We rely on your prompt reporting of any such breaches in order to monitor Network trends and weaknesses. If your financial institution has experienced a consumer-level ACH data breach, we provide a standardized form to notify us of the incident.
Our Interim Policy on ACH Data Breach Requirements, effective September 28, 2007, provides a clear means for ODFIs to report any theft or misuse of consumer-level ACH data. That reporting, in turn, increases the Network’s security and helps NACHA mitigate future data theft.
If an ODFI suspects that there has been an ACH data breach of consumer-level data, the Interim Policy requires that:
To report an ACH data breach, ODFIs should use the form below. A NACHA representative will confirm receipt of your submitted information within 24 hours.