original entry 25
26 Timely Returns (Part2&3)(Excluding RCK) Rules Reference , Appendix Four Verify that permissible return entries (i.e., the late return of unauthorized debit entries to non-consumer Accounts) are transmitted with the permission of the ODFI and utilize the appropriate Return Reason Code Rules Reference 3.8.5; Appendix Four Verify that dishonored return entries received by the RDFI are handled appropriately, and that contested dishonored return entries and corrected returns are initiated in a timely manner. Verify that the RDFI utilizes Return Reason Codes and Contested Dishonored Return Reason Codes that accurately describe the reason for the return 26
27 Represented Check Entries - RCK Section 8.3.G ACH Rules Reference Review internal procedures to ensure that the return of an RCK debit entry is transmitted to the RDFI s ACH Operator by midnight of the second banking day following the banking day of receipt of the presentment notice 27
28 Section 8.3.G continued Transmit an adjustment entry, so the entry is made available to the ODFI by the 60th calendar day, if: notice of RCK policy was not provided R51 item to which the entry relates is ineligible R51 signatures are not authentic or authorized R51 item to which RCK relates has been altered R51 Both items presented for payment R53 Verify that a Written Statement of Unauthorized Debit has been received for entries returned R51 and R53 28
29 Return of Credit Entries Section 8.3.H ACH Rules Reference , Credit entries that cannot posted or be made available to the Receiver are returned and made available to the ODFI no later than the opening of business on the second banking day following the Settlement Date If a Receiver refuses a credit it should be returned and made available to the ODFI by the opening of business 2 nd day following notification of refusal from the Receiver 29
30 Stop Payments Part 1 Section 8.3.I ACH Rules Reference , , and Verify that the RDFI honors stop payment orders appropriately Recurring payment Stop instructions 3 banking days prior to debit Single payment or Non-consumer payment RDFI needs reasonable time to act on stop 2 day return timeframe 30
31 Stop Payments Part 2 Section 8.3.I ACH Rules Reference , , and Appendix Four for extended returns Stop Payment on source document related to ARC, BOC or RCK entry Return Reason R38 Stop Payment on Source Document Return Reason R52 Stop Payment on Item Related to RCK Entry 31
32 Written Statement of Unauthorized Section 8.3.J Debit ACH Rule , , , , and Appendix Four Verify that signed Written Statement of Unauthorized Debit (WSUD) forms are obtained from consumers before returning entries for Return Reason Codes R05, R07, R10, R37, R51 and R53. Verify that the returns are conducted in the appropriate timeframes. Verify that the WSUD is available to the ODFI upon written request. 32
33 Consumer Return Codes Requiring WSUD R05 CCD entry to a Consumer Account R07 Cannot Be Used for RCK, ARC, BOC, POP R10 Consumer Claims the Entry Is Unauthorized, Ineligible or Incomplete Improperly Reinitiated Debit Entries R37 Source Document for ARC or POP Has Paid R51 Improper RCK Entry R53 Item That Relates to the RCK Has Also Been Presented for Payment 33
34 Uniform Commercial Code 4A Section 8.3.K ACH Rules Reference Ensure compliance with UCC Article 4A Disclosure to all account holders that could receive CCD or CTX credit entries With respect to ACH entries Provisional payments vs. final payment Notice requirements Choice of law (for interstate disputes) 34
35 Payment-Related Information Section 8.3.L ACH Rule Reference Review records and procedures to ensure that, when requested to do so by the Receiver, the RDFI is capable and does provide all payment-related information transmitted with CCD, CIE, CTX, and IAT entries to the Receiver by the opening of business on the second banking day following the settlement date of the entry 35
36 RDFI Audit of Federal Government Payments Compliance with requirements as outlined in 31 CFR 210 and the Green Book eenbook/greenbook_home.htm 36
37 Federal Government Payments Written procedures for steps to be taken upon learning of death of customer/member? DNE processing Constructive knowledge All benefit payment/all accounts Front line staff Verify appropriate use of R14 (Death of Rep Payee) and R15 (Death of Beneficiary or Account Holder) Have branch and operations employees been trained on the Green Book Are you aware of recent updates? 37
38 Reclamations A procedure used by the Federal government to recover benefit payments Specific payments subject to Reclamation (page 5-4) Must be sent within 120 days after the agency learns of death An RDFI is not liable for any post-death payments made more than six years prior to the date of the notice of reclamation 38
39 Government Payments Posting to Closed accounts ENR Use Godirect.org Non Receipt request or Tele-Trace Closing an account receiving Federal Government Benefit Payments Garnishments Able to identify Federal Government Payments that are protected 39
40 Originating Depository Financial Institution ODFI The ODFI is totally responsible for entries containing its Routing Number within the Trace Number that are transmitted into the ACH system 40
41 Binding Agreements Section 8.4.A ACH Rule Reference , , and Has an agreement been executed with each company and financial institution for whom the financial institution originates binding them to US law and the ACH Rules? Verify compliance with OFAC-enforced sanctions Third Party Senders Direct Senders Document procedures that allow the financial institution to approve every party for whom the 41
42 Binding Agreements Three issues are required to be addressed in ACH Originator and Third Party Sender Agreements signed or renewed after June 18, 2010 The right of the ODFI to terminate or suspend the Originator The ability to audit the originator Any restrictions on the types of transactions allowed 42
43 Sending Points Section 8.4.B ACH Rule reference Verify that, if applicable, agreements have been executed with all Sending Points transmitting transactions on behalf of the ODFI to the ACH Operator How are ACH rule changes communicated between ODFI and third-party service provider Request a verification they have completed ACH Audit 43
44 ODFI Exposure Limits Section 8.4.C ACH Rule reference Review internal procedures to determine that exposure limits are established for each Originator Exposure limits should be reviewed periodically Entries initiated by Originators are to be monitored relative to the exposure limits across multiple settlement dates The restrictions on types of SEC code of originated entries need to be enforced Procedures for monitoring and what happens if established limits are exceeded 44
45 Return Items Section 8.4.D ACH Rule reference , , and Appendix Four Verify that the ODFI accepts all Return Entries that comply with NACHA rules and that are transmitted by the RDFI within the time limits established by these rules. Dishonored Return Entries are transmitted within five Banking Days after the Settlement Date of the Return Entry. Contested Dishonored Return Entries are accepted as required. Verify that the ODFI is using Return Reason Codes in an appropriate manner. Verify proper Re-Initiation handling 45
46 Notifications of Change Section 8.4.E ACH Rules Reference , Verify that information relating to NOCs and Corrected NOCs is provided to Originator within two banking days of settlement of the NOC or Corrected NOC For CIE or WEB Entries, verify that NOC or Corrected NOC information is provided to any TPSP initiating Entries on behalf of the consumer originator Verify that refused NOCs are Transmitted within 15 days of receipt of and NOC or corrected NOC 46
47 Request for Authorization Section 8.4.F ACH Rules Reference , , Verify that the ODFI provides a copy of an authorization to the RDFI upon written request within 10 banking days of receipt of the request without charge For CCD, CTX, and IAT transactions to a Non- Consumer account, the ODFI must provide to an RDFI based on written request, an accurate record evidencing the Receiver s authorization or the Originator s contact information within 10 banking days 47
48 Permissible Returns Section 8.4.G ACH Rule reference Review internal procedures to ensure that, when agreed to by the ODFI, Permissible Return Entries are accepted R31 Permissible Return ODFI agrees to accept Notify receiving ACH staff Process Cannot dishonor 48
49 UCC4A Compliance for Origination Section 8.4.H Rule reference Verify Compliance with UCC 4A Customer Agreements Disclosure to Originators of CCD or CTX Entries Commercially Reasonable Security Procedures Are you the FI creating ACH files on the behalf of your originators? Do you have reasonable procedures to prevent errors? 49
