E-Commerce Businesses Prep for Approaching NACHA Rules Update

E-Commerce Businesses Prep for Approaching NACHA Rules Update

February 14, 2019

As online businesses continue to navigate the changing tides of the card-not-present (CNP) payments environment, merchants are trying to stay afloat while rules and regulations continue to ebb and flow.

Among the many recent regulatory changes, NACHA, the organization overseeing the ACH network that moves money electronically in the U.S., announced updated operating rules that will take effect over the next year. Three important changes that could possibly impact e-commerce businesses include supplementing fraud detection standards for WEB debits, expanding same day ACH, and supplementing data security requirements.

Under NACHA’s existing operating rules and guidelines, “Originators of WEB debit entries must use a “commercially reasonable fraudulent transaction detection system” to screen WEB debits for fraud.” The changes, which will go into effect as of January 2020, “will be enhanced to make it explicit that ‘account validation’ is part of a ‘commercially reasonable fraudulent transaction detection system.’” 

As a result of this change, ACH originators may have to re-tool their fraud detection systems, which could increase the cost of originating WEB debits for some parties, according to NACHA.

Expanding same day ACH would extend a two hour window for transactions to be submitted every business day. The final implementation of this amendment is contingent upon, “receiving timely notification from the Federal Reserve Board of Governors of changes to Federal Reserve services necessary to support it.”

If approved, the changes would impact the existing “returns-only” window, which “will be absorbed into the new Same Day ACH processing window. This will enable RDFIs to send returns later into the day, up to 4:45 p.m. ET / 1:45 p.m. PT. It will also create a greater ability for RDFIs to make use of Same Day ACH processing for returns, which would get settled 14.5 hours earlier than next-day returns,” according to NACHA.

Unlike the other two modifications, the new supplementing data security requirements will go into effect in two stages, depending on the ACH volume. Those originators and third-parties with volumes greater than six million will go into effect as of June 30, 2020; however, those with ACH volume greater than two million will not go into effect until June 30, 2021.

Previous-Article-CNP Next-Article-CNP

Operational Impacts of New Chargeback Rules

  • Share this Article:
Kacy Zurkus