If you accept ACH payments for products or services, listen up.
The National Automated Clearing House Association (Nacha) made a big shift in 2021 that will impact all businesses accepting ACH payments, as well as the payment processors handling those payments.
What Is Changing?
Nacha is the governing body regulating ACH payments. They set industry standards that all payment processors must abide by in order to accept ACH as a form of payment or money transfer.
As part of their requirements for processing payments, online debit transaction originators must have a process for detecting fraud. Nacha refers to this as a “commercially reasonable fraudulent transaction detection system.” This includes certain minimum requirements like requesting account numbers and routing numbers from new customers.
The real material change
that Nacha made is an addition to the definition of a commercially reasonable fraudulent transaction detection system. The new definition will make it a requirement that fraud prevention includes account validation by default.
Under previous rules, account validation was optional. Though some WEB debit originators already did this on their own, it was never a required part of the validation process. Now, it is. How this change affects your business will depend on what you’re already doing and how quickly you can adapt, if needed.
How It Affects You
If you already have a system in place for account validation, you may see very little change as long as it’s compliant with the new standards. If you don’t have a system in place that can accommodate account validation, you need to start working towards compliance right away.
This rule is not industry-specific, meaning if you accept ACH payments through your business you must update your processes to remain compliant.
ACH payments are involved in any online or electronic payment, excluding credit card payments. Paypal, direct deposit, debit, and other electronic transactions all go through the ACH network. This means that if you receive electronic payments for any reason, including ecommerce purchases or subscription services, you need to make sure your fraud detection system lines up with Nacha’s new regulations.
What Does Compliance Look Like?
To be compliant with the updated Nacha requirement, you need to begin doing account validation for:
Validation does not mean confirming names or personal information. Account validation only means that you must confirm that the account being charged is a legitimate, active account that accepts ACH payments.
The new ruling applies to transactions under $100,000.
When the Nacha Rule Changes Apply
The changes were agreed a few years back with an implementation date of March 19th, 2021. From this date until March 20th, 2022, all required parties should be either fully compliant or taking actionable steps to become compliant.
Compliance with Outsourced Payment Systems
Even if you’re not the one who handles ACH payments directly, you need to make sure your payment processor is compliant with Nacha regulations. If you work with a payment processor who doesn’t follow the new regulations, it could impact your ability to accept ACH payments.
It’s always important to ensure your payment processor has appropriate fraud detection processes in place. At minimum, they should meet Nacha’s requirements, although it never hurts to go above and beyond.
How Does Account Validation Work?
Account validation takes extra steps from the payment processor. There are many different ways to validate customer accounts, but one of the simplest ways is API Validation, also known as an API call. This is the method used by FirsTech.
Application Program Interfaces (APIs) allow customers to validate their bank details immediately by logging in to their accounts through the payment processor. They can select their bank from a list of available APIs, log in with their online credentials, and their account will automatically be verified within seconds.
API validation offers two main benefits: instant validation and identity verification.
Because API calls relay information through the user’s bank directly, there are no third-party communications to slow down the process. When the customer puts in their information, their bank will connect with them immediately to validate their account. It’s an instant validation method that’s initiated by the customer, not the payment processor.
The other benefit is that validating the customer’s account directly from the bank also verifies the identity of the account holder, not just the existence of the account. This extra step of verification helps in bolstering fraud prevention measures.
Along with our industry partners, FirsTech can offer above and beyond the new Nacha account validation requirements. Our API validation process can help you transition into compliance seamlessly with no disruption to your own customers or existing business model.
FirsTech – Fully Compliant Payment Solutions
At FirsTech, we offer comprehensive payment systems that are fully compliant with all Nacha requirements. With FirsTech, you can receive electronic ACH payments safely and efficiently. Our solutions are tailored to fit your business so you never miss out on a sale.