Posted by Mark Ranta on 07 Apr 2021
It’s that time of year when the compliance officers around the world are looking at their product teams to do their quarterly/annual compliance reviews and reports. An annual necessity that usually involves Alka-Seltzer tabs and some late nights. However, what if we looked through a different prism and thought about this annual compliance review as an opportunity to identify areas for innovation? With network rule changes, such as Nacha’s new compliance rules, many of us are making changes to our systems or processes, but I wonder how many are taking a step back to think about how they could leverage this moment to think bigger?
Let’s take a specific example and talk about the account validation process for a second. Nacha’s rule change for account validation is specific to the ACH channel and simply states the following (from the Nacha Website).
“Currently, ACH Originators of WEB debit entries are required to use a ‘commercially reasonable fraudulent transaction detection system’ to screen WEB debits for fraud. This existing screening requirement will be supplemented to make it explicit that ‘account validation’ is part of a “commercially reasonable fraudulent transaction detection system.” The supplemental requirement applies to the first use of an account number, or changes to the account number.”
For one, this sounds like a great idea! Why not take the logic to go beyond just ACH as a simple first step and apply it to all of your payment channels? By thinking about compliance as a “check the box” affair, we wouldn’t be thinking about all payments and the value that this rule change will bring to other clearing and settlement networks. We’d just implement and move on. Also, we may not explore options available to us to make that a reality and would only focus on our ACH third-party providers, doubling down on the segmentation of our payments strategy.
Beyond our shores, we don’t have to look any further than the UK for where this account validation process takes the next step to actually being a user enhancement fraud-fighting tool. The UK has a process for “confirmation of payee” where the account ownership is shared back to the initiator to validate not only that the account is a real account and doesn’t have any fraud flags, but that the name of the owner actually matches what the consumer expects. This helps combat growing categories of fraud such as BEC (Business Email Compromise) attacks where someone poses to be someone else and just asks them for immediate payment to an account. The most interesting example of this was a football club (soccer team if you're speaking U.S.) nearly sending a $1.25m transfer fee for a player to a fraudster.
So long and short, we implore you to think about compliance beyond the checkbox. Take a step back and think about what the rule changes are all about in the context of your payments strategy. See if it makes sense to go beyond just complying and leveraging the intent of compliance to innovate your offerings and enhance your customer experience at the same time.
Read the blog, Rule Changes and the Opportunity for Innovation.
Stay compliant with Nacha’s Web Debit Rules with a preferred Nacha partner. To find out how your organization can benefit from Bank Account Validation Service, contact us at (908) 791-2916 or firstname.lastname@example.org.
22 Apr 2021 Blog Chatbots Gone Rogue: How Weak Chatbot Security Enables Bad Actors Chatbots have become a standard practice in customer service. Learn from these past chatbot security flaws and discover how to maximize your investment in AI while minimizing data privacy risks in this blog.