2022 ACH Rules Update - JESSICA LELII, AAP ASSISTANT DIRECTOR OF EDUCATION MACHA/PAR-EVERYTHING PAYMENTS, EVERYWHERE - MY CU ...
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
2022 ACH Rules Update JESSICA LELII, AAP A S S I S TA N T D I R E C TO R O F E D U C AT I O N M A C H A / PA R - E V E R Y T H I N G PAY M E N T S , E V E R Y W H E R E JLELII@MACHA.ORG
Disclaimer (You Know the Drill)
Payments Associations are directly
engaged in the Nacha rulemaking
process, Accredited ACH © 2021 Macha/PAR
Professional (AAP) program and
the Accredited Payments Risk
All Rights Reserved
Professional (APRP) program.
The Accredited ACH No part of this material
Professional (AAP) and the
may be used without the
Accredited Payments Risk
Professional (APRP) are service prior written permission of
marks of Nacha. Macha/PAR
This document could include
This material is not intended to technical inaccuracies or
provide any warranties or legal typographical errors and
advice, and is intended for individual users are responsible
educational purposes only. for verifying any information
contained herein.
2
Agenda
Upcoming
Recap 2021 What’s the
Changes for Questions
Rule Changes Buzz?
2022
2021 Recap
Same Day ACH – March 19, 2021
Functionality Same Day ACH Processing
Transaction Eligibility
Credits and debits
($100,000 Limit, IAT not eligible)
10:30 AM ET
Same Day ACH Processing Deadlines 2:45 PM ET
4:45 PM ET
1:00 PM ET
Settlement Time(s) 5:00 PM ET
6:00 PM ET
1:30 PM RDFI local
ACH Credit Funds Availability 5:00 PM RDFI local
End of Day local
5
Reversals in the ACH
Effective June 30, 2021
◦ Explicitly state Reversals are only ALLOWED for defined reasons
◦ For example – explicitly not Allowed for non-settlement
◦ Add allowable reason – Wrong Date error
◦ Debit was earlier or Credit was later than intended
Reversal must match Original
Company Name If Reversal was Improper
SEC Consumer Claim – RDFI Permitted
Amount R11 – 60 days
Must have REVERSAL in R17 for Corporate – 2 days
Company Entry Description R17 - RDFI identifies – 2 days
6
Timeframe Limitation of Claims Based on Unauthorized
Entries – June 30, 2021
CONSUMER ACCOUNTS NON-CONSUMER ACCOUNTS
Two (2) years from Settlement One (1) year from Settlement Date
Date of Entry of Entry
And / Or
95 Calendar days from Settlement
Date of first Unauthorized Entry
(Regulation E compliance for RDFI)
New Rules limits the length of time in which an RDFI can make a
claim against the ODFI for its authorization warranty
7
Limitation– Consumer Account
Claim Date: Sept 8, 2021 Claim Date: Sept 8, 2021
Consumer reports 7 years' worth of Consumer reports 3 debits as
recurring debits as unauthorized unauthorized
RDFI likely able to return at least July 1, August 3, Sept 1
“2” entries – within the last 60 days
RDFI returns – Sept 1, August 3
RDFI can make claim for payments as unauthorized per the ACH
within the first 95 days – 1 – 4 Rules
entries
RDFI can make claim for July 1
RDFI can make claim for payments ◦ 2 years and/or
in the most recent 2 years – ◦ 95 days
October 2019 – July 2021
◦ Falls into either category
8
Consumer
Makes Claim
Request ODFI to Return Recent
accept Returns Entries
Not “Valid” or Contact ODFI for
Not Provided Proof
ODFI provides
Wait for ODFI
Proof
Process Does Not Change
9Summary – Warranty Limitations
Consumer Claims
Automatic Right to Return within last 60 days from Settlement Date
RDFI can still make a claim for Last 2 years worth of transactions
RDFI can make a claim for the First 95 days of entries from the original entry if it is older than 2
years
This change still maintains RDFIs compliance with Regulation E requirements
Most importantly we need to continue to remind account holders to monitor statements
10Corporate Accounts –
Warranty Limitations
Business
RDFI ODFI RDFI
Accounts
• R29 • Past 2 Days • Contact • Warranty
• Two Days • Contact ODFI Information Claim – 1 year
• May Not be • Not much
Written really changes
Agreement for Corporate
Claims
11Proof of Authorization
September 17, 2021
RDFI Makes Request
for Authorization
ODFI written permission to RDFI to just
Return the Entry – no proof provided
RDFI still maintains right to request proof
12Electronic or Oral WSUD
September 17, 2021
Clarifies that RDFI may obtain
Written Statements of Unauthorized Debits WSUD
Electronic Signatures or Oral
• Compliance with E-Sign
• Evidence of Identity & Assent to the Terms
13Oral or Electronic WSUD
RDFI
ODFI
Options
Prepared to receive requested
Wet Signature – like today WSUD
Electronic Signature In new acceptable formats
Oral
Electronic or Oral
Must comply with all existing
information requirements
Proof/Record
Ability to provide to ODFI
142021 Nacha Operating Rules
Page OG 342 or on Macha’s Member’s
Only page
R10
R11
R07
Just a Reminder – Never for “Happiness”
15Meaningful Modernization
Effective September 17, 2021
◦ Explicitly define & better enable use of Standing Authorizations & Subsequent
Entries for Consumer ACH debits
◦ Define & allow the use of oral authorizations of consumer ACH debits beyond
telephone calls
◦ Clarify & provide greater consistency of authorization standards for Consumer
ACH debits
16September 17, 2021
Authorization Standards
Grandfathered
applies to new
Minimum Requirements Authorizations
Consumer Debit Authorizations (2.3.2.2)
Language that entry is single, multiple, recurring entry
Amount or method of amount determination All Authorizations
Timing, number or frequency Readily identifiable
Receiver’s name/identity Clear and readily
Account to be debited understandable terms
Date of Authorization
Revocation language (how & when)
Originators need to
be incompliance
17Standing Authorizations
/Subsequent Entries
Flexibility Clearer
Authorization &
accommodates understanding of
Initiation across
Originator's systems “wholesome
business models
and practices authorization”
Framework for
Originators to offer
new payment
initiation options
18Standing Authorization
Source: Nacha
19Standing Authorizations
Method of Receiver’s Affirmative Action
Via the Internet/Wireless
Written Via a
Network (Alexa, Skype,
Request Telephone Call
website, text msg., app)
In Writing PPD PPD or TEL PPD or WEB
Telephone
Form of the TEL TEL TEL or WEB
Auth.
