NACHA Requests for Comment on ACH Quality and Risk Management Topics and ACH Rules Compliance Audit Requirements

Similar documents
Re: Pain Points in the Rules, Request for Comment, August 17, 2010

Re: Request for Comment and Request for Information, Compliance and Operational Topics

NOTICE OF AMENDMENT TO THE 2016 NACHA OPERATING RULES SUPPLEMENT #1-2016

February 6, 2015 BY COURIER AND ELECTRONIC DELIVERY

Retail Payments Office of the Federal Reserve System 1000 Peachtree Street, N.E. Atlanta, GA

Re: Risk Management Enhancements, Request for Comment/Information, April 29, 2011

Draft Model Regulatory Framework for Virtual Currency Activities

December 9, Gerard S. Poliquin Secretary of the Board National Credit Union Administration 1775 Duke Street Alexandria, Virginia 22314

Automated Clearing House

Re: Amendments to the 2013 Escrows Final Rule under the Truth in Lending Act. Regulation Z [Docket No. CFPB ]

Pain Points in the Rules Phase Two Request for Comment and Request for Information. Executive Summary and Rules Description June 27, 2011

ACH Primer for Healthcare. A Guide to Understanding EFT Payments Processing

ORIGINATING ACH ENTRIES REFERENCE

ACH FUNDAMENTALS: UNDER THE MICROSCOPE. Heather Spencer, AAP Implementation Coordinator, MY CU Services, LLC. Disclaimer

Submitted Electronically. August 14, 2017

Request for Information Regarding the Bureau s Consumer Complaint and Inquiry Handling Processes [Docket No. CFPB ]

ACH Management Policy

January 18, Reduced Reporting for Covered Depository Institutions. Dear Ladies and Gentlemen:

August 1, Dear Ms. Misback:

Re: CFPB Request for Information regarding the Ability-to-Repay/Qualified Mortgage Rule Assessment

KEYBANK BUSINESS ONLINE PAY WITH ACH SERVICE

Same Day ACH Transaction Risk

Definitions AML/BSA Risks Assess Your Risks Identify the Risks Mitigate the Risks Scenario Questions?

Universal Payment Identification Code (UPIC ) guide. Securing and simplifying electronic payments

Navigating the ACH Rules

Copyright 2017 Lakeland Bank. All rights reserved. This material is proprietary to and published by Lakeland Bank for the sole benefit of its

UCC (Uniform Commercial Code) Article 4A. Mini Deck

UCC (Uniform Commercial Code) Article 4A

March 21, Robert dev. Frierson, Secretary Board of Governors Federal Reserve System 20 th Street and Constitution Washington, DC 20551

Managing Third Party Risk in the ACH Network

NACHA Rulemaking Process Update

Re: Proposed Statement On Auditing Standards Forming An Opinion And Reporting On Financial Statements Of Employee Benefit Plans Subject To ERISA

Testimony of. Check Clearing for the 21st Century Act. before the. Subcommittee on Financial Institutions and Consumer Credit.

May 9, Alternative Capital. Dear Ladies and Gentlemen:

Commercial Banking Online Service Agreement

December 3, ACH Rulebook Subscribers. Cari Conahan, AAP Senior Director, Network Rules

ACH Risk: Is It a Myth or Reality. Mary Gilmeister, AAP, NCP President WACHA Fred Laing, II, AAP, CCM, NCP President UMACHA

Simplifications to the Capital Rule Pursuant to the Economic Growth and Regulatory Paperwork Reduction Act of 1996

2015 NACHA COMPLIANCE SUMMARY GUIDE

April 3, By electronic delivery to:

2013 ICBA Community Bank Payments Survey: Key Findings

The State of ACH. MAAFP January 2017

May 21, Gerard Poliquin Secretary of the Board National Credit Union Administration 1775 Duke Street Alexandria, Virginia 22314

BSA Modernization Can Strengthen Law Enforcement and Ease Compliance

Payments Fraud Liability Matrix

Get on First Base with Same-Day ACH Risks

IAT Modifications Request for Comment. Executive Summary and Rules Description August 15, 2012

ACH Industry Update, Audit Weaknesses and Emerging Payment Trends

Treasury Management Services Product Terms and Conditions Booklet

Authorizations & Agreements. Presented by Laura Nelson, AAP NCP Education Specialist/Auditor

Same Day ACH: What Does It Mean to Your Financial Institution?

June 30, RE: Enhancements to Federal Reserve Bank Same-Day ACH Service; Docket No. OP Dear Mr. Frierson:

Expanding Same Day ACH

Universal Payment Identification Code (UPIC ) guide. Securing and simplifying electronic payments

Supporting Responsible Innovation in the Federal Banking System: An OCC Perspective

August 31, Robert dev. Frierson, Secretary Board of Governors Federal Reserve System 20 th Street and Constitution Washington, DC 20551

Is it an Unauthorized ACH Debit or Consumer Fraud? Biller Best Practices

Enhancements to ACH Applications ARC, BOC, POP, TEL and XCK; Collection of Service Fees Request for Comment

UMACHA 2014; All rights reserved 2

Risks with Same-Day ACH. Presented by Kevin Olsen, AAP NCP Senior Vice President, Payments Education

Same Day ACH: Moving Payments Faster

Presented by: Jen Wasmund, AAP, NCP Vice President of Education and Compliance. Jordan Morell, AAP, NCP Associate Director of Education Services

Performed by: The Payments Authority, under the oversight of AuditLink. October 22, 2013

Representment Terms & Conditions

Treasury Management Services Product Terms and Conditions Booklet

ONLINE BANKING DISCLOSURE STATEMENT AND AGREEMENT

ARE YOU READY FOR SAME DAY ACH??

RISKS WITH SAME DAY ACH

NACHA Third-Party Sender Certification Program Criteria

Treasury Management Services Product Terms and Conditions Booklet

P2P, A2A Payments: Perils to Protection. WACHA Conference 2016 Kimberly W. Rector, AAP

Session 8: ACH. New York Bankers Association-Community Bank Auditors Group Internal Audit Training-June 6-8, 2016

21 Billion ACH Transactions: Yep, Something s Going to Go Wrong!!! WACHA Conference 2014 Kimberly W. Rector, AAP MACHA

CASH MANAGEMENT SCHEDULE. AUTOMATED CLEARING HOUSE SERVICES for Originators & Third-Party Senders

Request for Information on FDIC Communication and Transparency, RIN 3064-ZA02

A2A EXTERNAL FUNDS TRANSFER SERVICE ADDENDUM TO ONLINE BANKING SERVICES AGREEMENT

This is designed to provide those who are not familiar with the ACH Network with a basic understanding of the fundamentals of the ACH Network.

The ACH Network: Progress and Pathways to Faster Payments

NEACH Payments Management Conference ACH Credit Risk: Credits, Debits, Same Day

Commodity Options and Agricultural Swaps, RIN 3038 AD21

Proposed Regulations Relating to the Foreign Account Tax Compliance Act (FATCA).

MODERNIZING ANTI-MONEY LAUNDERING AND ANTI-TERRORIST FINANCING LAWS AND REGULATIONS. White Paper July

What is Credit Monitoring?

Paying the Employee Section 5

Old Point ACH Services Annual Training 2014

Payment System Rules and Regulations. What will you learn? After this course, you will be able to:

MEMORANDUM. December 7, CU*Answers Executive Council CU*Answers Board of Directors. From: Patrick Sickels Internal Auditor CU*Answers

March 1, NACHA OPERATING RULES AND GUIDELINES ERRATA #1

Re: Notice of Proposed Rulemaking Re Receiverships for Uninsured National Banks, 81 Federal Register (Sept. 13, 2016).

