Mitigating Fraud Risks for Same-Day ACH

In the wake of this week's rollout by NACHA, The Electronic Payments Association, of same-day ACH payments in the U.S., fraud departments at originating and receiving banks should be bracing for the new risks posed by faster payments, says NACHA's Jane Larimer.

Same-day ACH is the first step toward the move to real-time payments over the course of the next two years, Larimer, NACHA's executive vice president of ACH Network Services, says in an interview with Information Security Media Group.

Risks posed by faster payments can be greatly reduced by ensuring fraud departments are adequately authenticating and verifying ACH payment senders, payment recipients and transaction amounts from origination to receipt, Larimer says.

"From a high-level perspective, my hope would be that fraud departments see the risk mitigants and the potential for increased fraud risk" posed by faster payments, Larimer says. "One of the things that fraud departments need to do is ensure that they have those adequate controls in place upfront."

Robust Authentication

That means originating banks need to have robust authentication of senders who initiate transactions, as well as strong security for files that are sent to the receiving bank, she stresses. "On the origination side, it's making sure you have transaction monitoring, or strong authentication of all the controls you need at file initiation."

Receiving banks need to ensure that they have tools in place to review transactions within the same day they are received, Larimer says. If a transaction is flagged, then it has to be returned that day. Banks will no longer have more than 24 hours to review and return those transactions from their exceptions departments, she explains.

"With faster payments, they have to put in adequate controls," Larimer says.

During this interview (see link to audio below image), Larimer also discusses:

Faster payments lessons learned from the SWIFT-related heists and the rollout of real-time payments in other global markets; NACHA's three phases for the rollout of faster payments; and Why stringent regulatory oversight of U.S.-only ACH payments has greatly reduced risks for fraud.

In addition to serving as NACHA's executive vice president of ACH Network Administration, Larimer serves as its general counsel. She leads the department responsible for all activities that support NACHA's role as administrator of the ACH Network, including rule-making, risk and compliance, and network development. She also provides legal support for the NACHA operating rules and for NACHA's activities in ecommerce, electronic check initiatives, electronic bill payment/presentment and electronic benefits transfer. Before joining NACHA, Larimer practiced law with the lending, banking and public finance group of Bryan Cave LLP, formerly Powell, Goldstein Frazer & Murphy, in Atlanta.