50 Identity Verification Section 8.4.I ACH Rules Reference ODFI has utilized a commercially reasonable method to verify the identity of each Originator or Third-Party Sender that enters into an Origination Agreement with the ODFI When an ODFI has a relationship with a Third- Party Sender rather than with an Originator directly, also verify that the Third-Party Sender has utilized a commercially reasonable method to establish the identity of each Originator that 50 enters into an Origination Agreement with the
51 Reversing File Section 8.4.J ACH Rules Reference 2.8 and 2.9 Verify that reversing entries and files are done in accordance with the requirements of the rules 51
52 Back Office Conversion (BOC) Section 8.4.K ACH Rules Reference Identify those originators using BOC Document originator info Company name Address Telephone number Contact person Taxpayer ID Nature of business Must be provided to RDFI upon request 52
53 ODFI Reporting Requirements Section 8.4.L ACH Rules Reference Verify that if NACHA has requested in writing, Return Rate Information about an Originator, the ODFI has reported the information and in the time requirement 53
54 Direct Access Registration Section 8.4.M ACH Rules Reference Verify that the ODFI has (1) registered its Direct Access status with the National Association (2) obtained the approval of its board of directors, committee of the board of directors, or its designee for each Direct Access Debit Participant (3) provided required statistical reporting for each Direct Access Debit Participant (4) notified the National Association of any change to the information previously provided with respect to any Direct Access Debit Participant 54
55 ODFI Requirements of Originator & Third Party Sender Section 8.4.N ACH Rules Reference Articles 2.1 Ensure that Originators & TPS are kept informed of their obligations on a continuing basis Document method of notifying Originators of changes to the ACH Rules Do you audit your originators? 55
56 Third-Party Sender Explicitly apply certain risk management and Originator transaction monitoring requirements to Third-Party Senders Require third-parties to provide proof of completion of a Rules compliance audit to its Participating DFI to fulfill request from NACHA
57 Write-up Audit Report Compile the information gathered in your audit working papers and funnel into the Audit Report You may want to also write up a summary of you findings for presentation to the board of directors 57
58 Top Five ACH Examination Findings 1) Lack of Senior Management & Board Oversight 2) Lack of Adequate MIS and Reporting 3) Lack of Monitoring 4) Inappropriate Approval Process (separation of duties) 5) Inadequate Limits or No Limits
59 Risk Assessment 59
60 Risk Assessment Risk Assessment Objectives: Determine the inherent risks and risk factors within the bank s ACH or retail payment activities Identify the key control practices to limit those risks Evaluate the effectiveness of those controls to mitigated the risks considering the likelihood and potential impact to its capital and earnings AND its regulatory compliance obligations
61 Risk Management and Mitigation Common Risk Management Issues: Payments risk management not sufficient for scope of activities (informal, decentralized, or missing) Anxiety for income combined with passive oversight of third-party sender or originator activity Insufficient policies and expertise for the complexity of the payment s environment Lack of adequate customer due diligence/underwriting for exposure to credit or legal liability losses Lack of effective oversight over third party senders Limited FI board and senior management involvement Insufficient risk monitoring and reporting Inadequate NACHA Operating Rules, BSA/AML, or consumer protection training
62 Risk Management and Mitigation Risk Management Methods: Policies, standards, and risk limits Underwriting, due diligence, & oversight Contracts and agreements Transaction limits and controls Risk monitoring and reporting Audit and Control Testing
63 ACH Risk Management and Mitigation Primary Risk Mitigation Tools Consider frequency, audience, timeliness Lower Risk and Lower Volume Track daily, multi-day exposure limits Track ACH volume and return trends and compare to capital Identify and track customerspecific originations and returns (risk-based and/or volume-based threshold) Identify and track highest risk ACH originators ACH originator list with SEC code restrictions, limits, ACH line review date, and agreement date Track ACH over limits and exceptions Track consumer use of internet payment generation Higher Risk and Higher Volume All from lower risk plus: ACH originations and returns by debits, credits, SEC type, thirdparty sender, originator Track ACH reserve adequacy High-risk ACH originator risk ranking report High-risk ACH, tracking returns by SEC types and return code
64 Risk Management and Mitigation tion Credit Risk can be mitigated by: Thorough credit and financial analysis for originators, 3rd party vendors, & 3rd party senders Ensure agreements are maintained & updated Ensure policy includes a list of prohibited and high risk originators and SEC codes w/ approval process Establish risk-based debit and credit limits w/ exception approval requirements Effective customer activity monitoring and reporting Establish appropriate pre-funding and reserve requirements
65 Risk Management and Mitigation Mitigate Compliance and Legal Risk by: Implementing comprehensive BSA/AML, KYC, GLBA, and OFAC screening policies and procedures Conducting due diligence for unfair and deceptive practices by originators and third party senders (e.g., FTC Telemarketer Rule) Conducting adequate monitoring of 3rd parties to ensure effectiveness of due diligence and monitoring processes Performing required audits and independent reviews Ensuring that all origination agreements and third party contracts contain regulatory and compliance language Ensuring proper monitoring and exceptions reporting Ensuring that employees have the proper training
66 Risk Management and Mitigation Mitigate Liquidity Risk by: Monitoring volumes and trends Identifying peaks in usage Tracking volatility in payments activity Assessing impact on funding Use of prefunding and reserves to limit additional funding requirements Using expiration dates for higher limits for increased seasonal or temporary needs Identifying deposit concentrations from payment processing activity and assessing related volatility as a source of funds
67 Risk Management and Mitigation Mitigate Reputational and Strategic Risks by: Conducting background checks on originators and third-party senders Expanding oversight of high-risk originators NACHA Operating Rules Due diligence and risk management program Consumer complaints and litigation Regulatory actions Marketing and business practices
68 ACH related MIS should include: Portfolio-wide ACH origination volume compared to capital ACH returns ACH contract aging Customer distribution by risk rating Customer-specific ACH origination volume trends ACH return trends Unauthorized Return types, volume, $, and % to total transaction Volume Rules/contract violations Times over limit Changes in risk rating Contract date Note: If available, profitability analysis may be appropriate 68
69 ACH related MIS Lower Risk and Lower Volume Track daily, multi-day exposure limits Track ACH volume and return trends and compare to capital Identify and track customerspecific originations and returns (risk-based and/or volume-based threshold) Identify and track highest risk ACH originators ACH originator list with SEC code restrictions, limits, ACH line review date, and agreement date Track ACH over limits and exceptions Higher Risk and Higher Volume All from lower risk plus: ACH originations and returns by debits, credits, SEC type, third-party sender, originator Track ACH reserve adequacy High-risk ACH originator risk ranking report High-risk ACH, tracking returns by SEC types and return code 69
70 Risk Management and Mitigation Mitigate Operational Risks from Systems/Technology by: Establishing comprehensive vendor management program Establishing and monitoring effective service levels Ensuring daily monitoring and reporting of any issues Ensuring that employees have the proper training and expertise Ensuring appropriate access controls, authentication, separation of duties, and independent control reviews Ensuring consistent internal controls and processing procedures across multiple technology applications and platforms Ensuring adequate contingency plans and testing Performing adequate audits with NACHA Operating Rules as starting point
