|
The following ACH Rules changes with significant impact take effect between October 1, 2024 to June 19, 2026:
Fraud Monitoring by Originators, TPSPs and ODFIs
Effective Dates - Phase 1: March 20, 2026 for all ODFIs and non-Consumer Originators, TPSPs and TPSs with annual ACH origination volume of 6 million or greater in 2023. Phase 2: June 19, 2026 for all other non-Consumer Originators, TPSP and TPS.
Require each non-Consumer Originator, ODFI, Third-Party Service Provider and Third-Party Sender to establish and implement risk-based processes and procedures reasonably intended to identify ACH Entries initiated due to fraud.
RDFI ACH Credit Monitoring
Effective Dates - Phase 1: March 20, 2026 for RDFIs with annual ACH receipt volume of 10 million or greater in 2023. Phase 2: June 19, 2026 for all other RDFIs.
Require RDFIs to establish and implement risk-based processes and procedures reasonably intended to identify credit ACH Entries initiated due to fraud.
Codifying Use of Return Reason Code R17
Effective Date – October 1, 2024
Allow RDFIs to return an entry believed to be fraudulent using Return Reason Code R17.
Expand Use of ODFI Request for Return/R06
Effective Date – October 1, 2024
Expand the permissible uses of the Request for Return Reason Code (R06) to allow an ODFI to request a return from the RFI for any reason.
Additional Funds Availability Exceptions
Effective Date – October 1, 2024
Provide RDFIs with an additional exemption from the funds availability requirements to include credit ACH entries that the RDFI suspects are fraudulent.
Company Entry Description – PAYROLL
Effective Date – March 20, 2026
Establish a new standard description of PAYROLL for PPD Credits for payment of wages, salaries and similar types of compensation.
Company Entry Description – PURCHASE
Effective Date – March 20, 2026
Establish a new standard description of PURCHASE for e-commerce purchases.
Timing of Written Statement of Unauthorized Debit (WSUD)
Effective Date – October 1, 2024
Allow a WSUD to be signed and dated by the Receiver on or after the date on which the Entry is presented to the Receiver, even if the debit has not yet been posted to the account.
RDFI Must Promptly Return Unauthorized Debit
Effective Date – October 1, 2024
Require that when returning a consumer debit as unauthorized in the extended return timeframe, the RDFI must do so by the opening of the sixth Banking Day following the completion of its review of the consumer’s signed WSUD.
The following Rules changes with minor impact take effect June 21, 2024:
General Rule/Definition for WEB Entries
Reword the WEB general rule and definition in Article Eight to make it clearer that the WEB SEC Code must be used for all consumer-to-consumer credits, regardless of how the consumer communicates the payment instruction to the ODFI or P2P service provider.
Definition of Originator
Make clarifying changes and alignments to the definitions of Originator to include a reference to the Originator’s authority to credit or debit the Receiver’s account and that the Rules do not always require a Receiver’s authorization (Reversals, Reclamations, Person-to-Person Entries).
Originator Action on Notification of Change (NOC)
Provides Originators discretion to make NOC changes for any Single Entry, regardless of SEC Code.
Data Security Requirements
Clarify that, once a covered party meets the volume threshold for the first time, the requirement to render account numbers unreadable remains in effect, regardless of future volume.
Use of Prenotification Entries
Align the prenote rules with industry practice by removing language that limits prenote use to only prior to the first credit or debit entry.
Clarification of Terminology – Subsequent Entries
Replace references to “subsequent entry” in various Rules sections with synonymous terms to avoid any confusion with the new definition “Subsequent Entry”.
|