The Good ‘Ol Days

March 4, 2010

Remember when you were a kid and your parents would say something about ‘in the good ‘ol days’? 

 In the good ‘ol days, candy bars only cost $0.15.  In the good ‘ol days, a movie cost $0.50 and popcorn was a dime.  In the good ‘ol days, a Stop Pay order was only good for one transaction.  OK, maybe that will be our ‘good ‘ol days’ line.

March 19, 2010 marks the date for another set of ACH Rules changes.  I’ve already addressed the upcoming changes to the Written Statement and now it’s time to address the upcoming changes to Stop Pay orders.

This is the order of things as we know it today;

A Stop Pay order is good for only 1 single transaction

A Stop Pay order is good until;

                The debit was stopped,

                6 months have passed without the debit being presented for payment, or

                The consumer requests removal of the Stop Pay order

This is the order of things to come – beginning March 19, 2010;

A Stop Pay order can be placed on multiple transactions

A Stop Pay order is good until;

                The debits or debits have been stopped

                The consumer requests removal of the Stop Pay order

Multiple transactions – A Receiver can now list multiple debits on the same form whereas in the good ‘ol days, we had to fill out a separate form for each debit we wanted stopped.  It is now the responsibility of the RDFI to determine what the Receiver wants. 

Does the Receiver want to only stop this month and next month’s payments and let future payments go through as usual?  Or do they want to stop all future payments?

Of course, if they want to stop all future payments, the RDFI should direct the Receiver to the Originator to revoke the authorization – in whatever manner is required by the authorization.  If the Receiver has already revoked the authorization, the RDFI has the opportunity to request a copy of the revocation provided by the Receiver to the Originator.  The RDFI has always had this opportunity, but now the Rules specify that the RDFI is permitted to make this request.

More than 6 months – Once upon a time, some Originator got a bright idea after a transaction was returned as R08 Payment Stopped; they decided to hold off on resubmitting the debit until the Stop Payment order expired.  180 days later, maybe 181 days later, they resubmitted their debit and it went through.  They were trying to bypass the Stop Pay order 6 month time-frame.  It worked, but it’s wrong.

To address this, the 6 month time-frame has been removed.  Problem solved.

That’s really about it for Stop Pay order changes. 

One of the really nice things – to me – is that these changes force communication.  OK, maybe they don’t force communication, they encourage communication…yah, that’s it, encourage.  Now I love me some communication.  I think we should all talk all the time.  The bottom line is that good communication can help avoid all sorts of problems and misunderstandings.

These changes open a path for the RDFI and the Receiver to communicate regarding the intent of the Stop Pay order.  They also open a path for the Originator and the Receiver to communicate regarding the intent of the Stop Pay order.  That is not a bad thing.

Someday, you’ll hear me say, in the good ‘ol days, after we signed an authorization, we never had to talk to the Originator again.  Maybe the good ‘ol days weren’t so good.

Leave a Comment » | Current Events | Permalink
Posted by achguy

A Document by Any Other Name…

February 4, 2010

A few years ago there was a document titled “Affidavit of Unauthorized/Improper ACH Debit Activity”.  Sound familiar?  Maybe not.  And then it was discovered that there was some state law (I think it might have been an M state) that said something to the effect that to be a valid Affidavit, it must be notarized.

That presented a bit of a problem to the industry at large, afterall, rules need to be consistent across the board.  Not every RDFI had an easily accessible Notary.  Not to mention, it could simply be inconvenient.   So, what do you do?

You change the name.

The title of the document was changed to “Written Statement Under Penalty of Perjury”, more affectionately referred to as a WSUPP form.  That, I’m sure you recognize.  It is the exact same document, except for the title.  Personally, I really liked this title.  I think it made some Receivers stop and think before signing.  It was serious. 

We’ve been moving along really well for a number of years now and for some reason, there’s another name change on the horizon.  March 19, 2010 to be exact.  I’m not really sure why this time.

