The regulatory body for the automated clearing house network on Tuesday unveiled two new network rules that, among other changes, will lower a key threshold for unauthorized returns, impose new fees on originating banks for unauthorized debits, and hand new enforcement authority to the ACH regulator, Herndon, Va.-based NACHA.
The new requirements, formally amendments to ACH network operating rules, were approved Friday by NACHA’s voting members and go into effect at different times next year. The amendments stem from proposals NACHA introduced in November in an effort to combat unauthorized transactions as well as returns resulting from administrative errors and other causes. Comments on those proposals closed in January.
A chief purpose of the rules is provide new avenues for banks and NACHA to identify and act against so-called outliers, or originating businesses that generate returns out of proportion to the volume they handle, says Janet O. Estep, NACHA’s president and chief executive. The rules “do provide for more scrutiny of outliers that are causing more concern than not,” she tells Digital Transactions News.
At the same time, NACHA is trying to balance its members’ stakes in sometimes conflicting interests, including risk, innovation, and network quality, Estep says. “No one thing will fix all,” she notes. “But if we are focused on the outliers, it’s a more effective way to look at how to best address risk in the network.”
Some of the concern about outliers stems from recent ACH network trends. After years of decline, the overall average network return rate for unauthorized transactions held steady last year at 0.03%, the same as in 2012. While this represents just 3 out of every 10,000 transactions, the combination of increasing network volume and the bottoming out of the return rate means the absolute number of unauthorized transactions is up, along with the overall costs borne by receiving financial institutions.
One of the new amendments, the Network Risk and Enforcement rule, consists of four parts and aims at returns stemming from various causes, including unauthorized transactions as well as transactions returned for data errors. One part of the rule takes effect Sept. 18, 2015 and resets an important threshold for unauthorized debit entries from 1% to 0.5%. Originating financial institutions that exceed this level trigger a risk investigation or enforcement proceeding. The rule also sets two new target levels that technically are not thresholds, 3% for returns due to administrative or account-data errors, and 15% for all debit entries returned for any reason. Return rates exceeding these levels will start an eight-step process examining the originating bank's ACH activity.
The actual return rate for data errors in 2013 was 0.33%, and that for all causes was 1.42%, according to NACHA.
Other parts of the rule restrict the re-submission of returned entries to certain narrow conditions (effective Sept. 18, 2015), require third-party processors to submit proof of completion of annual rules-compliance audits to the originating bank (effective Jan. 1, 2015), and allow NACHA for the first time to initiate enforcement actions, including the gathering of information regarding alleged rule violations (effective Jan. 1, 2015).
The second new amendment, called the ACH Network Quality rule, seeks to raise costs to originating banks and at least partially reimburse receiving banks when unauthorized transactions occur. Under the rule, which is effective Oct. 3, 2015, originating banks will be required to pay a fee to receiving banks for each debit returned as unauthorized.
The new fee for unauthorized returns is unrelated to the returns thresholds set in the risk-and-enforcement rule and is simply based on the sheer number of unauthorized transactions generated by the originating bank. The actual fee has not yet been set, but NACHA is apparently looking at a number between $3.50 and $5.50 per transaction.
Estep says the fee will be linked to the costs receiving institutions incur for returned items, including the impact on customer service, but “by no means is it meant to be full cost recovery,” she says.
Originating depository financial institutions, or ODFIs, act on behalf of businesses receiving payment via ACH and tend to be the larger banks in the country, while most financial institutions fill the role of receiving depository financial institutions, or RDFIs, which hold the payor accounts.
Expert observers say that while transaction-return rates remain low for the ACH, at least some receiving institutions may be growing impatient with rising handling costs imposed by big banks generating returned items.
“My read on these two new rules is that NACHA is responding to … RDFIs who are experiencing increased costs to handle repetitive errors and returns,” says Nancy Atkinson, a senior analyst for Boston-based consultancy Aite Group LLC, in an email message. “Those RDFIs want NACHA to assist them in dealing with … ODFIs. [Unauthorized ACH returns] that are repetitive can increase processing costs fairly substantially for RDFIs.”
Detailed summaries of the new rules can be found here.