This rule supplements previous ACH Security Framework data protection requirements by explicitly requiring large, non-FI Originators, Third-Party Service Providers (TPSPs) and Third-Party Senders (TPSs) to protect deposit account information by rendering it unreadable when it is stored electronically.
These changes will amend the Nacha Operating Rules (Rules) to address a variety of minor topics related to Meaningful Modernization, an ACH Operator edit and expiration of stop payments on non-consumer accounts.
The overarching purpose of these two Rules is to deter and prevent, to the extent possible, the improper use of reversals and the harm it can cause.
The two Rules explicitly address improper uses of reversals, and improve enforcement capabilities for egregious violations of the Rules.
This rule better differentiates among types of unauthorized return reasons for consumer debits. This differentiation will give ODFIs and their Originators clearer and better information when a customer claims that an error occurred with an authorized payment, as opposed to when a customer claims there was no authorization for a payment. ODFIs and their Originators should be able to react differently to claims of errors, and potentially could avoid taking more significant action with respect to such claims.
This rule expands access to Same Day ACH by allowing Same Day ACH transactions to be submitted to the ACH Network for an additional two hours every business day. The new Same Day ACH processing window became effective on March 19, 2021.
Learn more about Same Day ACH with our Resource Center.
The WEB Debit Account Validation Rule became effective March 19, 2021. The rule was originally approved by Nacha members in November 2018 to become effective January 1, 2020.