November 17, Submitted Electronically

and Regulatory Affairs Re: Request for Comment: FR Y-9C, FR Y-9LP, FR Y-11 and FR 2314 Reports

Behavioral Biometrics: Making a Business Case for Same-Day ACH Payments

March 4, Dear Ms. Gottlieb:

January 8, Alison Touhey Vice President Office of Regulatory Affairs Phone:

Payment Processing 101

Business Banking Agreement

Key Components of an RDFI. Mini Deck

5/2/2017. Mini Deck. Disclosure

Re: FSP FIN 46(R)-c, Determining the Variability to Be Considered In Applying FASB Interpretation No. 46(R) Dear Mr. Smith:

Improving ACH Network Quality by Reducing Exceptions Request for Comment and Information

Transcription:

Submitted via email July 20, 2018 Mr. Michael Herd Senior Vice President, ACH Network Administration NACHA The Electronic Payment Association 2550 Wasser Terrace, Suite 400 Herndon, VA 20171 Re: NACHA Requests for Comment on ACH Quality and Risk Management Topics and ACH Rules Compliance Audit Requirements Dear Mr. Herd: The Independent Community Bankers of America ( ICBA ) 1 is pleased to submit comments to NACHA The Electronic Payment Association ( NACHA ) regarding two requests for comment on (1) ACH Quality and Risk Management Topics ( Quality and Risk Management Proposal ) and (2) ACH Rules Compliance Audit Requirements ( ACH Rules Audit Proposal ). The Quality and Risk Management Proposal amends the NACHA Operating Rules and Guidelines ( NACHA Rules ) to improve ACH network quality and risk management. Specifically, this proposal: 1. establishes a time limit for breach of authorization warranty claims; 2. changes existing return reason codes to provide more granular and precise reasons when an ACH debit is returned as unauthorized, and to allow a return for questionable activity; 1 The Independent Community Bankers of America, the nation s voice for nearly 5,700 community banks of all sizes and charter types, is dedicated exclusively to representing the interests of the community banking industry and its membership through effective advocacy, best-in-class education, and high-quality products and services. With nearly 52,000 locations nationwide, community banks employ 760,000 Americans and hold $4.9 trillion in assets, $3.9 trillion in deposits, and $3.3 trillion in loans to consumers, small businesses, and the agricultural community. For more information, visit ICBA s website at www.icba.org.

2 3. adds new detail regarding the fraud detection obligations that apply to Originators of WEB debits; and 4. establishes new information security requirements for certain large Originators, Third-Party Service Providers ( TPSPs ) and Third-Party Senders ( TPS ). The ACH Rules Audit Proposal consolidates and streamlines the compliance audit provisions in one section of the NACHA Rules and eliminates redundancy. ICBA Comments ICBA supports NACHA s ongoing efforts to improve ACH network quality and risk management practices, and supports the changes in the ACH Rules Audit Proposal noted below: Establish time limits for breach of authorization warranty claims but urges NACHA to further analyze the legal and risk implications regarding regulatory compliance. Re-purpose a different return code R11 for a transaction where an authorization exists between Originator and Receiver and the Originator has made an error regarding the payment. ICBA recommends an effective date of March 1, 2020, for this change to provide community banks and their TPSPs Make explicit that account validation is an inherent part of a commercially reasonable fraudulent transaction detection system. Allow Receiving Depository Financial Institutions ( RDFIs ) to use return reason code R17 to indicate that an entry does not have a valid account number. Require large Originators, TPSPs and TPSs to render account information unreadable when it is stored electronically. Additionally, ICBA strongly supports, in its entirety, the ACH Rules Audit Proposal, as it makes compliance audit requirement more consistent, and easier for ACH participants to understand and implement. Quality and Risk Management Proposal A. Time Limits for Breach of Authorization Warranty Claims Currently, NACHA Rules do not define the time period within which an RDFI is permitted to bring a breach of authorization warranty claim against an Originating Depository Financial Institution ( ODFI ). NACHA proposes to revise the NACHA Rules to limit the permissible time period for authorization warranty claims to one