71 Risk Management and Mitigation Mitigate Operational Risk from Fraud by: Ensuring proper due diligence including background checks Using fraud detection software to filter suspicious activity Verification/validation of transmission Anomalous transaction detection Strict adherence to credit and other related policies Ensuring that credit originators require pre-funding or more in-depth financial analysis and underwriting Ensuring appropriate limits are in place Establishing adequate reserves for debit originators Complying with NACHA and Operator rules/regulations Requiring and enforcing updated agreements for all originators and third-party senders Monitoring activity and exceptions reports on a daily basis
72 Risk Management Program
73 Risk Management Program Planning Clearly defined objectives, well-developed business strategy, clear risk parameters, role w/in FI s strategic plan Risk Identification & Assessment Incorporate into existing risk management process, will vary by institution, & use of third-parties Mitigation & Controls Policies & procedures, clearly defined responsibilities, strong internal controls over transactions, risk-based audit program, well designed agreements Measuring & Monitoring Periodic reports allow board to determine activities remain w/in board established risk parameters
74 NACHA Rule Key Component of Rule Amendment Effective June 18, 2010, the Rule requires all participating DFI s to conduct a risk assessment of their ACH activities, and to implement risk management programs based on the results of such assessments, in accordance with the requirements of their regulator(s)
75 Risk Assessment Rule 1) Assessing the nature of risk associated with ACH activity; 2) Performing appropriate know-your-customer due diligence; 3) Establishing controls for Originators, thirdparties, and direct access to ACH Operator relationships; and 4) Having adequate management, information and reporting systems to monitor and mitigate risk
76 How Often? Have there been any changes in technology? Software, processors, new services Have there been change in the number of originators or types Have customer complaints increased Have there been any change in returns or charge offs? Have there been a change in personal? 76
77 FFIEC Made up of: (each may issue their own bulletins as well) Federal Reserve FDIC OCC NCUA CFPB State Regulators Issues guidance on key issues Authentication in an Internet Banking Environment (and recently a supplement to that Guidance) Risk Management of Remote Deposit Capture Issues and updates Handbooks on key topics such as: IT (including ACH, check, RDC) BSA (AML) Business Continuity
78 Risk Management Overview - FFIEC Financial institutions can mitigate many of the risks associated with electronic payments origination & processing: Based on a comprehensive risk assessment of the financial institution s electronic payments environment Board and management oversight that establishes appropriate risk tolerances, effective reporting, employee training, and prudent vendor management practices Leverage existing risk management processes Involve risk management, compliance, and audit resources in the electronic payments risk management effort Incorporate all payment products and services into a broader Payment Risk Management Program
79 Staff Is the FI s board knowledgeable and capable of understanding the risks? Determine if the quality and levels of staffing are adequate Reports showing staffing levels, turnover, trends Level of skill Staffing levels for peak periods Adequacy and quality of staff resources AAP
80 Staff (cont.) There is adequate capacity for current and planned transaction volumes? Automated vs. manual processes Quality of controls Separation of duties Dual control
81 Policies Policies should include: Goals and objectives of the program Approved products and services Prohibited Originators or Merchants Third Party Senders Exposure limits and Originator review Contracts & Agreements OFAC, PATRIOT Act, BSA/AML
82 Policies (cont.) UCC4A provisions Third Party Service Providers Direct Access to the ACH Operator File Delivery Data Breach ACH and Payment Product Audits
83 Review Originator Agreements Do the agreements adequately set forth the responsibilities of all parties? Do the agreements meet the requirements of the NACHA Operating Rules? Do the agreements mention funding arrangements, SEC codes allowed, Regulation CC, UCC 4A.
84 Third Party Sender ODFI ABC Company Hardware Store Payroll Company No agreements with originators Grocery Bike shop Church Dry Cleaner Day Care 84
85 ACH Transaction Flow Third Party RECEIVER ORIGINATOR Agreement Sender Payroll processor Third Party Sender Agreement ORIGINATOR s FI NO Agreement ODFI Third Party Sender s FI RDFI ACH OPERATOR
86 Third-Party Senders Non Contractual Relationship with Originators Need a specific contract to address risks Contract should include: ODFI approval of all originators Exposure limits per originator An exposure limit for the TPS Method to identify each originator Third party sender audit now required
87 Third-Party Senders Increased emphasis with regulators CIP for all parties involved Check for nested TPS New Rules implemented by NACHA effective 2015
88 Same Day ACH Origination of Same Day ACH Entries is optional Receipt of Same Day Entries is not optional All RDFIs must be prepared to pickup incoming ACH files from ACH Operator or Receiving Point and post Entries as required Next-day processing schedules will remain unchanged and will continue to be available for use 88
89 A Phased Approach to Same Day ACH To ease the industry s implementation effort, the new ACH Network functionality would be implemented across three implementation phases. Functionality Phase 1 Sept. 23, 2016 Transaction Eligibility ($25,000 limit; IAT not eligible) Phase 2 Sept. 15, 2017 Phase 3 March 16, 2018 Credits only Credits and debits Credits and debits New Same Day ACH Processing Deadlines 10:30 AM ET and 2:45 PM ET 10:30 AM ET and 2:45 PM ET 10:30 AM ET and 2:45 PM ET New Settlement Time(s) 1:00 PM ET and 5:00 PM ET 1:00 PM ET and 5:00 PM ET 1:00 PM ET and 5:00 PM ET ACH Credit Funds Availability End of RDFI s processing day End of RDFI s processing day 5:00 PM RDFI local time Times shown represent the approximate times for an ODFI s deadlines to transmit Same Day ACH transactions to an ACH Operator
90 Same Day ACH Risk Overview Same Day ACH and the faster movement of money can mitigate some risks and increase others The phased implementation of Same Day ACH is itself a risk mitigation tactic By limiting Phase 1 to credits, the industry has a year to adjust to the faster movement of funds before the introduction of same-day debits Allowing FIs and their account holders to adjust, before moving money out of accounts (debits) faster The $25,000 transaction limit (not batch or file limit) is a risk mitigation tool Controls the quantity of dollars that can move faster Controls the impact of receiving large dollar debits late in the business day 90
91 Before Originating Same Day ACH: Some Risk Considerations Develop an overall strategy for offering Same Day ACH Should Same Day be offered to all or select Originators? Not all customers may be suitable for same-day origination Not all FI products may be suitable for same-day origination Determine how to identify those Originators or transaction types permitted to use Same Day ACH Consider customer s profile (i.e., business model) when offering Same Day ACH Current credit limits and risk rating Prefunding and exposure Authentication methods Review Files or have processes in place to determine compliance with Same Day eligibility rules Ensure proper use of Effective Entry Date Other indicators (Descriptive Date, Company Discretionary Data) Transactions appropriate to the phase (Phase 1, Credits only) 91
92 Originator Risk Considerations ODFI should review policies for prefunding particularly in Phase 1 when debits will not be available for Same Day With $25,000 per Entry limit, off-set may not be eligible for Same Day Some Originators may attempt to split $25,000+ items into two or more Entries To mitigate their risk, ODFIs should monitor for this and educate Originators The ACH Rules Enforcement Panel will have final authority on any instances when it appears that an ODFI, Originator or Third- Party Sender is attempting to evade the limit To mitigate risk of an increase in unauthorized returns, ODFI should ensure Originators have clearly communicated use of same day debit Ensure customers understand the debit could take place same day 92
93 Vendor Management Assess management s ability to manage outsourced relationships with technology service providers Encrypt transactions while in route between service provider and institution Contract provisions Personnel, equipment Contingency planning Measurements specify what constitutes inadequate performance Appropriate sanctions Reduction in fees etc.
