Nacha News

Nacha creates broadly adopted payment and financial messaging rules and standards through consensus-led governance, international collaboration, and innovative development practices. We continually advance the ubiquitous ACH Network and engage diverse stakeholders to accelerate a digital future of global financial services interoperability.

RMAG Best Practices for Risk & Exposure Management: Part 2

Earlier this year the Nacha Risk Management Advisory Group (RMAG) conducted a survey of the methodologies used by Originating Depository Financial Institutions (ODFIs) to manage ACH risk in their client portfolios.  The intent of the survey was to use the results to develop educational materials and best practices for ODFIs to consider as they manage their client portfolios.  This is the second in a series of five articles, one for each of the five parts of the survey.
The following are the recommended best practices for Limits & Controls:
  1. Review exposure limits on a regularly scheduled basis: While most financial institutions review the exposure limits on an annual basis, depending upon your financial institution’s Credit Policy or ACH Policy you may want to review them on a more frequent basis.  Refer to your financial institution’s internal policies for additional guidance.
  2. Review new clients more frequently: While you are beginning a relationship with a new client it may be advisable to review their exposure limits on a more frequent basis. One respondent indicated that they review new customers at 3 months, 6 months and 1 year, before going to an annual review cycle.
  3. Define criteria for when an additional review is needed: Within the policy structure of your financial institution should be the criteria defining when additional reviews are needed. Among the most frequently mentioned criteria were the following:
    • Recent change in the client’s financial condition (as defined by your organization)
    • If an Originator has exceeded their current limit a certain number of times over a defined period of time.
    • If the Originator has a significant change in their business or business practices.
  4. Establish limits for Internal Originators to reduce Operational and Reputational Risk: This is an often overlooked area within many financial institutions since Credit Risk for the internal department or affiliate company is generally not an issue.  However, establishing an exposure limit that is at an appropriate level may help you to stop a file that was incorrectly built and may contain duplicate or incorrect items. Slightly over 1/3 of the survey respondents had no established exposure limits for Internal Originators.
Please continue to follow Newslink for additional articles from the Nacha Risk Management Advisory Group on the best practices in risk and exposure management.