The adventof same-day ACH this fall will likely mean credit unions andother financial institutions will encounter more fraud, more strainon their budgets and more operational challenges, according to anew survey by the New York City-based software firm NICEActimize.

A whopping 93% of financial institutions said they thinksame-day ACH will increase fraud threats, but more than half (54%)said they don't have the appropriate fraud tools to handle same-dayACH transactions, according to the survey of some 60 financialinstitutions this spring. Despite their lack of fraud tools, 48% ofrespondents said they plan to originate same-day ACH credits and43% said they'll originate same-day ACH debits. Another 35% wereunsure, and 16% said they'll do neither.

“We know from other markets, such as the U.K., that the launchof faster payments is aligned with an uptick in fraud attacks andlosses,” NICE Actimize Vice President/General Manager of Fraud& Cybercrime Management Solutions Erez Zohar said. “This meansthat U.S. financial institutions need to be prepared with fraudstrategies on day one.”

Same-day payroll and account-to-account transfers could becomehot spots for fraud; fraudsters could also use social engineeringto target companies that initiate same-day payroll, Zoharadded.

On May 19, 2015, the Electronic Payments Association gavethe green light on same-day ACH, which will increase themovement of funds between financial institutions from once a day tothree times per day. The new rules, which are largely based onrules proposed in late 2014, take effect in three phases beginningSep. 23, 2016. Among other things, they require all receivingdepository financial institutions to accept same-day transactionsand require originating depository financial institutions to pay a$0.052 fee per transaction.

But the survey results suggested several additional changes maybe on tap for credit unions and other financial institutions whensame-day ACH arrives.

1. Fewer manual reviews. Though the vastmajority of respondents (70%) in the NICE Actimize survey said theycurrently manually review their ACH transactions, just 55% saidthey planned to do so when same-day ACH arrives. However, 70% ofrespondents expect to use intelligent authentication as a method toprevent attacks.

2. More policies and fraud detection work.Three-fourths of the respondents said they'll need restrictivepolicies to control same-day ACH access, compared to 62% who saidthey have restrictive policies now. About 43% of the respondentssaid they'll improve their reporting tools after same-day ACH arrives, and34% said they'll implement enhanced fraud detection tools. About66% currently have liability agreements with originators, and abouthalf (55%) said they use debit blocks or risk-based authentication(48%) to control suspicious transactions. Some respondents alsocurrently use behavior analytics to monitor for fraud (39%), aswell as batch-submission deadlines that leave time for frauddetection (41%).

3. Significant operational changes. From theoutset, the business case for same-day ACH has been controversial.

“While it is an incremental improvement for consumers, it comeswith a major expense to financial institutions, as it will affectboth the basic transaction processes in place and the technologythat supports them,” NAFCU Executive Vice President of GovernmentAffairs and General Counsel Carrie Hunt wrote in a comment letterto NACHA in February 2015.

Indeed, almost two-thirds (62%) of the NICE Actimize surveyrespondents said they'll need additional budget to pay forimprovements in fraud controls, and 28% plan to increase theirhours of operation. Staff changes are also part of the plan forsome respondents – 25% plan to increase staffing for ACHtransaction approvals and 19% plan to increase staff for fraudoperations.