94 Third-Party Service Provider Risks Is the vendor/service provider a strategic fit for your organization? Is the third-party financially stable? Does the system allow for scalability? Will you have online access to real-time reports? Can velocity limit parameters be established? Does the application provide process & system monitoring capabilities?
95 Information Security FIs should implement the appropriate physical and logical security controls Look at service providers and external networks Consider controls on: Origination, approval, transmission and storage of ACH and other payment product s information Corporate Account Takeover
96 FFIEC Guidance: Internet Banking Risk Assessment High Risk Transactions Customer Authentication for High Risk Transactions Layered Security Programs Layered security is characterized by the use of different controls at different points in a transaction process so that a weakness in one control is generally compensated for by the strength of a different control. Customer Awareness and Education
97 Mobile Financial Services (MFS) Management should identify the risks associated with the types of MFS being offered as part of the institution s strategic plan. Operational Risk identify risks how the device communicates with the POS or other terminals. SMS Technology Mobile -enabled website Mobile Applications Mobile Payments Compliance Risk Reputation Risk 97
98 Board of Directors and Cyber Security Questions your Board of Directors should have answers to: What is Management s familiarity with cyber security and account takeover? Has Management identified where and how there is risk of an attack? Can your Management team articulate your institution s account takeover risk and explain your procedures to mitigate, identify and respond to attacks? 98
99 Board of Directors Questions your Board of Directors should have answers to: Has Management assigned clear roles and responsibilities within this plan? What are the communication plans in the event of an attack on your financial institution or business client? Does Management have a handle on the cyber security of your third-party service providers? 99
100 Board of Directors Board of Director Responsibilities: Set or approve your financial institution s risk tolerance and ensure Management targets your cyber security preparedness to align with that stated risk tolerance Review, approve, and support your financial institution s procedures to address risk management and control weaknesses 100
101 ODFI Exposure limits (both originator and TPS) Based on the originator s credit rating Relative to all services i.e. (cross-channel) Written agreements with originators addressing exposure Consumer Internet Banking limits Increase in unauthorized triggers require re-evaluation
102 ODFI Reports Automated for returns (60-75 days) Unauthorized Invalid NSF and other Entries in excess of the exposure limit and approval Audits from Originators
103 ODFI Exposure (Credit Entries) Period of time between the initiation of ACH credit file until the company funds the account Amount of risk based on total amount of the file Up to 2 days Credit Risk ODFI Exposure (Debit Entries) Date funds available to Originator until debits can no longer be returned by RDFI s Up to 60 days from settlement for unauthorized Can be 2 banking days for NSF/uncollected funds Amount of risk based on amount of individual or multiple returned ACH debits
104 ACH Funding Adequacy of funding before releasing the file to the Operator Prefunding Timing Blocks or separate account
105 RDFI Assess RDFI s overdraft policies Customers/members Funds Availability RDFI established procedures to deal with consumers notifications regarding unauthorized or revocation Stop Payments Freeze accounts for blocked parties (OFAC)
106 ACH Accounting Balancing procedures General ledger ACH activity with pending file totals Separate accounts for returns, unposted Verifies the source of the files originated Separation of duties Customer profile change request
107 Business Continuity Ensure you have developed a plan to continue operations in case of a emergency Consider all risks Risk rate what is critical to operations TEST, TEST, TEST Look at third party vendors plans 107
108 Observations and Conclusions
109 109 Sample Matrix
110 Observations and the Future Risk assessments not well integrated into enterprise risk assessment and management NACHA Operating Rules allow audits/assessments by non-independent parties Risk assessments performed by staff with incomplete understanding of industry/product risks Generous ratings for inherent risk and internal controls Smaller firms challenged to provide separation of duties Industry/products and risks continue to evolve rapidly
111 Conclusion As electronic payments volume, new products, and entry points continue to increase, financial institutions must have effective and comprehensive policies, procedures, and processes to identify, measure, and limit the risk to the bank and its customers. Financial institutions that process payments for third parties including payment processors and high risk merchants must implement enhanced risk management practices to protect against increased credit, compliance/legal, reputational, strategic, and operational risks.