There is quite a bit of information here (and these are just the highlights), so bear with me.  Beginning on March 19, 2010 the following changes to the Written Statement go into effect;

1)    The title of the document is being changed to “Written Statement of Unauthorized Debit”.  To be affectionately referred to as a WSUD.  Not nearly as sexy as a WSUPP, but they didn’t ask my opinion.

2)   Along with the name change, the Written Statement is no longer required to be signed ‘Under Penalty of Perjury’

3)   The requirement stating that an authorization must clearly and conspicuously state its terms has been changed to ‘the authorization must be clear and readily understandable’

4)   The Written Statement will now require very specific pieces of information including;

  1. Receiver’s printed name and signature
  2. Receiver’s account number
  3. Name of the Originator
  4. Posting date of the entry
  5. Dollar amount
  6. Reason for the return
  7. Date of the signature
  8. Receiver’s assertion that the Written Statement is true and correct and
  9. Receiver’s assertion that they are an authorized signer or has authority to act on the account

5)   The Written Statement must be signed and dated on or after the Settlement Date of the entry(ies) to which it relates

6)   Multiple claims may be made on the same Written Statement

7)   Requests for copies of the Written Statement must be fulfilled within 10 banking days

8)   The RDFI must retain a copy of the Written Statement for 1 year

9)   A Written Statement is no longer required when returning an ARC, BOC or POP entry using R39 (Improper Source Document)

As I said, those are the highlights.  For details, I strongly encourage you to check out the Revisions section of the 2010 ACH Operating Rules book.  If you don’t have one, reach out to your local Regional Payments Association or visit https://www.nacha.org/member-apps/index.cfm?action=store.category&ProductCategoryID=28.

There are some rules changes coming relating to Stop Payments as well, so keep an eye out here for another post soon.

8 Comments | Current Events, Education | Permalink
Posted by achguy

They say time flies when you’re having fun…

January 21, 2010

But I haven’t figured out why it’s going so fast for me.

I’m just kidding, you know I love what I do.  And I love working on this blog, and it really bothers me that I’ve been away so long.  I have been responding to a few recent comments and questions, but it’s not the same as a full-fledged post.  And so I have decided that today, I’m going to write one.

So, here goes…

2010 is upon us.  It has been, for 21 long days and I’m just now putting some serious thought into where I am heading this year.  I have so many things that I want to do both personally and professionally but I wanted to share a little about my goals relating to Everything ACH.

Firstly, I plan to remain true to my original goal having this blog be all about ACH.  However, I would like to make an effort to expand that goal a little by being more responsive to industry news and more consistent on regular postings. 

With over a thousand visitors a month, I decided that it was time to figure out who my audience is.  I think the first rule of marketing is Know Your Audience?.  Maybe.  I am working on a brief survey, only a few questions, but I would be most grateful if, when it comes out, you would take a stab at it.  That would be very cool.

In addition to industry news, what kind of an educational blog would this be if I didn’t give you the occasional heads up about an educational event?  As you may know, we host a series of FREE webinars every year.  They start in March – details to come.  I will not be advertising to you, but there are a few industry events every year that are definitely note worthy and I’ll try to get word out on those that I think will be important to you.

And finally, I plan on flossing more regularly.

I think that’s about all I got for now.  I’ll be back soon, very soon.

ACHGuy

Leave a Comment » | Uncategorized | Permalink
Posted by achguy

ARC – Accounts Receivable Truncated Check Entries

November 24, 2009

An ARC entry is a transaction for which the authorization is received in the mail or at a dropbox (can be received via US Mail, Fed Ex, UPS or any other traceable mail)  in the form of a check.  However, before it can be considered for conversion to an ARC entry, the Originator must ensure the check writer was provided with a proper notice of their intent to convert.

In the ARC world, Notice  = Authorization.  The ACH Operating Rules provide specific authorization language for the notice as follows:

“When you provide a check as payment, you authorize us either to use information from your check to make one-time electronic fund transfer from your account or to process the payment as a check transaction.”

OR

“When you provide a check as payment, you authorize us to use information from your check to make a one-time electronic fund transfer from your account.  In certain circumstances, such as for technical or processing reasons, we may process your payment as a check transaction.”

