Posted February 17, 2006
Recently, NACHA has received an increasing number of questions and complaints concerning a particular business practice involving attempts to obtain authorization of debit entries to business accounts. In these situations, an Originator mails a check to a business (typically to the business’ lockbox) where that check contains language printed on the back that states that by endorsing or depositing the check, the Receiver agrees to and has authorized the origination of ACH debit entries to its account. The check is processed and deposited into the Receiver’s account, and ACH debit entries are subsequently originated to the Receiver’s account.
Although this practice of authorizing corporate debit entries is not expressly prohibited by the NACHA Operating Rules, ACH participants must recognize that the practice of authorizing ACH debits by relying on the endorsement of a check is inherently risky to both ODFI and Originator and exposes them to the potential for significant loss and liability.
This operations bulletin is intended to alert ODFIs and other ACH Network participants to the following risks and dangers associated with this practice:
At best, the practice of using an endorsement on a check to authorize an ACH payment (as described above) can be confusing to the business receiving the check. The person endorsing the check may not understand the terms of the purported authorization, which state that the endorsement of the check will constitute authorization for the origination of future ACH transactions. At its worst, this practice can be unfair and deceptive when designed to intentionally cause the Receiver to authorize ACH transactions without the Receiver’s true intent to do so.
When counseling their Originators with respect to the requirements of the NACHA Operating Rules for proper authorization, ODFIs should caution their Originators that the Federal Trade Commission and various states’ attorneys general not only have the power to take action against unfair and deceptive practices in the ACH arena, but also that they have done so in the past.
The NACHA Operating Rules impose on the ODFI, as the gatekeeper to the ACH Network, the obligation to ensure that the ODFI’s Originators have obtained proper authorization for all entries originated. The ODFI warrants that these debits have been properly authorized, and where the authorization requirements have not been met, the ODFI bears the liability for any breach of this warranty. To minimize its potential for liability and loss, the ODFI should review its internal procedures to ensure that it has employed adequate procedures to know its customers, and that those customers are engaging in responsible business practices.
With respect to debit entries to business accounts, the NACHA Operating Rules require that these entries must be authorized by the Receiver, and that there must be an agreement between the Originator and the Receiver that binds the Receiver to the NACHA Operating Rules. Although the Rules do not define specific language that must be included within an authorization/agreement for business transactions, a valid agreement must be in place.
In the authorization practice described above, it is questionable whether a valid agreement exists between both parties. In the case of a lockbox, the endorsement stamped on the back of the check almost certainly has not been executed by a person with the power to authorize ACH debit transactions or to enter into contracts on behalf of the Receiver. In fact, the company does not even see these checks prior to endorsement/deposit. Even when such a check may be handled by the company directly, it is unlikely that the person preparing the deposit (the office manager, for example) is a party with the power to authorize ACH transactions or to enter into a contract on behalf of that company. In these situations, no valid authorization or contract exists and any debit entries based on that agreement are likely to be disputed as unauthorized transactions.
ODFIs must be aware that making the assumption that there is an agreement to allow future debits to a business account based on this practice is extremely risky and should understand their potential for liability. ODFIs are encouraged to consider these risks carefully and address any potential liability issues within their agreements with their Originators.
In addition to the requirements of the NACHA Operating Rules, Federal and State laws, including the Federal Trade Commission Act and state versions of that Act, may apply to the practice of using the back of a check for purposes of authorizing ACH debit transactions. Originators should ensure that they are familiar with and have established procedures to be in compliance with any such laws or regulations.
To minimize the potential for loss and liability for unauthorized transactions over the ACH Network, ACH participants are strongly encouraged to establish business practices that ensure that ACH authorizations are compliant with all rules, regulations, and applicable laws.
* * * *
Questions about this ACH Operations Bulletin should be submitted via email@example.com.