New Nacha Rules Take Aim At Credit Push Fraud, Handing a Clearer Role to Receivers

Peter Lucas March 19, 2024 Automated Clearing House, E-Commerce, Fraud & Security, Law and Regulation, Transaction Processing

Nacha, the governing body for the automated clearing house network, has approved a new set of rules aimed at curbing the growing threat of credit-push fraud.

Credit-push fraud uses social engineering and email phishing attacks to deceive someone into sending funds to a criminal-controlled account. Common examples of credit-push fraud include business email compromise, vendor impersonation, and payroll impersonation. Of these scams, business email compromise is the root cause of payments fraud at a majority of organizations, according to the Association for Financial Professionals.

The FBI’s Internet Crime Complaint Center’s 2023 annual report found there were 21,489 BEC complaints in 2023 totaling $2.9 billion in reported losses, making it the second-costliest type of cyber-crime.
“These schemes largely rely on social engineering to induce action by the account owner to initiate a payment. AFP concluded 71% of companies were victims of payments fraud via email in 2022,” Michael Herd, executive vice president of ACH network administration at Nacha, says by email. “These payments are often knowingly sent and are therefore an authorized payment.”

The new rules establish a base-level of payments monitoring of all parties in the ACH network, with the exception of consumers, and for the first time give receiving financial institutions a defined role in monitoring the ACH payments they receive. Receiving financial institutions are often in the best position to identify credit-push fraud, Herd says. The new rules do not shift the liability for fraud.

The new rules will enable fraud detection to begin with the origination process go through to the point of receipt. When fraud is detected during the originating process, an originating depository financial institution can request the payment be returned for any reason. On the back end, a receiving financial institution can request the transaction be delayed so it can be more closely examined or so it can return a suspicious transaction on its own initiative, without waiting for a request, a reversal, or a customer claim.

“Originators and originating depository financial institutions will still play a critical role, and for the first time, receiving depository financial institutions will have a defined role in the monitoring of ACH payments,” Herd says.

Digital Transactions Authoritative, insightful and timely information for payments professionals

New Nacha Rules Take Aim At Credit Push Fraud, Handing a Clearer Role to Receivers

Related Articles

Check Also

Mastercard Plans to Tokenize All Online Transactions by 2030

Search Entire Site

Search by Topic

Choose Topic

Featured

Our Featured Posts

Chopra Fires Back at Critics of the CFPB’s New Data-Privacy Rule

A Top Visa Official Outlines Four Big Trends Impacting Acquirers

With Little Fanfare, Apple Will Make Its Secure Element Available to U.S. Developers

Discover Lands the Military Star Card as It Moves to an Open Network

Nayax Readies EV CloudPay for Burgeoning Electric Vehicle Charging Payments

Latest

Most Recent

Overhaul Your Payment Processing with Payarc’s PAYFAC Platform

Online Shoppers Love-Hate Relationship with Generative AI; Sift Releases New Fraud Benchmarking Metrics for E-Commerce

Discover Grows Its International Presence Through a Pair-Up With Telered in Panama

Celero Marks Another Acquisition and other Digital Transactions News briefs from 11/15/24

Elevating the consumer payment experience – Setting the stage for merchant growth

Popular

Most Popular

Last 60 days