February 16, 2017
This ACH Operations Bulletin provides information to Participating Depository Financial Institutions and their business customers about a specific type of social engineering fraud that is targeting public-sector entities. Fraudsters have used these social engineering techniques to manipulate public-sector entities into redirecting legitimate vendor payments to accounts controlled by the fraudsters. Although any business entity could be the target of this type of social engineering attack, public-sector entities seem to be specifically targeted because their contracting information is often a matter of public record.
ACH Operations Bulletin #2-2014: ACH Transactions Involving Third-Party Senders and Other Payments Intermediaries
December 30, 2014
In most ACH transactions, the roles of the various parties to the transaction (e.g., Originator or Receiver) are well understood. When a transaction involves a Third-Party Sender or other payment intermediary, however, roles can become confused. Although the proliferation of new payment models makes it impossible to catalogue all the different fact patterns that may arise, this ACH Operations Bulletin is intended to provide some representative examples that should help participants and observers properly categorize the roles of the parties in payment scenarios involving different types of third party payment intermediaries, and understand how ACH transactions should be identified for consumers.
ACH Operations Bulletin #1-2014: Questionable ACH Debit Origination: Roles and Responsibilities of ODFIs and RDFIs
September 30, 2014
This ACH Operations Bulletin addresses the applicability of various sections of the Nacha Operating Rules (Nacha Rules) to questionable ACH debit origination activity, highlights the roles and responsibilities of both Originating Depository Financial Institutions (ODFIs) and Receiving Depository Financial Institutions (RDFIs), and describes several amendments to the Nacha Rules related to these topics. Due to these Rules amendments, several aspects of two previous bulletins from 2013 have been superseded; therefore, this bulletin replaces ACH Operations Bulletin #2-2013 (issued on March 14, 2013) and ACH Operations Bulletin #3-2013 (issued on July 15, 2013).
March 8, 2013
This ACH Operations Bulletin advises Originating Depository Financial Institutions (ODFIs) and other ACH participants of an amendment to the Nacha Operating Rules regarding the warranty an ODFI makes for an Outbound IAT Entry. This Bulletin is being issued due to the immediacy of the effective date of the Rules amendment.
October 25, 2012
This ACH Operations Bulletin advises financial institutions, state revenue agencies, and other parties that remit tax payments to state revenue agencies of a new “Third-Party Tax Payment” banking convention. Nacha recommends that the “TPP” convention be followed when formatting and transmitting remittance information in the addenda record of a CCD entry for certain “third-party tax payments.
ACH Operations Bulletin #1-2012: Use of Automated Enrollment Entries to Reroute Government Benefit Payments
September 12, 2012
This ACH Operations Bulletin provides guidance  to Participating DFIs that originate Automated Enrollment Entries (ENRs) on behalf of customers seeking to reroute Federal government benefit payments to a prepaid card.
September 20, 2010
This ACH Operations Bulletin provides guidance to Participating DFIs on their obligations for the timely processing of International ACH Transactions (IAT), and the application of the rule provision on the “Effect of Illegality.”
July 2, 2010
This ACH Operations Bulletin provides guidance to ACH Network participants, particularly Receiving Depository Financial Institutions, on the application of the Federal Reserve Board’s recent amendments to Regulation E on overdrafts to a specific class of ACH transactions.
March 29, 2010
All ODFIs must register their Direct Access status with Nacha no later than June 18, 2010. ODFIs that have already registered their Direct Access status with Nacha do not have to register again unless their Direct Access status changes.
December 2, 2009
This ACH Operations Bulletin provides information to Participating Depository Financial Institutions about “corporate account takeover” – a specific type of cyber-crime that is targeting small- and medium-sized business customers of financial institutions.
January 12, 2009
This ACH Operations Bulletin describes the obligations of participants in the ACH Network under a new regulation implementing the Unlawful Internet Gambling Enforcement Act, which were issued on November 12, 2008 by the Federal Reserve Board and the U.S. Department of the Treasury (the “Regulation”).
September 22, 2008
This policy addresses the importance of Originating Depository Financial Institutions (ODFIs) registering with Nacha their direct access relationships for ACH debit transactions, and following prudent risk management techniques including adherence to best practices for the duration of these relationships.