112 Going Forward Be aware of the Supplement to the Guidance on Authentication in an Internet Banking Environment and how it continues to evolve Watch for updates to the IT handbook Be sure your institution has done risk Assessments for ACH and RDC Use the material presented today to ensure you ve covered all the appropriate topics in your Assessments
113 Risk Assessment Examples of recent risk-management requirements and guidance by regulators include: OCC Bulletin , Automated Clearing House Activities, September 1, 2006 ( FFIEC s BSA/AML Examination Manual, 2007 edition ( 07.pdf (pages 199 through 205) OCC Bulletin , Payment Processors, April 24, 2008 ( FDIC Financial Institution Letter , Payment Processor Relationships, November 7, 2008 ( FFIEC Guidance on Risk Management of Remote Deposit Capture, January 14, 2009 (
114 QUESTIONS 114
115 Resources WACHA- The Premier Payments Resource PAR- Payment Advisory Resource HELP DESK Phone: Toll Free: Fax:
Managing Third Party Risk in the ACH Network
Managing Third Party Risk in the ACH Network Tony DaSilva, AAP, CISA Senior Examiner Federal Reserve Bank of Atlanta Paul A. Carrubba Partner Adams and Reese LLP Disclaimer THE VIEWS AND OPINIONS EXPRESSED
More informationAuthorizations & Agreements. Presented by Laura Nelson, AAP NCP Education Specialist/Auditor
Authorizations & Agreements Presented by Laura Nelson, AAP NCP Education Specialist/Auditor Audio Handouts Questions Presented by: PAR/WACHA - The Premier Payments Resource Laura Nelson, AAP, NCP Education
More informationACH Risk: Is It a Myth or Reality. Mary Gilmeister, AAP, NCP President WACHA Fred Laing, II, AAP, CCM, NCP President UMACHA
ACH Risk: Is It a Myth or Reality Mary Gilmeister, AAP, NCP President WACHA Fred Laing, II, AAP, CCM, NCP President UMACHA Disclaimer WACHA and UMACHA, through their Direct Membership in NACHA, are specially
More informationKey Components of an RDFI. Mini Deck
Key Components of an RDFI Mini Deck Disclosure 2017 PaymentsFirst. All rights reserved. This material is not intended to provide any warranties or legal advice, and is intended for educational purposes
More information5/2/2017. Mini Deck. Disclosure
Key Components of an RDFI Mini Deck Disclosure 2017 PaymentsFirst. All rights reserved. This material is not intended to provide any warranties or legal advice, and is intended for educational purposes
More informationACH Industry Update, Audit Weaknesses and Emerging Payment Trends
ACH Industry Update, Audit Weaknesses and Emerging Payment Trends Presented by Adrian Brown, AAP Director of Education The Payments Authority is the association for payments people. ACH CARD CHECK WIRE
More informationACH FUNDAMENTALS: UNDER THE MICROSCOPE. Heather Spencer, AAP Implementation Coordinator, MY CU Services, LLC. Disclaimer
ACH FUNDAMENTALS: UNDER THE MICROSCOPE Heather Spencer, AAP Implementation Coordinator, MY CU Services, LLC www.mycuservices.com Disclaimer This material is not intended to provide any warranties or legal
More information2016 Annual ACH Audit CU*Answers
2016 Annual ACH Audit CU*Answers September 6, 2016 Marsha Sapino, AAP, BSACS AuditLink Assistant Manager 6000 28 th St SE Grand Rapids, MI 800-327-3478 ext.380 Marsha.sapino@cuanswers.com Jim Vilker, NCCO
More informationUMACHA 2014; All rights reserved 2
Mitch Kenady, AAP Compliance Services Specialist Dahlia Penland, AAP Compliance Services Specialist Regional Payments Associations, through their Direct Membership in NACHA, are specially recognized and
More informationPerformed by: The Payments Authority, under the oversight of AuditLink. October 22, 2013
Performed by: The Payments Authority, under the oversight of AuditLink October 22, 2013 October 21, 2013 On September 9, 2013 the Payments Authority conducted the CU*Answers annual ACH Audit. The overall
More informationGet on First Base with Same-Day ACH Risks
Get on First Base with Same-Day ACH Risks EASTPAY 2016 Information Interchange Mary Gilmeister, AAP, NCP President WACHA Fred Laing, II, AAP, CCM, NCP President UMACHA 1 Disclaimer NACHA owns the copyright
More informationOBLIGATIONS OF ORIGINATORS
OBLIGATIONS OF ORIGINATORS Revised September 2017 Legal Framework for ACH ACH Operating Rules- NACHA A series of contract law that is made binding by agreements. Regulation E Carries out the purpose of
More informationORIGINATING ACH ENTRIES REFERENCE
ORIGINATING ACH ENTRIES REFERENCE The following information has been provided so that customers can be familiar with their requirements under the NACHA Operating Rules (The Rules). This quick reference
More informationSame Day ACH: Preparing for Debits. Presented by Laura Nelson, AAP NCP Education Specialist/Auditor
Same Day ACH: Preparing for Debits Presented by Laura Nelson, AAP NCP Education Specialist/Auditor Audio Handouts Questions Presented by: PAR/WACHA-The Premier Payments Resource Laura Nelson, AAP, NCP
More information2015 NACHA COMPLIANCE SUMMARY GUIDE
2015 NACHA COMPLIANCE SUMMARY GUIDE Note: This compliance summary guide is provided by Jack Henry & Associates solely as a convenience to its ProfitStars Enterprise Payment Solutions customers and is not
More informationGlossary of ACH Terms
ABA NUMBER See Routing Number/Transit ACH - The Automated Clearing House network ACCESS DEVICE - A card, code, or other means of access to a consumer s account that may be used to initiate electronic funds
More informationSession 8: ACH. New York Bankers Association-Community Bank Auditors Group Internal Audit Training-June 6-8, 2016
Session 8: ACH New York Bankers Association-Community Bank Auditors Group 2016 Internal Audit Training-June 6-8, 2016 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2016 Wolf &
More informationNACHA Third-Party Sender Certification Program Criteria
INTRODUCTION These Third-Party Sender Certification Program Criteria set forth the subject matter areas that will be reviewed by NACHA in order to determine whether an applicant ( Applicant ) satisfies
More informationSame Day ACH: What Does It Mean to Your Financial Institution?
Same Day ACH: What Does It Mean to Your Financial Institution? Presented by WACHA Pre- Conference PAR/WACHA-The Premier Payments Resource Panelists: Laura Parsons FIS Wendy Stanford Bankers Bank Stacy
More informationCORPORATE USER ACH QUICK REFERENCE CARD
What is the ACH Network? The Automated Clearing House (ACH) Network is the a network created for the electronic movement of money and other related data. This is a safe, secure, and reliable network for
More informationNACHA Rulemaking Process Update
NACHA Rulemaking Process Update NAFCU Webcast February 2, 2016 Amy Morris Senior Director, ACH Network Rules - NACHA 2 Agenda Standing Rules Work Group Activities Compliance and Operations Minor Rules
More informationACH Credit a transaction through the ACH network originated to pay a receiver (deposit funds into an account).
ACH Glossary For additional information, refer to the current National Automated Clearing House Association (NACHA) Rules or contact us at 205-469-4000 or 888-902-4227. ABA Number also known as Routing/Transit
More informationMEMORANDUM. December 7, CU*Answers Executive Council CU*Answers Board of Directors. From: Patrick Sickels Internal Auditor CU*Answers
MEMORANDUM December 7, 2015 To: CU*Answers Executive Council CU*Answers Board of Directors From: Patrick Sickels Internal Auditor CU*Answers Re: ACH Audit 2015 Attached is the 2015 ACH audit. Every other
More informationRISKS WITH SAME DAY ACH
RISKS WITH SAME DAY ACH Kevin Olsen, AAP, NCP SVP of Payments Education About epayresources Not-for-profit Regional Payments Association Educational Programs & Payments Publications Member Benefits Voice
More informationCopyright 2017 Lakeland Bank. All rights reserved. This material is proprietary to and published by Lakeland Bank for the sole benefit of its
ACH Originator Guide Copyright 2017 Lakeland Bank. All rights reserved. This material is proprietary to and published by Lakeland Bank for the sole benefit of its clients. Reproduction, distribution, disclosure
More informationRisks with Same-Day ACH. Presented by Kevin Olsen, AAP NCP Senior Vice President, Payments Education
Risks with Same-Day ACH Presented by Kevin Olsen, AAP NCP Senior Vice President, Payments Education 2017 Audio Handouts Questions RISKS WITH SAME DAY ACH Kevin Olsen, AAP, NCP SVP of Payments Education
More informationACH Management Policy
ACH Management Policy Original Issue Date: December 16, 2003 Last Revision Date: February 27, 2018 Last Review Date: February 27, 2018 Next Review Date: February 2019 Page 1 of 5 ACH Management Policy
More informationThis is designed to provide those who are not familiar with the ACH Network with a basic understanding of the fundamentals of the ACH Network.
