3 Ways Same-Day ACH May Change Credit Unions
The advent of same-day ACH this fall will likely mean credit unions and other financial institutions will encounter more fraud, more strain on their budgets and more operational challenges, according to a new survey by the New York City-based software firm NICE Actimize.
A whopping 93% of financial institutions said they think same-day ACH will increase fraud threats, but more than half (54%) said they don’t have the appropriate fraud tools to handle same-day ACH transactions, according to the survey of some 60 financial institutions this spring. Despite their lack of fraud tools, 48% of respondents said they plan to originate same-day ACH credits and 43% said they’ll originate same-day ACH debits. Another 35% were unsure, and 16% said they’ll do neither.
“We know from other markets, such as the U.K., that the launch of faster payments is aligned with an uptick in fraud attacks and losses,” NICE Actimize Vice President/General Manager of Fraud & Cybercrime Management Solutions Erez Zohar said. “This means that U.S. financial institutions need to be prepared with fraud strategies on day one.”
Same-day payroll and account-to-account transfers could become hot spots for fraud; fraudsters could also use social engineering to target companies that initiate same-day payroll, Zohar added.
On May 19, 2015, the Electronic Payments Association gave the green light on same-day ACH, which will increase the movement of funds between financial institutions from once a day to three times per day. The new rules, which are largely based on rules proposed in late 2014, take effect in three phases beginning Sep. 23, 2016. Among other things, they require all receiving depository financial institutions to accept same-day transactions and require originating depository financial institutions to pay a $0.052 fee per transaction.
But the survey results suggested several additional changes may be on tap for credit unions and other financial institutions when same-day ACH arrives.
1. Fewer manual reviews. Though the vast majority of respondents (70%) in the NICE Actimize survey said they currently manually review their ACH transactions, just 55% said they planned to do so when same-day ACH arrives. However, 70% of respondents expect to use intelligent authentication as a method to prevent attacks.
2. More policies and fraud detection work. Three-fourths of the respondents said they’ll need restrictive policies to control same-day ACH access, compared to 62% who said they have restrictive policies now. About 43% of the respondents said they’ll improve their reporting tools after same-day ACH arrives, and 34% said they’ll implement enhanced fraud detection tools. About 66% currently have liability agreements with originators, and about half (55%) said they use debit blocks or risk-based authentication (48%) to control suspicious transactions. Some respondents also currently use behavior analytics to monitor for fraud (39%), as well as batch-submission deadlines that leave time for fraud detection (41%).
3. Significant operational changes. From the outset, the business case for same-day ACH has been controversial.
“While it is an incremental improvement for consumers, it comes with a major expense to financial institutions, as it will affect both the basic transaction processes in place and the technology that supports them,” NAFCU Executive Vice President of Government Affairs and General Counsel Carrie Hunt wrote in a comment letter to NACHA in February 2015.
Indeed, almost two-thirds (62%) of the NICE Actimize survey respondents said they’ll need additional budget to pay for improvements in fraud controls, and 28% plan to increase their hours of operation. Staff changes are also part of the plan for some respondents – 25% plan to increase staffing for ACH transaction approvals and 19% plan to increase staff for fraud operations.