There’s new functionality in Nacha’s Risk Management Portal that’s going to be very useful to financial institutions seeking more information on International ACH Transactions (IATs).

Housed in the Portal’s Secure Exchange module, the IAT Exception – Request for Information is the first form to allow two-way communication between FIs. 

Jeanette Fox, AAP, Nacha Associate Managing Director, Risk Investigations & ACH Network Risk, said a typical use will be “when an RDFI has received an IAT, and they are not sure whether to post it or not. They need more information.” 

Step one is to go to the Portal’s Secure Exchange and choose the new IAT form. Secure Exchange will populate the ODFI’s ACH Operations and ACH Risk and Fraud contacts and the IAT contact (if available) from the ACH Contact Registry.

The RDFI then completes the boxes on the form to provide basic information including the trace number, the date received, and the amount. It can then select the information it needs from the ODFI, with options including birth date, alternative address, purpose of the payment, and remittance or other payment-related data. If it’s something else, they can check the “other” box and add details. After previewing the request, the RDFI hits “send.” 

Next thing you know, the contacts at the ODFI receive an email informing them there’s a Secure Exchange message awaiting them in the Portal. When the ODFI logs in, they can see the message, provide the requested information, and send it back to the RDFI, which then gets its own email that there’s a Secure Exchange message waiting.

If the ODFI fails to open the message, Fox said their recipients “will receive a weekly reminder, until somebody opens it.” IAT forms are deleted after 60 days. 

Fox also stressed that “Nacha doesn’t have access to any of the form information at all.” Only the two parties to the communication will be privy to that. 

All IATs must be screened for Office of Foreign Assets Control (OFAC) compliance by the Gateway Operator, the Originator, the ODFI and the RDFI, making this new secure communication invaluable.

“We think this happens a lot now by phone, maybe email, and even fax,” said Fox. “The benefit is the security of the Secure Exchange module in the Portal.”

While birth date might, on the surface, seem like an unusual request, Debbie Barr, AAP, CTP, Nacha Senior Director, ACH Network Rules Process & Communications, said it can be tremendously helpful for identifying parties that may be on the Specially Designated Nationals and Blocked Persons list (SDN list) for OFAC compliance.

“You might have hundreds of people with the same name,” said Barr. “So having a birth date can help narrow down whether this is the person on the SDN list or not, to help decide if you should post it.”

Authorized users may log in to Nacha’s Risk Management Portal here.