NEW ORLEANS—Jordan Bennett was working at the Federal Reserve when Hurricane Katrina slammed the Gulf Coast, and he remembers banks needing their ACH files as lines of communication were cut. 

“We had to figure out on the fly how we were going to do it. And we used thumb drives,” which were put on armored carriers and brought to New Orleans, said Bennett, who is now Nacha’s Senior Director, Network Risk Management. The lessons learned he imparts to this day.

“When you’re thinking about operational resilience, I want you to think of everything you can do. But there’s always going to be something that you didn’t think of. And you can change on the fly,” Bennett told the April 27 session “ACH Operational Resiliency” at Nacha’s Smarter Faster Payments 2025. 

Today, along with natural disasters, a whole new set of concerns should factor into resiliency plans.

“I think one of our biggest challenges are people who are going to attack us: nation-states, people that are going to attack your systems,” said Bennett. “You’ve got malware. We have all of these threat actors trying to get in and cause a disruption and trying to make money as well.”

Fellow panelist Scott Miner, Senior Vice President Electronic Payment Services, U.S. Bank, noted there are other important factors to consider. 

“When we think of maintaining resiliency, it’s not just keeping the lights on,” said Miner. Today, he said, a key factor is “being able to respond in more real time to manage not only your environment” but also to meet “the expectations of the customers, that are increasing on us all the time.” 

Miner said financial institutions are often running highly complex and customized legacy ACH systems. At the same time, fraud systems at FIs “are increasingly becoming complex—which is a great thing that ultimately helps to protect us.” But when it comes to matching those systems, there can be bumps in the road.

“In some cases, we’ve seen that this modern system is not talking to this legacy system very well,” said Miner. To make sure things are smooth, Miner said it’s important that FIs maintain “tight relationships internally” so that everyone knows what those systems are doing, how they interact, and what needs to be done to keep them updated. 

Finally, Miner offered some cautious words to FIs.

“Technology is not going to go away. Your ACH systems are going to need to respond in kind,” said Miner. “Whether it’s AI, whether it’s other forms of digitization, be very cognizant that it is happening in your system.”

Tanvi Patel, Payments Transformation Principal, PricewaterhouseCoopers, said for some FIs a fintech solution might be in order.

“A lot of questions we get are, ‘I have this really cool fintech, but how do I fit it in?’” said Patel. “It’s about how you make it work into the current legacy platform.”

As all panelists made clear, remaining resilient in a dynamic environment involves a lot of moving parts to respond on the fly to external threats while maintaining internal system compatibilities and customer expectations. There are many ways to address resiliency, including tantalizing new technology. But one thing the experts stressed: Complacency is not an option.