Supplementing Fraud Detection Standards for WEB Debits
This change to the Nacha Operating Rules will enhance quality and improve risk management within the ACH Network by supplementing the fraud detection standard for Internet-initiated (WEB) debits.
Currently, ACH Originators of WEB debit entries are required to use a “commercially reasonable fraudulent transaction detection system” to screen WEB debits for fraud. This existing screening requirement will be supplemented to make it explicit that “account validation” is part of a “commercially reasonable fraudulent transaction detection system.” The supplemental requirement applies to the first use of an account number, or changes to the account number.
This Rule modifies the following areas of the Nacha Operating Rules:
Article Two, Subsection 220.127.116.11 (Additional ODFI Warranties for Debit WEB Entries) to make explicit that a fraudulent transaction detection system must, at a minimum, validate the account to be debited.
Effective Date: January 1, 2020
Possible re-tooling of ACH Originators’ fraud detection systems
Or implementation of a system for Originators who currently do not perform any fraud detection for WEB debits
These impacts could increase the cost of originating WEB debits for some parties
RDFIs could receive a greater volume of ACH prenotifications, micro-transactions, or other account validation requests
Some could be in lieu of receiving live-dollar transactions initially