In addition to the above language, until January 1, 2010, the notice must include the following (or substantially similar) language:

“When we use information from your check to make an electronic fund transfer, funds may be withdrawn from your account as soon as the same day you make your payment, and you will not receive your check back from your financial institution.”

The ideal location for such notice is the monthly statement or invoice.  Keep in mind that the authorization notice must be provided in a clear and conspicuous manner, meaning in part that it should not be lost in the fine print.

 Notes:

The Originator must provide an Opt Out method for their customers.  In the event a customer wishes to opt out of the ARC conversion process, the Originator is not allowed to convert any check received from that customer going forward.

The Originator must use a MICR Reading device to capture the MICR information from the check.

To be eligible for conversion to an ARC Entry, besides being received at a lock-box, the check must:

            Contain a pre-printed serial number

            Not contain an auxiliary on-us field

            Be in an amount of $25,000.00 or less

            Be completed and signed by the Receiver

The amount of the ARC transaction must match the face value of the check.

ARC is actually pretty good for any Originator that receives a number of checks in the mail.  If that sounds like you, check it out.

In the meantime, we have one last Standard Entry Class Code that I want to cover, BOC.  I hope to knock it out soon.  Then we can move on to some fun stuff.

Leave a Comment » | Beginner, Education | Permalink
Posted by achguy

A little break…

November 12, 2009

I wanted to take a short break from SEC Codes.  Don’t get me wrong, I know it’s riveting reading.  But I wanted to celebrate for a moment instead.

I want to celebrate 2 things;

1.  We recently completed our FREE 2009 ACH Educational Webinar Series and I just wanted to say thank you to all who participated – you know who you are.  And, of course, a big thank you to the fine folks at UMACHA – Kate Cole, Donna Olheiser and Angi Farren and EPN’s (Electronic Payments Network) Laurie Applebaum for their time, energy, knowledge and patience.

We started the ACH Educational Webinar Series in 2007 with a series of 6 targeted ACH educational offerings.  The program has grown and this year we had 7 ACH webinars and 2 Check webinars.  The check training was a nice departure from the norm for us and also a great learning opportunity.

We are already hard at work for 2010 and as soon as we have the dates nailed down, I’ll let you know.  While we will continue with training at the beginner level, it works nicely for folks new to ACH, those who have been around for a while, but wanting some formal training, a refresher for those already in the know and of course, earning continuing education credits is not a bad deal either.

It has been a wonderful year of learning and I hope we all benefitted.  I know I did.

2.  October was a banner month for Everything ACH.  We surpassed 1,100 visits for the month.  I cannot begin to describe how excited I am about this.  If I recall correctly, during the first month – August 2008, we had only 12 visitors.  It was several months later when we finally broke the 100 visitor mark – January 2009.  We had 450 visitors that month.  I was amazed. 

In October, our official number was 1,137 visits.  That makes almost 7,500 visits so far this year – through the end of October.  I hope this means that I am writing about stuff that interests you and that you are learning.  After all, that’s the goal. 

All along I have received some great questions and comments in support of my work.  I would love to hear more – any feedback is welcome…questions or comments.

I have every intention of continuing my work of trying to explain ACH in a plain, simple, easy-to-understand manner and I hope you’ll stick with me.

That being said, thank you.  Thank you for visiting.  Thank for returning.  And thank you for passing the word. 

Hope to see you back soon,

ACH Guy

3 Comments | Uncategorized | Permalink
Posted by achguy

Standard Entry Class (SEC) Codes: WEB

October 27, 2009

A WEB entry is a transaction for which the authorization is received via the Internet.  WEB should only be used for Business to Consumer transactions and can only be debits; Single or Recurring.

Authentication:  Just like TEL transactions, WEB transactions require that the identification of the consumer be verified before the authorization piece takes place.*

Authorization:  While there is no specific authorization language, the WEB authorization must follow these 4 basic rules:

          1) be in a writing that is signed or similarly authenticated*        

          2) be readily identifiable as an ACH Debit authorization

          3) clearly and conspicuously state its terms, and

          4) must (for recurring payments only) provide the Receiver with a method to revoke                     their authorization by notifying the Originator in the manner prescribed.

