With $43 trillion moving across the network each year, ACH payments are a powerful option for businesses looking to move money in a cost-effective way. Dwolla’s Jenn Redlich offers advice on recognizing and mitigating fraud risk in this area.
In today’s world, efficiency is everything. Companies are tired of lengthy processes, pricey fees and outdated methods for payment transfers. Businesses want to move money quickly, cheaply and, maybe most important, securely.
Because of this, more companies are turning to ACH payments. These electronic, bank-to-bank transactions are a practical option for businesses interested in moving money without the large price tag typically associated with credit cards.
Although the threat of fraud for these programmable payments is low, there are always risks associated with moving money. To help protect your transactions, here is a foundation of knowledge to support a better understanding of the risks associated with leveraging the ACH payment network.
Knowing the Different Types of Fraud
Fraud comes in a multitude of forms, and it’s important to be aware of the different types. Payment fraud and identification fraud are the two most common types. Payment fraud is a false or illegal transaction, while identification fraud focuses on the misuse or theft of an ID.
However, fraud doesn’t have to come from an outside source. Companies can put themselves in danger if they’re not careful. Every state has fraud regulations, varying by the industry, and the federal government has its own set of fraud regulations. Operating businesses across state lines can also mean there may be several laws with which you must comply.
It’s crucial to research which of these regulations apply to your organization, since regulatory violations can lead to the revoking of your business license, hefty fines and even civil or criminal penalties. Without being aware of government regulations, businesses can fall victim to fraud by unknowingly allowing an illegal transaction. Protect yourself from these potential outcomes by looking into a documented anti-fraud program.
Understanding ACH Returns
Although your accounts may be protected from unauthorized personnel, your business is not protected from returns. Returns can happen to anyone in any organization. When it comes to securing your business, transparency is key. The more information you have and provide, the easier the process will be – plus, there could be regulatory issues if you are not compliant.
Returns are a component of any payment type – encompassing everything from credit and debit cards to paper checks to even programmable payments – and they can be issued for various reasons, such as invalid account information, insufficient funds or stopped payments. The ACH Network supports the capacity to return entries for fixed circumstances.
For example, when a transaction is not properly verified or contains inaccurate or false information, the ACH return process allows members in the ACH network to deny and return it to the original host. Additional integrations can assist in decreasing the likeliness that your users or business will receive an ACH return code.
Recognizing the Necessity for a Fraud Monitoring Plan
Before moving money, your business should implement detection and protection processes that aim to prevent and mitigate returns. The most important component of security programs is having a strategic plan to identify, analyze and oversee security risks.
To save time by manually overseeing account activity, many companies choose to create internal monitoring and reporting software or opt for a third party that can supply these services. Monitoring and reporting software can be personalized based on certain criteria – such as IP addresses, transaction routines and average dollar amount transferred – which can offer more security and peace of mind with transactions being initiated through your business. Look out for inconsistencies within the data, as this might assist you in stopping fraudulent activity before it causes your business a loss.
Implementing Two-Factor Authentication
Despite our hopes, passwords are just not enough to protect against fraud. It’s nearly impossible to come up with passwords complex enough to stand as security on their own. Take the extra safety measure by implementing steps such as two-factor authentication (2FA). Multifactor authentication requires a password and will require email verification or will ask for additional documentation. This complex verification process will help you rest assured knowing your accounts are under intense protection from unwanted visitors.
When it comes to keeping your business transactions secure, remember these strategies:
- Find processes and tools that best fit your business needs.
- Doing something is always better than doing nothing.
With regard to analyzing the threats of your company’s ACH payments, proactivity is always more beneficial than reactivity. By understanding the potential risks associated with ACH transactions, you can accept the fact that your business is implementing the best practices to secure your programmable payments.
Jenn Redlich is a risk and compliance specialist at 
