NACHA Rule Changes

Want to
learn more?

Call 1-888-728-3550

send us an email
or visit one of
our locations
for more
information.

Check our Resources

Apple Watch Banking
02/13/2026
Romance Scams
02/12/2026
PB&T Bank Business Digital Banking User Guide
07/25/2025
Cyber Security Background
Security Awareness Resources
04/13/2022
Disasters strike: Are you ready for a health crisis or a natural disaster?
03/04/2022

Supplementing Fraud Detection Standards for WEB Debits

Effective: 2021-03-19

Details
Currently, ACH Originators of WEB debit entries are required to use a “commercially reasonable fraudulent transaction detection system” to screen WEB debits for fraud. This existing screening requirement will be supplemented to make it explicit that “account validation” is part of a “commercially reasonable fraudulent transaction detection system.” The supplemental requirement applies to the first use of an account number, or changes to the account number.

Technical
This Rule modifies the following areas of the Nacha Operating Rules:

Article Two, Subsection 2.5.17.4 (Additional ODFI Warranties for Debit WEB Entries) to make explicit that a fraudulent transaction detection system must, at a minimum, validate the account to be debited.

Impact
Effective Date: March 19, 2021

Potential Impacts:

Possible re-tooling of ACH Originators’ fraud detection systems

Or implementation of a system for Originators who currently do not perform any fraud detection for WEB debits

These impacts could increase the cost of originating WEB debits for some parties

RDFIs could receive a greater volume of ACH prenotifications, micro-transactions, or other account validation requests

Some could be in lieu of receiving live-dollar transactions initially

Effective Date: 2021-03-19 12:00 am