 It’s a good idea from a Proof of Authorization standpoint to capture the IP address and time/date stamp for each transaction authorized.

 * Notes: 

WEB entries may be either Single one-time entries or Recurring entries designated by the use of an S – for Single or R – for Recurring in the Payment Type Code Field of the Entry Detail Record. 

The Originator must use a commercially reasonable procedure to verify the consumer’s Routing Number.

Authorization #1 – This means that the authorization is displayable for the consumer to read on a computer screen and the consumer should be prompted to print and retain a copy of the authorization.  The consumer must then be able to demonstrate their assent to the terms and conditions of the authorization by clicking an “I Agree”, or “OK”, or some such button before moving on to complete their transaction.

The Originator must ensure that the exchange of account information is only accomplished during a secure Internet session using at a minimum 128 bit RC4 Encryption and is considered Commercially Reasonable.

Originators of WEB entries are required by the ACH Operating Rules to conduct an Annual Security Audit of their security practices and procedures that include at a minimum, adequate levels of;

           1) physical security to protect against theft, tampering, or damage

          2) personnel and access controls to protect against unauthorized access and use, and

          3) network security to ensure secure capture, storage and distribution of financial                          information

You should understand that because of the anonymous nature of WEB transactions, they are considered a high risk type of ACH transaction.  That doesn’t mean that they are difficult to implement or cumbersome for your customers, it’s just the nature of the beast.  Stay tuned for ARC next.

4 Comments | Beginner, Education | Permalink
Posted by achguy

Standard entry Class (SEC) Codes: POP

October 20, 2009

POP – Point of Purchase a.k.a. the Walmart experience

I like to call POP the Walmart experience as I believe Walmart has been the single largest adopter of POP to date.  If you want to experience POP for yourself, go to your local Walmart store and write a check.  Here’s what will happen…the cashier will gladly accept your check for your purchases.  They will then run the check through a MICR reader and print out a receipt (it looks a lot like a Credit Card receipt) and ask you to sign it.  After you sign the receipt, they hand you a copy and your check (which has been voided) and you go on your merry way, purchases in tow. 

 So, how does it work?

 Let’s start at the beginning.  POP should only be used for Business to Consumer, debit transactions and they will always be a single one-time transaction.  It is important to note that the whole process will always start with acceptance of a check/source document.

 Authorization:  The authorization requirements for POP are pretty specific.  They’re based on a written authorization (source document/check) and proper notice provided to the Receiver – posted in a prominent and conspicuous manner.

 The posted notice should read:  “When you provide a check as payment, you authorize us either to use information from your check to make a one-time electronic fund transfer from your account or to process the payment as a check transaction.”

 OR

 ”When you provide a check as payment, you authorize us to use information from your check to make a one-time electronic fund transfer from your account.  In certain circumstances, such as for technical or processing reasons, we may process your payment as a check transaction.”

 In addition to the above notice, until January 1, 2010, your notice should also include the following text:  “When we use information from your check to make an electronic fund transfer, funds may be withdrawn from your account as soon as the same day you make your payment.” 

 As I mentioned, the copy of the authorization and receipt look much like a Credit Card receipt and can satisfy the requirements that the authorization must be in writing and then signed or similarly authenticated*.  As with all authorizations, it must be readily identifiable as an ACH authorization and clearly and conspicuously state its terms. 

 I mentioned using a MICR reader in my opening paragraph and so I figured I better tell you what it is.  A MICR reader is simply a device designed to read the numbers across the bottom of your check.  POP requires that you use a MICR reader when processing POP transactions.  Of course, if it misreads or rejects, you can manually key enter the information, but otherwise you have to use the reader. 

 Not all checks are created equal: 

 Not all checks or sharedrafts are elegible to be converted during the POP process.  A check or sharedraft can be used as a source document if it;

           Has not been previously negotiated

          Has not been previously voided

          Contains a pre-printed serial number

          Is drawn on a consumer account

 Receipt Requirements:

Originators must, at the point-of-purchase, provide Receivers with a receipt that contains the following minimum amount of information:

           Originator name (merchant)

          Company (merchant)/third-party service provider telephone number;

          Date of transaction

          Transaction amount

          Source document check serial number

          Merchant number (or other unique number that identifies the location of the                                 transaction)

          Terminal City and State

 Record Retention:  Merchants/Originators are required to maintain copies of the authorization for CCD transactions for 2 years beyond Settlement Date of the transaction.