This is designed to provide those who are not familiar with the ACH Network with a basic understanding of the fundamentals of the ACH Network. The ACH Network is a batch processing, store and forward system.
More informationNEACH Payments Management Conference ACH Credit Risk: Credits, Debits, Same Day
ACH Credit Risk: The Credits, The Debits and The Same Day ACH Effect Jennifer Wasmund, AAP, NCP, Vice President of Education and Compliance, UMACHA www.neach.org 2016 NEACH. All rights reserved. Jen Wasmund,
More informationInternational ACH Transaction (IAT) Exception Handling. Presented by Laura Nelson, AAP, NCP Auditor/Education Specialist
International ACH Transaction (IAT) Exception Handling Presented by Laura Nelson, AAP, NCP Auditor/Education Specialist Audio Handouts Questions International ACH Transaction (IAT) - Exception Handling
More informationNACHA Operating Rules: What Do They Mean to You?
NACHA Operating Rules: What Do They Mean to You? 2015 NACHA The Electronic Payments Association. All rights reserved. No part of this material may be used without the prior written permission of NACHA.
More informationACH Originator Resources
ACH Originator Resources Revised 06-2017 Table of Contents Introduction...3 ACH Originator Responsibilities...4 ACH Glossary...5 Notification of Change (NOC) Codes... Error! Bookmark not defined. ACH Return
More informationPresented by: Jen Wasmund, AAP, NCP Vice President of Education and Compliance. Jordan Morell, AAP, NCP Associate Director of Education Services
Presented by: Jen Wasmund, AAP, NCP Vice President of Education and Compliance Jordan Morell, AAP, NCP Associate Director of Education Services Regional Payments Associations, through their Direct Membership
More informationAutomated Clearing House
Automated Clearing House THE SERVICE Customer wishes to initiate credit and/or debit Entries as an Originator through Bank to Accounts maintained at Bank and in other depository financial institutions
More informationTreasury Management Services Product Terms and Conditions Booklet
Treasury Management Services Product Booklet Thank you for choosing M&T Bank for your treasury management service needs. We appreciate the opportunity to serve you. If you have any questions about this
More informationONLINE BANKING DISCLOSURE STATEMENT AND AGREEMENT
ONLINE BANKING DISCLOSURE STATEMENT AND AGREEMENT Welcome to BankUnited. This Online Banking Disclosure Statement and Agreement (this Agreement ), together with the Application, Enrollment and Set-Up Form
More informationUCC 4A and the ACH Network. Presented by Wanda Downs, AAP Director of Payments Education
UCC 4A and the ACH Network Presented by Wanda Downs, AAP Director of Payments Education 2018 Audio Handouts Questions UCC 4A AND THE ACH NETWORK Wanda Downs, AAP Director of Payments Education Disclaimer
More informationCommercial Banking Online Service Agreement
Effective November 1, 2017 Commercial Banking Online Service Agreement Download PDF Welcome to Commercial Banking Online at Washington Federal. This Commercial Banking Online Service Agreement ( Agreement
More informationPayment System Rules and Regulations. What will you learn? After this course, you will be able to:
Payment System Rules and Regulations Regional Payments Associations, through their Direct Membership in NACHA, are specially recognized and licensed providers of ACH education, publications and support.
More informationReturns File Format. Revised 6/10/2010 Page 1 of 8
Returns File Format Revised 6/10/2010 Page 1 of 8 Col Name Data Type Length Description 1 Collection Level Alpha/Numeric 50 Collection service such as guarantee, charge back to merchant, NOC s, etc. 2
More informationTREASURY MANAGEMENT MASTER AGREEMENT TERMS AND CONDITIONS
TREASURY MANAGEMENT MASTER AGREEMENT TERMS AND CONDITIONS PLEASE NOTE THAT THESE TERMS AND CONDITIONS ARE A PART OF THE TREASURY MANAGEMENT MASTER AGREEMENT WHICH YOU HAVE READ AND SIGNED. ALL TERMS AND
More informationTreasury Management Services Product Terms and Conditions Booklet
Treasury Management Services Product Booklet Thank you for choosing M&T Bank for your treasury management service needs. We appreciate the opportunity to serve you. If you have any questions about this
More informationApplied Risk Management
THE PAYMENTS INSTITUTE July 20-23, 2014 Emory Conference Center Hotel, Emory University, Atlanta, Georgia Applied Risk Management Norman Robinson, AAP. CTP President & CEO EastPay, Providing Payments Expertise
More informationBSA/AML Hot Topics and UIGEA Daniel Hastings Financial Institution Examiner - FDIC
BSA/AML Hot Topics and UIGEA Daniel Hastings Financial Institution Examiner - FDIC Common BSA Deficiencies Revised FFIEC BSA/AML Examination Manual Proposed CDD Requirements for Financial Institutions
More informationUNDERSTANDING ACH First Tennessee Bank National Association. Member FDIC.
UNDERSTANDING ACH 2015 First Tennessee Bank National Association. Member FDIC. www.firsttennessee.com OVERVIEW The National Automated Clearing House Association (NACHA) regulates the use of the ACH system.
More informationThe Green Book & ACH Payments
Your State Association Presents The Green Book & ACH Payments Program Materials Use this document to follow along with the webinar presentation. Please test your system before the broadcast. Be sure to
More informationDecember 3, ACH Rulebook Subscribers. Cari Conahan, AAP Senior Director, Network Rules
December 3, 2010 TO: FROM: ACH Rulebook Subscribers Cari Conahan, AAP Senior Director, Network Rules RE: 2010 NACHA Operating Rules ᅳ Supplement #2-2010 Application Enhancements FOR YOUR INFORMATION: On
More informationCASH MANAGEMENT SCHEDULE. AUTOMATED CLEARING HOUSE SERVICES for Originators & Third-Party Senders
CASH MANAGEMENT SCHEDULE AUTOMATED CLEARING HOUSE SERVICES for Originators & Third-Party Senders This Schedule is entered into by and between Santander Bank, N.A. ( Bank ) and Customer identified in the
More informationDirectory of ACH Return Codes
Directory of ACH Return Codes The following ACH Return Codes can be associated with ACH payment processing. This is not a complete list of ACH Return Codes those related only to government payments, ATMs,
More informationPain Points in the Rules Phase Two Request for Comment and Request for Information. Executive Summary and Rules Description June 27, 2011
Pain Points in the Rules Phase Two Request for Comment and Request for Information Executive Summary and Rules Description June 27, 2011 REQUEST FOR COMMENT RESPONSES DUE BY FRIDAY, AUGUST 19, 2011 NACHA
More informationCountry Bank Cash Management Agreement
Country Bank Cash Management Agreement Date: This Country Bank Cash Management Agreement is made and entered into between ( You ) with your principal place of business as disclosed on the Cash Management
More informationTreasury Management Services Product Terms and Conditions Booklet
Treasury Management Services Product Booklet Thank you for choosing M&T Bank for your treasury management service needs. We appreciate the opportunity to serve you. If you have any questions about this
More informationAutomated Clearing House (ACH) Rules for Originators Trinidad and Tobago
Automated Clearing House (ACH) Rules for Originators Trinidad and Tobago Definitions Credit entries/instruments (also called Direct Credits ) allow for the disbursement of domestic currency payments only
More informationOld Point ACH Services Annual Training 2014
Old Point ACH Services Annual Training 2014 ACH Payments ACH Recipts ACH Collections ACH Payroll Introduction to ACH Services How does an ACH payment flow through the Network? Originator Originating Depository
More informationecorp Online Banking Access Agreement
ecorp Online Banking Access Agreement This Corporate Internet Banking Service Agreement ( Agreement ) is a contract which establishes the rules which cover your electronic access to your accounts at the
More informationThe ACH Network: Progress and Pathways to Faster Payments
The ACH Network: Progress and Pathways to Faster Payments 2017 Merchant Acquirer s Committee Annual Conference March 21, 2015 Las Vegas, NV 2 Agenda NACHA ACH Network Recent and Upcoming Rules Changes
More informationACH Origination Agreement (Company) has requested that Easthampton Savings Bank (bankesb) permit it to initiate Entries to Accounts maintained at the
ACH Origination Agreement (Company) has requested that Easthampton Savings Bank (bankesb) permit it to initiate Entries to Accounts maintained at the bank and other Financial Institutions by means of the
More informationNew Rules & Faster Payments
Payments at the Speed of Light A look at Faster Payments in the U.S. Patty Presta, AAP Vice President Professional Development New Rules & Faster Payments» Refresher Course Improving Network Quality Same
More informationNavigating the ACH Rules
Navigating the 2018 ACH Rules This material is not intended to provide any warranties or legal advice, and is intended for education purposes only. NACHA owns the copyright for the NACHA Operating Rules
More informationBusiness Online Banking Services Agreement
Business Online Banking Services Agreement 1. Introduction 1.1 This Business Online Banking Services Agreement (as amended from time to time, this Agreement ) governs your use of the Business Online Banking
More informationRabo Commercial Banking (RCB) Agreement
Rabo Commercial Banking (RCB) Agreement Acceptance of this Agreement You accept the terms and conditions of this Agreement, as well as any amendments that may be made to this Agreement from time to time,
More information(For sweep accounts.) Total dividends earned as of the last day of the statement period. (For line of credit.) Amount advanced today.
Contents: Glossary A B C D E F G H I J K L M N O P Q R S T U V W X Y Z A Top Account Reconciliation Plan (ARP) Accrued Dividends Month to Date ACH Addenda Advance Today Automated Clearing House (ACH) ARP
More informationBusiness Merchant Capture Agreement. A. General Terms and Conditions
Business Merchant Capture Agreement A. General Terms and Conditions Merchant Capture (MC), the Service, allows you to deposit checks to your LGE Business Account from remote locations by electronically
More informationKey Learning Points. Disclaimer. Compliance and Payments: A View of the Legal Framework. Lori Moore, CRCM ATTUS Technologies, Inc.
Compliance and Payments: A View of the Legal Framework Lori Moore, CRCM ATTUS Technologies, Inc. Key Learning Points Identify existing rules and regulations applicable to various payment methods Understanding
More informationNew ACH Stop Payment and Written Statement of Unauthorized Debit Requirements
New ACH Stop Payment and Written Statement of Unauthorized Debit Requirements Patty Presta, AAP Michael Gilchrist, AAP 2008 Western Payments Alliance. All rights reserved. No reproduction or distribution
More informationAgenda. New ACH Stop Payment and Written Statement of Unauthorized Debit Requirements. ACH Stop Payment Requirements Regulation E
2008 Western Payments Alliance. All rights reserved. No reproduction or distribution in any manner without prior written consent. New ACH Stop Payment and Written Statement of Unauthorized Debit Requirements
More informationAccount Disclosures. RDFI should review and update account disclosures to address:
IAT for the RDFI RDFI Obligations Account Disclosures OFAC Screening (Accounts) Acceptance and Screening of IAT Transactions Policies and Procedures (including OFAC) IAT Credit Processing Sample Procedures
More informationSame Day ACH: Moving Payments Faster
Same Day ACH: Moving Payments Faster 2015 NACHA The Electronic Payments Association. All rights reserved. No part of this material may be used without the prior written permission of NACHA. This material
More informationCustomer Access Agreement
First National Bank of Kemp 100 South State Highway 274 PO BOX 587 Kemp, TX 75143 (903) 498-8541 https://www.fnbkemp.com Customer Access Agreement You agree that any information or disclosures or notices
More informationFARMERS INSURANCE FEDERAL CREDIT UNION
FARMERS INSURANCE FEDERAL CREDIT UNION ELECTRONIC SERVICES DISCLOSURE AND AGREEMENT In this Disclosure and Agreement, the words I, me, mine, my, us, and our mean each and all of those (whether one or more
More informationDefinitions AML/BSA Risks Assess Your Risks Identify the Risks Mitigate the Risks Scenario Questions?
Definitions AML/BSA Risks Assess Your Risks Identify the Risks Mitigate the Risks Scenario Questions? 2 BSA Bank Secrecy Act Currency and Foreign Transactions Reporting Act, is legislation passed by the
More informationFees There are currently no separate monthly or transaction fees assessed by the Bank for use of the Online Banking Service including the External
Online Banking Account Agreement General This Online Banking Agreement (Agreement) for accessing your TrustTexas Bank, SSB account(s) via the Internet explains the terms and conditions of Online Banking.
