Last year, NACHA approved the change to The ACH Rules with an effective date of June 18, 2010. The Rule change requires participating financial institutions to conduct Risk Assessments of their ACH program, incorporate risk management language into their ACH Origination Agreements, and implement risk management procedures into their ACH Origination practices.

Non-compliance with the Rule change may result in circumstances that could expose the institution to monetary fines from NACHA, through their National System of Fines, as well as regulatory criticism or penalties from the institution's Examiner.

The regulatory compliance experts at ICS Compliance urge all financial institutions that participate in the ACH Network as a Receiving Depository Financial Institution (RDFI) or an Originationg Depository Financial Institution (ODFI) to have an ACH Risk Assessment performed of their ACH Policies and Procedures, Separations of Duties, Encryption of Technologies, Strength of ACH Origination Agreements, and Controls, to detect and deter improper use of the ACH Network (including fraudulent transactions, BSA / AML / OFAC concerns, etc.