Standing
Authorization
Internet or
Wireless
WEB WEB or TEL WEB
Network
Auth.
20“Speaking” Authorization – Debate
Settled
Oral Authorization / Oral Authorization /
Subsequent Entries Subsequent Entries
Oral Authorization Rules
Unsecure Electronic Consumer uses a Language Updated
Network Originator uses telephone Originator
WEB entry uses TEL entry
21Meaningful Modernization Guidelines
Update
Supplement #2-2021
Nacha issued
Significant revisions to • To address all the changes from Meaningful Modernization
the Guidelines • Will be incorporated in 2022 Nacha Operating Rules
Available on Macha – • Under “ACH & Check Rules Updates”
Member’s Only site
22What’s Coming in 2022?
2022 Rule Book
www.nachaoperatingrulesonline.org
◦ January 1, 2022
◦ Access to Rules supplements
◦ Printing , bookmark
Revisions Section
◦ New Rules
◦ Reminder – highlighted text
◦ New or revised Ruleswww.nachaoperatingrulesonline.org
25More Changes to SDA
Dollar Limit $1,000,000 March
per entry 18, 2022
• RDFI Impact to Clearing Accounts
• Especially the 6:00 pm settlement
• ODFI Risk Management
26Non-FI Originators, Third-Party Service Providers, Third-Party Senders
This rule DOES NOT APPLY DIRECTLY TO Financial Institutions
June 30, 2022
/
Protect account numbers by making them unreadable when stored electronically
• 2020 volume exceeds 2 million entries, by June 30, 2022
Rules requirement is neutral on method/technology
• Encryption, truncation, tokenization, etc
Account Information Security RequirementNested Third-Party Senders
Recently ◦ Defines
Approved ◦ Requirements of Origination Agreements to address
Nested TPS (going forward)
◦ ODFI required to attest in Risk Management Portal if
Third-Party Sender Roles &
Nested relationships exist
Responsibilities
◦ ODFI warranties for chain of Nested TPS
Effective:
Explicit requirement:
September 30, 2022 ◦ Third-Party Senders must complete a Risk Assessment of
their ACH Activity
Compliance by:
Only applies if you are an Originating
March 31, 2023 Depository Financial Institution and you
have Third-Party Sender Relationships
28Risk Assessments for Third-Party Senders??
No Standard
CDD, Exposure
Limits, PCI, TPPP
Credit, ODFI Guidance
Originator industry
Operational, Requirements issued by
Authorization groups, FFIEC
Fraud, – Article One financial
process, data & Third-Party
Compliance, & Two of institution
security, ACH Payment
Reputational Rules regulators
entry specific Processors
Rule
29What’s the Buzz?
Coming Soon Nacha is considering a ballot on a rule to define and standardize practices and formatting of micro-entries, which are used by some ACH Originators as a method of account validation This Rule is proposed to become effective in two phases •Phase 1-June 30, 2022 •Micro-Entries will be defined, and Originators will be required to use the standard Entry description and follow other origination practices •Phase 2 -March 17, 2023 •Originators of Micro-Entries will be required to use commercially reasonable fraud detection, including the monitoring of Micro-Entry forward and return volumes •RDFIs will be required to treat credit and debit Micro-Entries consistently
What’s a Micro-Entry? Micro-entries are a generally accepted method in the marketplace for an ACH Originator to test the validity of a Receiver’s account Due to several incidents of mis-use of micro-entries, Nacha issued two ACH Operations Bulletins in 2021 on Risk Management and Monitoring of Micro-Entries (May 18 and Sept. 7, 2021) •Nacha’s Risk Management Advisory Group also published a paper on the Use and Monitoring of Micro-Transactions on the ACH Network (Sept. 8, 2021)
SM FedNow News
Continuing Education
Credits
2022 ACH Rules Update
November 18, 2021
This session is worth 1.8 credits
36Payments – Its What We Do
Macha/PAR- Everything Payments, Everywhere
HELP DESK
Phone: Toll Free: Fax:
262-345-1245 info@macha.org
800-453-1843 262-345-1246
410-859-0090
37You can also read