More informationAUTOMATED CLEARING HOUSE (ACH) THIRD PARTY SERVICE PROVIDER ADDENDUM TO THE BUSINESS ONLINE USER AND ACCESS AGREEMENT
AUTOMATED CLEARING HOUSE (ACH) THIRD PARTY SERVICE PROVIDER ADDENDUM TO THE BUSINESS ONLINE USER AND ACCESS AGREEMENT We suggest you read this document carefully and print a copy for your reference. You
More informationService Agreement. UltraBranch Business Edition. alaskausa.org AKUSA R 05/15
Service Agreement UltraBranch Business Edition Your savings federally insured to at least $250,000 and backed by the full faith and credit of the United States Government. National Credit Union Administration,
More informationSame Day ACH Transaction Risk
Same Day ACH Transaction Risk The Clearing House Puerto Rico Payment Symposium August 21, 2015 Same Day Risk Agenda: Same Day ACH Background Settlement Operations Returns Risk Associated with Same Day
More informationWhat Do You Need to Know to Know Your Customer? SFE Conference MaY 3, 2017 Biloxi MS
What Do You Need to Know to Know Your Customer? SFE Conference MaY 3, 2017 Biloxi MS Discussion Today What Does KYC / KYCC Really Mean? Types of Customers Risk Profiles Using the Data Ensuring Compliance
More informationACH Origination Agreement
ACH Origination Agreement Company Information Company Name Address City, State, Zip hereafter referred to as Company. This Agreement is made on this day of, 2 0, by and between Company and Lakeland Bank
More informationEnhancements to ACH Applications ARC, BOC, POP, TEL and XCK; Collection of Service Fees Request for Comment
Enhancements to ACH Applications ARC, BOC, POP, TEL and XCK; Collection of Service Fees Request for Comment Executive Summary and Rules Description June 24, 2010 REQUEST FOR COMMENT RESPONSES DUE BY FRIDAY,
More informationKEYBANK BUSINESS ONLINE PAY WITH ACH SERVICE
KEYBANK BUSINESS ONLINE PAY WITH ACH SERVICE Terms and Conditions As used in these terms and conditions (herein called Terms and Conditions ) for the Bank s Pay with ACH online electronic funds transfer
More informationSame Day ACH Progress Report Looking Ahead. Ryan Waterman, AAP, AVP, Risk & Regulatory Compliance
Same Day ACH Progress Report Looking Ahead Ryan Waterman, AAP, AVP, Risk & Regulatory Compliance Ryan Waterman, AAP ACH Audits, Hotline Calls, and Risk Management AVP, Risk & Regulatory Compliance Responsible
More informationINDEPENDENT BANK ELECTRONIC BANKING SERVICES AGREEMENT AND DISCLOSURE STATEMENT
INDEPENDENT BANK ELECTRONIC BANKING SERVICES AGREEMENT AND DISCLOSURE STATEMENT READ THIS SERVICES AGREEMENT AND DISCLOSURE STATEMENT CAREFULLY AND PRINT A COPY FOR YOUR FILES. THIS SERVICES AGREEMENT
More informationINDEPENDENT BANK ELECTRONIC BANKING SERVICES AGREEMENT AND DISCLOSURE STATEMENT
INDEPENDENT BANK ELECTRONIC BANKING SERVICES AGREEMENT AND DISCLOSURE STATEMENT READ THIS SERVICES AGREEMENT AND DISCLOSURE STATEMENT CAREFULLY AND PRINT A COPY FOR YOUR FILES. THIS SERVICES AGREEMENT
More informationUNFCU Digital Banking Agreement
UNFCU Digital Banking Agreement Please read this Digital Banking Agreement (the Agreement ) carefully. This Agreement sets forth the terms and conditions that govern your use of UNFCU s Digital Banking
More informationTreasury Management Services Terms and Conditions
Treasury Management Services Terms and Conditions I. INTRODUCTION This Treasury Management Services Terms and Conditions ( Terms and Conditions ) governs the use of all treasury management services ( Services
More informationMain Street Bank EXTERNAL FUNDS TRANSFER AGREEMENT
Main Street Bank EXTERNAL FUNDS TRANSFER AGREEMENT ACCEPTANCE OF TERMS This Agreement sets out the terms and conditions (Terms) upon which Main Street Bank (Bank) will provide the ability to perform external
More informationACH Positive Pay Manual
Eastern Bank TreasuryConnect ACH Positive Pay Manual This user manual provides instructions for setting up Alerts and managing services for ACH Positive Pay. Those services are: Setup Alerts Manage Exceptions
More informationRetail Payments Office of the Federal Reserve System 1000 Peachtree Street, N.E. Atlanta, GA
Retail Payments Office of the Federal Reserve System 1000 Peachtree Street, N.E. Atlanta, GA 30309-4470 Dear CEO: As an ACH operator, our highest priority is making the ACH system as safe and secure as
More informationACH Tax Refunds: Exceptions, Posting, & Liabilities. Presented by Laura Nelson, AAP, NCP Auditor/Education Specialist
ACH Tax Refunds: Exceptions, Posting, & Liabilities Presented by Laura Nelson, AAP, NCP Auditor/Education Specialist Audio Handouts Questions Dealing with ACH Tax Refunds: Exceptions, Posting & Liabilities
More informationBeneficial State Bank ONLINE BANKING ACCESS AGREEMENT AND ELECTRONIC FUNDS TRANSFER ACT DISCLOSURE
Beneficial State Bank Services and Prices Effective 2-1-2018 ONLINE BANKING ACCESS AGREEMENT AND ELECTRONIC FUNDS TRANSFER ACT DISCLOSURE Agreement This Agreement is a contract which establishes the rules
More informationOur Community Credit Union Remote Deposit Capture User Agreement
Our Community Credit Union Remote Deposit Capture User Agreement This Remote Deposit Capture User Agreement ( agreement ) contains the terms and conditions for the use of the Our Community Credit Union
More information2017 WEBINAR SCHEDULE Affordable training, when and where you choose
2017 WEBINAR SCHEDULE Affordable training, when and where you choose With engaging, hot-topic webinars from your Association, you get all of the benefits of a classroom, without the time and hassle of
More informationNETEXPRESS ONLINE BANKING AGREEMENT (BUSINESS) Five Star Bank
NETEXPRESS ONLINE BANKING AGREEMENT (BUSINESS) Five Star Bank 1. Meaning of some words. In this agreement: a. We, us, our and ours mean Five Star Bank, 220 Liberty Street, P.O. Box 227, Warsaw, NY 14569;
More informationPermitted Mobile Banking Transfers Mobile Deposit Capture
TERMS AND CONSENT APPLICABLE TO ONLINE BANKING, ELECTRONIC SIGNATURES, EMAIL, FACSIMILE, AND OTHER ELECTRONIC SERVICES, COMMUNICATIONS, AND TRANSACTIONS Introduction The use of Patriot Federal Credit Union
More informationo The words "You" and "Your" mean a South Shore Bank Home Banking customer.
South Shore Bank Home Banking Authorization/Agreement This Agreement for South Shore Bank Home Banking (the "Agreement") is entered into between the Bank and any customer who uses Home Banking (the "Service")
More informationINTRODUCTION TO SAME-DAY ACH
INTRODUCTION TO SAME-DAY ACH Kevin Olsen, AAP, NCP VP of Payments Education About EastPay Not-for-profit Regional Payments Association Educational Programs & Payments Publications Member Benefits Voice
More informationRDC Legal Developments
RDC Legal Developments Prepared by: PAUL A. CARRUBBA Phone: (601) 292-0788 E-Mail: paul.carrubba@arlaw.com September 27, 2012 Paul Carrubba Paul is a partner in the law firm of Adams and Reese LLP. His
More informationFFIEC REMOTE DEPOSIT GUIDANCE. Presented by: PAUL A. CARRUBBA Adams and Reese LLP Phone: (601)
FFIEC REMOTE DEPOSIT GUIDANCE Presented by: PAUL A. CARRUBBA Adams and Reese LLP Phone: (601) 292-0788 E-Mail: paul.carrubba@arlaw.com Paul Carrubba 2 Paul is a partner in the law firm of Adams and Reese
More informationBusiness to Business Payments
presents Business to Business Payments The CCD and CTX Entry Disclaimer 2011 NEACH. All rights reserved. This material is not intended to provide any warranties or legal advice, and is intended for educational
More informationNew Cumberland Federal Credit Union NCFCU Remote Xpress Deposit Terms and Conditions Agreement
New Cumberland Federal Credit Union NCFCU Remote Xpress Deposit Terms and Conditions Agreement Your enrollment in NCFCU Remote Xpress Deposit Service constitutes your agreement with the Terms and Conditions
More informationAir Academy Federal Credit Union. Remote Deposit Capture Services Terms and Conditions
Air Academy Federal Credit Union Remote Deposit Capture Services Terms and Conditions The following provisions constitute an addendum to the Agreements and Disclosures of Air Academy Federal Credit Union
More information