3 year from the settlement date for entries to non-consumer accounts, and to 18 months from the settlement date for entries to consumer accounts. ICBA supports the operational clarity that establishing time limits would bring. However, ICBA urges NACHA to further analyze the legal and risk implications regarding regulatory compliance before balloting this proposal. B. Differentiating Unauthorized Return Reasons Currently, return reason code R10 covers all types of reasons for unauthorized returns. NACHA proposes to re-purpose a different return code R11 for a transaction where an authorization exists between Originator and Receiver, and the Originator has made an error regarding the payment. ICBA strongly believes that there is value for the industry in having greater insight into the level of fraud in the ACH Network. Thus, we support NACHA s effort to distinguish between fraudulent transactions for which there is no authorization and transactions for which there is an authorization, but the entry is not in accordance with those terms. ICBA believes that repurposing the R11 existing return reason code is preferable to the creation of an entirely new code for this purpose since this code is already recognized by ACH systems, processors and applications and the impact would be much less significant from cost and development perspectives. However, ICBA recommends an effective date of March 1, 2020, for this change to provide community banks and their TPSPs sufficient time to implement the change. C. Commercially Reasonable Fraud Detection for WEB Debits Currently, ACH Originators of WEB debit entries must use a commercially reasonable fraudulent transaction detection system to screen these transactions for fraud. NACHA proposes to make it explicit that account validation is an inherent part of a commercially reasonable fraudulent transaction detection system. ICBA supports this aspect of the proposal and agrees that specifying account validation as part of the fraud screening requirement for Originators of WEB debits will help prevent the introduction of fraudulent payments into the ACH Network. ICBA agrees with the cited examples of account validation methods identified to educate ACH participants, without endorsing a specific technology.

4 D. Allow a Return for Questionable Activity NACHA proposes to allow, but not require, RDFIs to use return reason code R17 to indicate that an entry does not have a valid account number, and the RDFI believes it is questionable, suspicious, or anomalous in some way. NACHA explains that the proposed change is consistent with existing NACHA guidance that advises RDFIs that they can use return reason code R17 to return questionable transactions that would otherwise be returned via existing invalid/no account return codes (R03/R04). ICBA supports allowing RDFIs to use return reason code R17 to indicate that an entry does not have a valid account number. This would provide an optional, automated way for RDFIs to alert ODFIs regarding questionable ACH activity, and allow ODFIs to distinguish questionable transactions from routine account number errors and to potentially prevent origination of additional questionable transactions. E. Account Information Security NACHA proposes to expand the existing ACH Security Framework rules to explicitly require large, non-financial institution Originators, TPSPs and TPSs to protect deposit account information by rendering it unreadable when it is stored electronically. ICBA supports this requirement as it would reduce potential harm from data breach events involving the referenced parties. ACH Rules Audit Proposal NACHA s ACH Rules Audit Proposal consolidates all requirements for the annual ACH rules compliance audit within one section of the NACHA Rules. Currently, the general obligation for ODFIs and RDFIs (and certain TPSPs and TPSs) to conduct an annual audit of their compliance with the NACHA Rules is located in Article One, Section 1.2.2 (Audits of Rules Compliance). However, additional detail regarding the audit requirement is separately located within Appendix Eight (Rule Compliance Audit Requirements). The proposal eliminates the specific inventory of points in Parts 8.2, 8.3, and 8.4 of the appendix. NACHA explains that the inventory attempts to recap, in abridged form, the actual rules defined elsewhere in the rules and appendices, and is redundant, incomplete, and in certain instances, inconsistent with the text of the relevant rule.

5 ICBA strongly supports this proposal and agrees that it will streamline the NACHA Rules, eliminate redundancy, and make the rules more consistent and easier for industry participants to understand and use. ICBA appreciates the opportunity to comment on these proposals. Please do not hesitate to contact me at cary.whaley@icba.org or 202.659.8111 with any questions regarding our comments. Sincerely, /s/ Cary Whaley First Vice President, Payments and Technology Policy

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback