Outgoing ACH or Wire Fraud Happens… Now What?

By Trevor Witchey posted 12-30-2022 10:23

Recommend

While we wish we could leave fraudsters behind in 2022, they are unfortunately a constant issue year after year. And fraud relating to outgoing ACH or wire transactions is bound to happen. Often account holders are too reliant on clear-text or unencrypted emails as communications, have their login credentials compromised or fall for scams. And with many clients and many moving parts within financial institution’s operations, assembly line-like processes to prepare an ACH and wire payment can be susceptible to fraud. When fraud happens, what can financial institutions attempt to do to retrieve funds?

For the most part, the originating (for ACH) or sending (for wires) financial institutions have the most liability placed on them for outgoing ACH or wire payments that are sent to other receiving financial institutions. To retrieve credit-pushed funds from a receiving institution, the originating/sending financial institution will need some cooperation from the receiving institution. After all, receiving financial institutions mostly must rely solely on the account # for posting. The other factor is time – the earlier an account holder realizes they’ve been frauded, the better the chance that any funds may be recouped.

Stay Up to Date on Fraud and More!

If you’re looking for more fraud handling and prevention tips, consider joining us for Payment Systems Update or our upcoming Quarterly Compliance and Fraud Review webinar. Our EPCOR Webinar + PSU Subscription is also available for major savings!

If ACH or wire credit-push fraud happens, here are some techniques to attempt to retrieve funds (with no guarantees of success):

ACH:

Discretely file a Suspicious Activity Report (SAR) at your financial institution.
If within five banking days of the settlement of the credit, you may send an offsetting Reversal debit according to Section 2.10 of the ACH Rules, as the payment was an erroneous entry but also ordering payment to a Receiver different than the Receiver intended (Subsection 2.10.1). Furthermore, if the Reversal attempt is returned timely, you’ll have the Reason Code to indicate what happened to the funds or the account at the RDFI (NSF, account closed, etc.). You could try to send an R62 Dishonored Return if your reversal was returned, but the RDFI can contest your Dishonored Return with R77.
Send a formal request to the RDFI (utilize Nacha’s Risk Management to locate contact information) to have the payment returned as R06. If the RDFI does respond, they may request that the ODFI signs their hold harmless/indemnity form to legally protect any action that the RDFI takes. A sample indemnity letter is available in the Knowledge Community.
Then, you just wait for the RDFI to respond with some, all or none of the funds… Remember, there are no guarantees of success.

Wire Transfers:

Discretely file a Suspicious Activity Report (SAR) at your financial institution
Most financial institutions transmit communications about wires through Fedwire communications, as financial institutions are connected with encryption and secured logins to the Federal Reserve. If you attempt to call a Receiving financial institution about a wire, they will likely advise to you communicate via Fedwire instead.
Depending on the day, you may attempt to send “Request for Reversal” messages via Fedwire with subtype code 01 for current business day and subtype code 07 for prior business days. If utilizing Fedline Advantage or other wire applications that require you to manually select subtype codes, be sure to use the ODD numbers of 01 or 07. Be careful on this process, as the even subtype numbers are live dollar entries, and you don’t want to send another wire to the fraudulent instructions. Indicate that fraud has happened on the FI to FI Information (or “BBI”) message portion of the wire along with the IMAD or OMAD trace numbers.
Utilize Fedwire Service message (subtype 90) to send message communications to the Receiving financial institution while indicating the fraud that happened along with the $ amount and IMAD/OMAD numbers.
The Receiving financial institution may request that their hold harmless/indemnity form be completed to protect them from any legal consequences of returning any funds. A sample indemnity letter is available in the Knowledge Community.
Then, just wait… There are no guarantees that some or any of the funds will be returned.

On your end as the originating or sending financial institution of ACH or wires, protect your organization legally by ensuring that agreements are in place and payment requests have been signed. For the cases where there are no funds to return, that signed agreement, payment order or other documentation, complete with the necessary legal disclaimers/language, will matter for your financial institution.

Wondering About Wires?

If you are new to wire processing, would like a refresher, or you're just tired of wire-related drama… our Wire Transfers: Managing Operations, Fraud and the Drama crash course webinar is for you! Join us February 1^st for a high-level look at financial institution back-end processing of wire transfers and how your operations staff can work with other departments to streamline your practices and eliminate unnecessary drama. We'll start by level-setting the playing field with an overview of the participants, wire types and general wire best practices. Then we'll take a run at the more challenging side of wire transfers and talk about fraud types and mitigation measures. Learn how your institution's departments can work together to help combat wire fraud and alleviate some of the pressure involved with sending these time-sensitive and often high-dollar transactions. Leave with tips and steps you can incorporate into your wire transfer operations to streamline your processes and mitigate fraud. Register now!

0 comments

187 views

Permalink

https://community.epcor.org/blogs/trevor-witchey/2022/12/30/outgoing-ach-or-wire-fraud-happens-now-what

Blogs