  * Notes:

 Amount:  POP transactions must be in the amount of $25,000.00 or less.

 Formatting requirements: 

           Originators must ensure that the name of the Receiver or ID number or code which

          identifies the transaction or customer is included within each POP entry.

           Originators should ensure that the check serial number from the Receiver’s source     document is placed within the Check Serial Number Field of the POP entry.  Further,          the word “check,” abbreviations such as “ck” or “chk,” or other merchant codes must      not be included within the field. Here are some examples of incorrect and correct   applications:

           INCORRECT             0001234

                                      000000000001234

                                      CK# 001234

                                      CK1234

                                      1234 6532986002

                                      CK1234 48832817

           CORRECT                1234

 That’s a lot of information for such a simple process, but I wanted to make sure you had all the important stuff.

 WEB is next, stay tuned.

5 Comments | Beginner, Education | Permalink
Posted by achguy

Standard Entry Class (SEC) Codes: TEL

September 27, 2009

A TEL entry is a transaction for which the authorization is received, orally, over the telephone.  TEL should only be used for Business to Consumer transactions and can only be debits.  Single, one-time debits to be specific.

Authentication:  Unlike most ACH entries, TEL transactions require that the identification of the consumer be verified before the authorization piece takes place.*

 Authorization:  The authorization requirements are very specific for TEL transactions and yet the ACH Operating Rules also give you a workable option.  Here’s the deal:

 TEL authorizations require the following 6 pieces of information:

 Date of the authorization

Date on or after which the transaction will post

The consumer’s name

The amount

A telephone number that is available and answered during normal business hours

A statement by the Originator that the authorization will be used to originate an ACH Debit

And here’s the option.  The Originator gets to decide whether to record the conversation that includes the exchange of those 6 pieces of information, OR provide* a notice to the consumer detailing those 6 pieces of information. 

In addition to all of that, the Originator must state clearly during the telephone conversation that the consumer is authorizing an ACH debit entry to their account, express the terms of the authorization in a clear manner and the Receiver (Customer) must unambiguously express consent.  Silence is not express consent.

Before you can use TEL, there is one last thing you should understand.  A TEL entry can only be transmitted when 1) there is an existing relationship between the Originator and the consumer or 2) if there is not an existing relationship between the Originator and the consumer, then it is the consumer who initiated the telephone call to the Originator.

 

* Notes: 

The Originator must use a commercially reasonable procedure to verify the consumer’s Routing Number.

Provide does not mean that the notice must be received by the Receiver only that it must be sent.  Usually the postmark or time/date stamp of an e-mail is sufficient proof that notice was sent before the transaction posted to the consumer’s account.

Formatting requirement:  Originators must ensure that the name of the Receiver is included within each TEL entry.

Because TEL transactions are one-time debits, they cannot be returned as R07 – Authorization Revoked.

There is so much more I could probably tell you about TEL transactions, but that’s all the big stuff and some of the little stuff too.  All of that being said, stay tuned for POP next.

3 Comments | Beginner, Education | Permalink
Posted by achguy

Standard Entry Class (SEC) Codes: CCD

September 4, 2009

 

CCD – Corporate Credit or Debit

CCD should only be used for any Business to Business transactions* and can be either Debits or Credits. CCD can be used for either a single one-time transaction or recurring transactions and may be accompanied by one addenda record.

Authorization: The authorization requirements are much more lax for CCD transactions* than PPD transactions which we discussed in the last post. However, I like to use the PPD authorization requirements as a guide for a really good authorization.

Here’s what the ACH Operating Rules say though: “The Receiver has authorized the Originator to initiate the entry to the Receiver’s account. In the case of CBR, CCD, and CTX entries, the Receiver has an agreement with the Originator under which the Receiver has agreed to be bound by these rules as in effect from time to time.” Essentially, to me, this means that there must be an agreement. That’s it, there must be an agreement.

