Members of Nacha’s Risk Management Advisory Group (RMAG) have noticed an increase in first-party fraud at their institutions, and Nacha representatives are fielding more questions on first-party fraud from other participants on the ACH Network. First-party fraud comes in many forms, but the two most concerning to RMAG member financial institutions and their customers are account opening schemes and false claims fraud. Two reasons commonly suggested by banks for the rise are: 1) unethical social media influencers that mislead consumers and provide “hacks” to get money back on a payment or transfer; and 2) fraudsters that abuse consumer protection laws meant to protect people from legitimate cases of unauthorized debits.

RMAG has spent a significant portion of its time in 2025 focused on this topic. An RMAG-led first-party fraud survey was conducted earlier this year with the intent of understanding the scope of the first-party fraud problem. A survey of Nacha Member Banks resulted in 11 responses. While small, we believe the survey is representative of the experiences banks are seeing regarding first-party fraud. The survey resulted in a few notable conclusions:

• All respondents rated the significance of the impact of first-party fraud a 3 or higher on a scale of 1 (Non-Issue) to 5 (Significant Problem), and most rated the impact as a 4 or 5.
• All financial institutions surveyed reported experiencing account opening fraud.
• Most account opening schemes don’t result in a loss, but those that do cause significant monetary losses for the surveyed institutions every month.
• Requesting proof of authorization (POA) from the Originating Depository Financial Institution (ODFI) on a Receiver’s claim of unauthorized debit is not standard. If requested and received, some Receiving Depository Financial Institutions (RDFIs) are willing to deny claims of unauthorized debit by their Receiver customers.
• RDFIs that investigate false claim fraud share the results internally with other departments.
• ODFIs collect significant data on each transaction from their Originators. ODFIs support providing additional data to the RDFI, if requested, to help resolve a situation that involves a claim of unauthorized when the Originator believes the items were authorized.

In 2022, Nacha released A New Risk Management Framework for the Era of Credit-Push Fraud. The focus of this framework, as the name suggests, is on combatting credit-push fraud and identifying opportunities to improve fraud detection and prevention and to aid in the recovery of funds. One of the three main areas of focus for the framework is that all participants have a role to play in detecting, preventing, and recovering from frauds that utilize ACH and other credits. The framework emphasizes that RDFIs may be in the best position to stop fraud.

The emphasis on the RDFI’s role in identifying fraud shouldn’t be thought of as limited to credit-push fraud. RDFIs serve a vital role in receiving claims of unauthorized debit from their customers. They can play an equally vital role as guardian of the payment systems when preventing returns on false claims of unauthorized debit. According to Regulation E, financial institutions shall investigate promptly any claims of unauthorized debits. Regulation E does not elaborate on how a financial institution is to investigate, which has led to a wide variance in investigation processes and procedures by RDFIs. While Regulation E does not require the RDFI to investigate beyond its "four walls," Originators and ODFIs are required to keep proof of authorization.

RMAG believes that requesting proof of authorization when investigating claims of unauthorized debit by RDFIs can reduce the impact of first-party fraud on financial institutions and Originators. Originators and ODFIs are required to keep proof of authorization, and they want the opportunity to provide documentation to support authorized transactions. The first-party fraud survey shows that proof of authorization matters to the RDFI. When it is requested during an investigation, received, and deemed to be legitimate proof that a consumer authorized a debit transaction, an RDFI is often willing to deny an unauthorized claim. 

It is important to stop consumer harm from legitimate debit fraud. At the same time, it is important to prevent fraudsters from taking advantage of Originators or ODFIs. The cost to an ODFI or brokerage in account opening schemes is often significant per individual transaction. Even at lower amounts, losses can add up quickly. Over half of survey respondents reported monthly losses of over $100,000. Proceeds from these schemes are used by fraudsters to expand their operations and commit fraud against other financial institutions. An RDFI may find itself an ODFI victim the next day.

First-party fraud is increasing, according to RMAG members. RMAG, along with other groups at Nacha, is looking for solutions to fight back against the fraudsters. In the meantime, financial institutions can work to investigate unauthorized claims and identify false claims of unauthorized debit. Every RDFI should understand that asking for proof of authorization is an excellent way to confirm fraud against its Receiver customers, and to identify fraud by its consumers against others.