September 22, 2022

Nacha Announces New Risk Management Framework for the Era of Credit-Push Fraud

image of diagonal lines

HERNDON, Virginia, Sept. 22, 2022 –Nacha released a report on its latest Risk Management Framework today, providing a new strategy for industry participants in both the ACH Network as well as other payments systems to address new and persistent frauds that increasingly make use of credit-push payments. Common examples of fraud scenarios that target credit-push payments include vendor impersonation, business email compromise and payroll impersonation, which result in money being sent out from the accounts of bank account holders. These frauds are significant, with the FBI’s Internet Crime Complaint Center reporting that in 2021 there were $2.4 billion in losses due to business email compromise-style frauds.

Nacha’s strategy identifies three themes in payments risk management and areas of focus for new initiatives. 

  1. The most significant fraud threats to bank account holders involve fraud and scams that result in money being sent out of their accounts using credit payments, including ACH credits, wires, cards, and other instant and digital payments.
  2. The financial institutions that receive these credit payments should have an active role in fraud detection, prevention, and recovery. These institutions are often in the best position to identify potentially fraudulent credit payments sent to accounts at their institution.
  3. Success in fighting credit-push fraud requires cooperation and information sharing among financial institutions and other stakeholders.


“The fraud landscape is dynamic, so it is important that participants in the payments system understand and adapt to emerging fraud scenarios and develop counterstrategies to help protect their customers and themselves,” said Jane Larimer, Nacha President and CEO. “We need a new way of thinking about fraud detection, prevention and recovery and a cultural change about fraud information sharing.”

Nacha worked with financial institutions, ACH Operators, Payments Associations, solution providers and corporate customers to develop this new framework.

“All participants in the payments system have roles to play in working together to combat fraud,” said Tim Thorson of Regions Bank, who serves on both Nacha’s Rules and Operations Committee and its Risk Management Advisory Group. “Receiving financial institutions are often in the best position to identify suspicious or fraudulent credit payments that are being directed to their own accounts. This new collaborative approach is critical to improving fraud detection, prevention and recovery.”

The Risk Management Framework report is available here.

About Nacha

Nacha governs the thriving ACH Network, the payment system that drives safe, smart, and fast Direct Deposits and Direct Payments with the capability to reach all U.S. bank and credit union accounts. More than 29 billion ACH Network payments were made in 2021, valued at close to $73 trillion. Through problem-solving and consensus-building among diverse payment industry stakeholders, Nacha advances innovation and interoperability in the payments system. Nacha develops rules and standards, provides industry solutions, and delivers education, accreditation, and advisory service