The reasoning is that we all assume that when there is an ACH Authorization between two businesses that 1) it will be part of a larger agreement and 2) lawyers (with the best interest of the Receiver) will be involved. The difference of course is the assumption that the typical consumer would not have that luxury and therefore requires additional protections.

Please note that I strongly advocate the incorporation of all or as many as possible PPD authorization requirements be used in any Business to Business authorization.

 

 * Notes:

I know that I said that CCD should only be used for Business to Business transactions; there is of course, one exception. In the event a company is reimbursing an employee for expenses, that transaction to their personal/consumer account should be labeled a CCD.

Just because the requirements for CCD transactions are less onerous than PPD does not mean you should start using CCD for all of your transactions hoping to reduce your requirements. It does not work that way. Sending a CCD transaction to a consumer account, inappropriately, is a violation of the ACH Operating Rules.

And as before, when you have designed the authorization to suit your needs, please, please, please, be sure to pass it by your compliance person or preferably, your legal counsel before you roll it out for general use and after any future changes.

Stay tuned next week for TEL. Ring, ring.

Leave a Comment » | Beginner, Education | Permalink
Posted by achguy

Standard Entry Class (SEC) Codes: PPD

August 21, 2009

PPD – Prearranged Payment and Deposit

PPD Transactions should only be used for Business to Consumer transactions and can be either Debits or Credits. PPD transactions can be used for either a single one-time transaction or recurring transactions.

 Examples of uses:

          Direct Deposit – Employer to Employee

          Direct Payment – Vendor to Customer (i.e. Insurance company debiting my account for monthly insurance payment)      

Authorization: The authorization for PPD transactions must be in writing and then signed or similarly authenticated*. The authorization must be readily identifiable as an authorization, clearly and conspicuously state its terms and should include information such as;

    Name and identifying information of the Originator

    Name and identifying information of the Receiver

    Routing Number

    Account Number

    Account Type (checking or savings/business or personal)

    Amount*

    Date on or after which the transaction will post to the account*

    Revocation/Termination language (does not apply to Single Entry authorizations)*

* Notes:

Similarly Authenticated refers to alternative methods of signature such as digital signatures and security codes. Check out the E-Sign Act for details and a natural sleep-aid substitute.

 The amount can be expressed in various ways. For instance;

    Refer to a separate contract (properly executed, of course),

    A fixed amount ($9.95),

    A range (such as $24.95 to $39.95 – if the amount varies from month to month) or

    A ceiling (up to $47.50).

The phrase “on or after”, when referring to a date is a wonderful addition to any authorization because you cannot always know for certain when a transaction will post. For instance, if you say the 15th, what happens when the 15th falls on a weekend or Federal Holiday? Using the “on or after” phrase offers enough flexibility – a couple of days – to get around that.

I cannot express the importance of having an easy, workable revocation or termination policy/procedure. With few exceptions, the Receiver always maintains the right to revoke or terminate their authorization with you – the K.I.S.S. approach is definitely the way to go. The most common methods are a phone call, written notice and written notice sent by traceable mail (Certified Mail, Fed Ex, UPS, etc.). Whichever works best for you is the way to go, but personally, in writing is always good.

Because I know someone will ask: Consumer to Consumer transactions could use PPD too. However, CIE could also be used. And, with the development of Mobile Payments, there may be another option soon.

There are all kinds of sample authorizations out there, you can check out the 2009 ACH Rules book (page OG36), talk to your Financial Institution, Third Party Service Provider, Regional Payments Association or NACHA. Some samples are free. Some are not.

And finally, when you have designed the authorization to suit your needs, please, please, please, be sure to pass it by your compliance person or preferably, your legal counsel before you roll it out for general use and after any future changes.

Stay tuned next week for CCD. It promises to be just as exciting.

Leave a Comment » | Education | Permalink
Posted by achguy

« Previous Entries
Next Entries »
Follow

Get every new post delivered to your Inbox.