COMPLIANCE and ACH SELF AUDIT Presented By… Jennifer Gatts, AAP [email protected] PAYMENTS CENTRAL, INC. 3380 Tremont Road Columbus, OH 43221 Phone: 800-288-2204 Fax: 614-457-4824 www.paymentscentral.org Objectives • Learn the most common compliance issues with regards to the ACH Network • Understand the ACH Annual Self Audit Legal Framework • NACHA Operating Rules • Regulation E • Uniform Commercial Code 4A • 31 CFR Part 210 • OFAC Compliance Responsibilities • The NACHA Operating Rules apply to all commercial entries and data transmitted through one or more ACH Operator • All participating DFIs agree to be bound by the NACHA Operating Rules General Compliance Requirements • ACH Records – Each RDFI and ODFI must retain records of all entries transmitted through the ACH Operator for six years – Copies of these records must be made available to customers, Participating DFIs and ACH Operator upon request – Any record may be retained electronically • Accurately reflect the information • Be capable of being accurately reproduced ACH Self Audit - ODFI • ACH Records Retention – Attach a copy of one ACH Report which show ACH entries transmitted to an ACH Operator to the DFI. The entries contained on the report must me dated at least 6 years from the date this portion of the audit is completed – If electronic records are used, verify that the electronic version of the record accurately reflects the information contained within the records in capable of being accurately reproduced for later reference. ACH Self Audit - RDFI • ACH Records Retention – Attach a copy of one ACH Report which shows ACH entries transmitted from an ACH Operator. The entries contained on the report must be dated at least 6 years from the date this portion of the audit it complete. – If electronic records are used, verify that the electronic version of the record accurately reflects the information contained within the record and is capable of being accurately reproduced for later reference. General Compliance Requirements • ODFI Warranties – Each entry has been authorized – Credit entries are timely – Debit entries are valid – Entries conform to NACHA Operating Rules – Authorizations have not been revoked – ODFI has no knowledge that authorization has been terminated by law – Addenda complies with NACHA format – Reclamations are valid and timely – Agreements are in place with the Sending Points is applicable – Audit requirements have been met – Source document has been properly handled (POP) General Compliance Requirements • Originator’s Responsibilities – Originator obtains Receiver's authorization – Prenotes are sent according to the Rules – Entries are not reinitiated unless within Rules – NOCs are corrected within six banking days or prior to the next live entry – Reversing files/entries are submitted within five banking days of the original settlement date of the erroneous or duplicate file – POP receipts – ARC and RCK entries • Notice is given – TEL entries • Verify identity of Receiver • Verify that routing numbers are valid – WEB entries • Commercially reasonable fraudulent transaction detection system • Verify that routing numbers are valid • Annual Audits
Description: