AGENCY:
Bureau of the Fiscal Service, Treasury.
ACTION:
Final rule.
SUMMARY:
The Department of the Treasury, Bureau of the Fiscal Service (Fiscal Service) is amending its regulation governing the use of the Automated Clearing House (ACH) Network by Federal agencies. Our regulation adopts, with some exceptions, the NACHA Operating Rules developed by NACHA—The Electronic Payments Association (NACHA) as the rules governing the use of the ACH Network by Federal agencies. We are issuing this rule to address changes that NACHA has made to the NACHA Operating Rules since the publication of the 2013 NACHA Operating Rules & Guidelines book. These changes include amendments set forth in the 2014, 2015, and 2016 NACHA Operating Rules & Guidelines books.
DATES:
Effective date: September 11, 2017.
Applicability date: The amendment to § 210.5 is applicable beginning on April 1, 2018. The incorporation by reference of certain publications listed in the rule is approved by the Director of the Federal Register as of September 11, 2017.
FOR FURTHER INFORMATION CONTACT:
Matt Helfrich, Senior Program Analyst, at 215-516-8022 or Matthew.Helfrich@fiscal.treasury.gov; or Natalie H. Diana, Senior Counsel, at (202) 874-6680 or natalie.diana@fiscal.treasury.gov.
SUPPLEMENTARY INFORMATION:
I. Proposed Rulemaking and Comments Received
A. Background
We published a Notice of Proposed Rulemaking (NPRM) on November 30, 2016, requesting comment on a number of proposed amendments to title 31 CFR part 210 (part 210). 81 FR 86302. Part 210 governs the use of the ACH Network by Federal agencies. The ACH Network is a nationwide electronic fund transfer (EFT) system that provides for the inter-bank clearing of electronic credit and debit transactions and for the exchange of payment-related information among participating financial institutions. Part 210 incorporates the NACHA Operating Rules, with certain exceptions. From time to time the Fiscal Service amends part 210 in order to address changes that NACHA periodically makes to the NACHA Operating Rules or to revise the regulation as otherwise appropriate.
Currently, part 210 incorporates the NACHA Operating Rules as set forth in the 2013 NACHA Operating Rules & Guidelines book. NACHA has adopted a number of changes to the NACHA Operating Rules since the publication of the 2013 NACHA Operating Rules & Guidelines book. We proposed to incorporate in part 210 most, but not all, of these changes. We also proposed two changes to part 210, related to reversals and prepaid cards, that do not stem from a change to the NACHA Operating Rules.
We received three comment letters on the NPRM. Two of the commenters were industry trade associations and the third was NACHA. Commenters were generally pleased that Fiscal Service proposed to adopt most of the 2014, 2015 and 2016 amendments to the NACHA Operating Rules, but commented that three of the exceptions to the NACHA Operating Rules proposed in the NPRM are inappropriate and should not be adopted. Commenters also stated that Fiscal Service's approach to adopting Same Day ACH should be modified. Finally, commenters urged Fiscal Service to be more timely in addressing NACHA Rule changes.
B. Summary of Comments
Unauthorized Entry Fee
In the 2015 amendments to the NACHA Operating Rules, NACHA added a new Section 1.11 to provide for the payment of an “Unauthorized Entry Fee.” Under this section, when an originating depository financial institution (“ODFI”) originates a debit Entry to a receiving depository financial institution (“RDFI”) to transfer funds from the account of a Receiver to an account of an Originator, and the Entry is returned on the basis that it is unauthorized, the ODFI agrees to pay an Unauthorized Entry Fee to the RDFI. In the NPRM, we proposed not to adopt the Unauthorized Entry Fee provisions of the NACHA Operating Rules because part 210 does not incorporate the provisions of the NACHA Operating Rules dealing with enforcement for noncompliance, and the government does not as a general matter subject itself to fines for violations of the NACHA Operating Rules.
Two of the commenters opposed Fiscal's Service's proposal to exempt the government from paying Unauthorized Entry Fees, arguing that the fees are not fines or penalties but service fees intended to compensate RDFIs for costs incurred by the RDFI in handling unauthorized Entries. NACHA commented that unlike a fine imposed for noncompliance, the fee is not imposed as a result of an enforcement process by NACHA, is not paid to NACHA (Fines and penalties imposed by NACHA pursuant to its enforcement process are paid by the participant that violated the NACHA Operating Rules directly to NACHA. See NACHA Operating Rules, App. Ten, Subpart 10.4.7.1.) and is not set at a level that is punitive in nature. Rather, it is based upon a NACHA cost study that assessed the burden that unauthorized entries place on RDFIs. According to NACHA, this allocation of cost to the party in the best position to mitigate the cost (i.e., through improvements to origination practices) provides an incentive to improve the quality of the network by reducing the number of unauthorized Entries that are initiated. NACHA also pointed out that the Unauthorized Entry Fee is specifically set at a level below actual RDFI cost in order to avoid creating a disincentive to ODFI participation in the network, and that nothing in the materials accompanying the development, balloting and adoption of the Unauthorized Entry Fee in any way characterized the fee as a fine or penalty. In short, NACHA asserts that the Unauthorized Entry Fee is no different from any other fees that the government would pay for services in which it participates and accordingly that the exclusion of the Unauthorized Entry Fees may amount to an improper taking of property without just compensation, in violation of the Takings Clause of the Fifth Amendment to the U.S. Constitution.
Based on this analysis we agree with the conclusion that the Unauthorized Entry Fee is in the nature of a fee for services rather than a fine or penalty and that it is appropriate for the government to pay the fee when it is the Originator of an Unauthorized Entry. Accordingly, we are accepting the Unauthorized Entry Fee provisions for government ACH transactions.
Return Rate Levels
In 2015, the NACHA Operating Rules were amended to establish an inquiry process as a starting point to evaluate the origination activity of Originators and Third-Party Senders that reach the new administrative return and overall debit return rate levels. The identification of an Originator or Third-Party Sender with a return rate that is higher than the respective return rate level may trigger a review of the Originator's or Third-Party Sender's ACH origination procedures. At the conclusion of the inquiry, NACHA may determine that no further action is required, or it may take the next step and recommend to the ACH Rules Enforcement Panel that the ODFI be required to reduce the Originator's or Third-Party Sender's overall or administrative return rate below the established level.
As discussed above, Fiscal Service generally takes the position that it will not be subject to the enforcement provisions of the NACHA Operating Rules for noncompliance, including fines for violations of the provisions of the NACHA Operating Rules. Because the return rate level reporting provisions of the NACHA Rules are a basis for enforcement, Fiscal Service proposed not to adopt the return rate level reporting provisions. NACHA commented that Fiscal Service's concern with reporting return rate levels is misplaced because Section 2.17 is not an enforcement rule and that the provisions for enforcement of Section 2.17 are set forth at Appendix 10 to the NACHA Operating Rules, which is separately exempted from part 210.
Because the Federal government is the largest single participant in the ACH Network, NACHA indicated that information concerning the Federal government's return rate levels could be invaluable in connection with analyzing elevated return rates. NACHA asserted that this benefit far outweighs the minimal additional burden to the government of complying with the return rate reporting requirements and therefore requested that Fiscal Service modify the Proposed Rule to delete from part 210 the exclusion of Section 2.17 of the NACHA Operating Rules or, in the alternative, to limit the exclusion to Sections 2.17.2.2 through 2.17.2.6 of the amended NACHA Operating Rules.
In light of the value of the government's return rate levels for the ACH Network, Fiscal Service is accepting in the final rule the reporting requirement of Section 2.17 and limiting the exclusion to Sections 2.17.2.2 through 2.17.2.6.
Notification of Reversals
In the NPRM we proposed to amend part 210 to address a requirement in the ACH Rules (NACHA Operating Rule 2.9.1) that requires that the Originator of a Reversing Entry make a reasonable attempt to notify the Receiver of the Reversing Entry and the reason for the Reversing Entry no later than the settlement date of the Entry. Fiscal Service has had experience with this requirement, which is not new, and has found that in attempting to contact Receivers regarding the reversal of a duplicate or erroneous Entry on behalf of federal agencies, efforts to reach Receivers, typically through the RDFI, are often unsuccessful. Adhering to the notification requirement impedes the timeliness and efficiency of originating reversals, which is disadvantageous both for Fiscal Service and for Receivers. Accordingly, we proposed to exclude this requirement from incorporation in part 210.
All of the commenters urged Fiscal Service to reconsider the proposed exclusion. Commenters noted that the purpose of the requirement is to ensure that, in the case of a credit Entry, the Receiver does not remove the funds received as a result of the Erroneous Entry before it can be reversed, and in the case of a debit Entry, the Receiver is notified quickly that funds were removed from their account in error and that the error will be reversed. Commenters pointed out that Section 2.9.1 does not impose an absolute requirement that an Originator notify the Receiver of the Reversing Entry, but only requires that the Originator make a “reasonable attempt” to do so. The commenters argued that the fact that Fiscal Service may find that despite its reasonable efforts it frequently is unable to reach the applicable Receiver does not undermine the importance and value of making the effort, because of the benefit that results in those instances where reasonable efforts are successful.
NACHA also observed that the obligation to make reasonable efforts to notify the Receiver should have no effect on the timeliness or efficiency of originating Reversing Entries because notice to the Receiver is not a prerequisite for initiating a Reversing Entry. Thus, the obligation to make a reasonable attempt to notify the Receiver should not prevent the initiation of a Reversing Entry.
In view of the fact that only a reasonable effort to notify the Receiver is required, and because Fiscal Service recognizes the value of notifying consumers of reversals when possible, Fiscal Service is not adopting the proposal to opt out of the reversal notification requirement.
Same Day ACH
In 2016 NACHA adopted an amendment that allows for same-day processing of ACH payments. Previously, the standard settlement period for ACH transactions was one or two business days after processing. The Same-Day ACH amendment enables Originators that desire same-day processing have the option to send Same Day ACH Entries to accounts at any RDFI. All RDFIs are required to receive Same-Day ACH Entries, which gives ODFIs and Originators the certainty of being able to send same day ACH Entries to accounts at all RDFIs in the ACH Network. The amendment includes a “Same-Day Entry fee” on each Same-Day ACH transaction to help mitigate RDFI costs for supporting Same-Day ACH.
The amendment has a phased implementation period, spreading from 2016 to 2018, with the following effective dates:
- Phase 1—September 23, 2016: ACH credits became eligible to be processed during two new Same-Day ACH windows with submission deadlines at 10:30 a.m. ET and 2:45 p.m. ET, with settlement occurring at 1:00 p.m. ET and 5:00 p.m. ET, respectively. RDFIs are required to provide funds availability by the end of the RDFI's processing day. Applicable to ACH credits only and non-monetary Entries, with funds availability due at the end of the RDFI's processing day.
- Phase 2—September 15, 2017: ACH debits will become eligible for same-day processing during the two new Same-Day windows.
- Phase 3—March 16, 2018: RDFIs will be required to provide funds availability for same day credits no later than 5:00 p.m. at the RDFI's local time.
In the NPRM we proposed to accept NACHA's 2016 Same-Day amendments but with delayed implementation until August 30, 2017 of NACHA's Phase 1 implementation date where the government is receiving Same-Day credit Entries. The delayed implementation date reflects coding and reporting changes and testing that must be undertaken to enable the processing of incoming Same-Day credit Entries by Fiscal Service's ACH credit processing systems. We did not propose to delay the government's implementation of the NACHA Same-Day ACH amendment's Phase 2 or Phase 3 implementation dates.
NACHA commented that it would be inequitable for the Fiscal Service to reserve the right to require RDFIs to process Same Day Entries originated by the government, but refuse to process Same Day Entries that are received by the government. By doing so, the government would receive the benefit of the new rules, without having to accept any of the obligations with which all other Participating DFIs must comply. For this reason, NACHA recommended that the NPRM be revised to provide that the government will not originate Same Day Entries until it is ready to receive Same Day Entries, regardless of the effective date of a final rule on part 210.
Second, NACHA requested that the final rule provide a date certain by which the government will begin receiving Same Day Entries, stating that the NPRM preamble indicated only that the government will implement Phase 1 for purposes of receiving Same Day Entries “no earlier than” August 30, 2017.
In the final rule we are providing a date certain of September 15, 2017 for implementation, and applying that date to both the origination and receipt of Same Day entries, as requested.
Fiscal Service's Review Process
With respect to Fiscal Service's rulemaking process to review ACH Rules generally, NACHA commented that by waiting in some cases until after a rules change has been implemented, the current process can be disruptive to other participants and may cause them to incur additional and unnecessary costs. NACHA urged Fiscal Service to establish a process to review amendments to the NACHA Operating Rules on at least an annual basis, arguing that because Fiscal Service actively participates in the NACHA rulemaking process, the government has ample opportunity to understand and evaluate NACHA rule proposals well in advance of their respective effective dates.
We understand that the delay in the government's review and adoption of ACH rule changes may inconvenience ACH network participants. However, Fiscal Service cannot address ACH rule changes other than through the notice-and-comment rulemaking process required under the Administrative Procedure Act. The rulemaking process is inherently cumbersome and time-consuming, typically taking a year to move through the process of developing and publishing a proposed rule, ultimately followed by a final rule. Fiscal Service will work toward addressing ACH rule changes on as timely a basis as possible in light of regulatory and resource limitations.
II. Final Rule
In the Final Rule we are adopting all of the amendments to part 210 that were proposed in the NPRM, as follows:
A. 2014 NACHA Operating Rules & Guidelines Book Changes
The 2014 edition of the NACHA Operating Rules & Guidelines contains changes related to the following amendments:
- Person-to-Person Payments via ACH;
- IAT Modifications; Proof of Authorization for Non-Consumer Entries;
- Proof of Authorization for Non-Consumer Entries;
- Dishonored Returns and Contested Dishonored Returns Related to an Unintended Credit to a Receiver;
- Reclamation Entries—Corrections to Rules Governing Authorizations;
- Incomplete Transaction Clarification;
- Use of Tilde as Data Segment Terminator;
- Editorial Clarification—Non-Consumer Receiver's Obligation to Credit Originator's Account;
- Prenotification Entries—Reduction in Waiting Period for Live Entries;
- Notification of Change (NOC)—Removal of Change Code C04 (Incorrect Individual Name/Receiving Company Name); and
- ACH Operator Edit for Returns.
We are incorporating in part 210 all of the foregoing amendments, which are summarized below, except the amendment relating to reclamation entries.
1. Person-to-Person Payments via ACH
This amendment standardized the use of the ACH Network for Person-to-Person (P2P) Entries by expanding the Internet-Initiated/Mobile (WEB) SEC Code to accommodate credit Entries transmitted between consumers (P2P transactions). A P2P Entry is defined as “a credit Entry initiated by or on behalf of a holder of a Consumer Account that is intended for a Consumer Account of a Receiver.” The amendment also modified the definition of a Customer Initiated Entry (CIE) to “a credit Entry initiated by or on behalf of the holder of a Consumer Account to the Non-Consumer Account of a Receiver.” These definitional changes ensure there is a clear differentiation between WEB credit and CIE—i.e., CIE for a bill payment from a consumer to a business, and WEB credit for a P2P transaction from one consumer to another or between consumer accounts belonging to the same person. In addition, this amendment clarified the treatment of NOCs related to credit WEB Entries and CIE Entries.
We are accepting this amendment.
2. IAT Modifications
This amendment revised the NACHA Operating Rules to update the rules and formatting of the International ACH Transaction (IAT) in order to facilitate more accurate screening and compliance with OFAC sanctions policies. This modification requires a Gateway to identify within an Inbound IAT Entry (1) the ultimate foreign beneficiary of the funds transfer when the proceeds from a debit Inbound IAT Entry are for further credit to an ultimate foreign beneficiary that is a party other than the Originator of the debit IAT Entry, or (2) the foreign party ultimately funding a credit Inbound IAT Entry when that party is not the Originator of the credit IAT Entry. This amendment revised the description of the Payment Related Information Field as it relates to the IAT Remittance Addenda Record to establish specific formatting requirements for inclusion of the ultimate foreign beneficiary's/payer's name, street address, city, state/province, postal code, and ISO Country Code. The amendment also requires an Originator, Third-Party Sender, ODFI, or Gateway transmitting an IAT Entry to identify any country named within the IAT Entry by that country's 2-digit alphabetic ISO Country Code, as defined by the International Organization for Standardization's (ISO) 3166-1-alpha-2 code list.
We are accepting this amendment.
3. Proof of Authorization for Non-Consumer Entries
This amendment established a minimum standard for proof of authorization for Non-Consumer Entries to aid in the resolution of unauthorized or fraudulent debits to businesses, particularly those where no trading partner relationship/agreement exists between the Originator and Receiver. This change permits an RDFI to request proof of a Non-Consumer Receiver's authorization for a CCD, CTX, or an Inbound IAT Entry to a Non-Consumer Account. The ODFI must provide the required information to the RDFI at no charge within ten banking days of receiving a written request for such information from the RDFI. The amendment also requires the Originator to provide such proof of authorization to the ODFI for its use or for use by the RDFI.
The amendment provides two methods by which an ODFI can comply with the RDFI's request for proof of authorization. The first is to provide an accurate record of the authorization. The second is to provide the Originator's contact information that can be used for inquiries about authorization of Entries. At a minimum, this contact information must include (1) the Originator's name, and (2) the Originator's phone number or email address for inquiries regarding authorization of Entries.
We are accepting this amendment.
4. Dishonored Returns and Contested Dishonored Returns Related to an Unintended Credit to a Receiver
This amendment established the right of an ODFI to dishonor the Return of a debit Erroneous Entry if the Return Entry results in an unintended credit to the Receiver because (1) the Return Entry relates to a debit Erroneous Entry, (2) the ODFI has already originated a credit Reversing Entry to correct the Erroneous Entry, and (3) the ODFI has not received a Return of that credit Reversing Entry.
Similarly, under this amendment an ODFI may dishonor the Return of a debit Reversing Entry if the Return Entry results in an unintended credit to the Receiver because (1) the Return Entry relates to a debit Reversing Entry that was intended to correct a credit Erroneous Entry, and (2) the ODFI has not received a Return of that credit Erroneous Entry. The amendment requires an ODFI dishonoring a debit Return Entry under either of these conditions to warrant that it originated a Reversal in an effort to correct the original erroneous transaction and therefore is dishonoring the Return of the debit Erroneous Entry or the debit Reversing Entry, either of which causes an unintended credit to the Receiver. The amendment also establishes the right of an RDFI to contest this type of dishonored Return if either of the following conditions exists: (1) The RDFI returned both the Erroneous Entry and the related Reversal; or (2) the RDFI is unable to recover the funds from the Receiver.
We are accepting this amendment.
5. Reclamation Entries—Corrections to Rules Governing Authorization
This amendment made several corrections to the rules governing the authorization of Reclamation Entries. These changes address technical and drafting discrepancies between Reversing Entries and Reclamation Entries in the NACHA Operating Rules and make the rules related to Reclamation Entries consistent with those for Reversing Entries to the extent possible.
We are not incorporating this amendment in part 210. Part 210 generally excludes all NACHA Operating Rules relating to the reclamation of benefit payments because part 210 contains specific provisions on the reclamation of Federal benefit payments. No revision to the text of part 210 is required to exclude this amendment from part 210 because the amendment modifies Section 2.10 of the NACHA Operating Rules, which is already inapplicable to the government under § 210.2(d)(2).
6. Incomplete Transaction Clarifications
The Incomplete Transaction Clarifications amendment recognizes certain ARC, BOC, and POP Entries to Non-Consumer Accounts as eligible for return under the Incomplete Transaction Rule. This change streamlines RDFIs' processing of ARC, BOC, and POP returns and improves their ability to comply with the NACHA Operating Rules by eliminating different processing requirements for unauthorized/improper consumer and non-consumer ARC, BOC, and POP Entries, which share the same Standard Entry Class Code. The change restores the RDFI's ability to rely solely on the Standard Entry Class Code when determining handling requirements for specific types of Entries. This amendment also added specific references to “consumer” Receivers, where appropriate, to add clarity regarding the scope of the Incomplete Transaction Rules.
This amendment modifies Article Three, Subsection 3.12.3 (Incomplete Transaction) to add the word “consumer” to clarify that the Receiver of an Incomplete Transaction is generally the owner of a consumer account, with one specific exception. The amendment also adds language to this subsection to state that an ARC, BOC, or POP Entry may also be considered an Incomplete Transaction regardless of whether the account that is debited is a Consumer Account or a Non-Consumer Account. The amendment made corresponding changes to the definition of an Incomplete Transaction in Article Eight, Section 8.50 and clarified that a Written Statement of Unauthorized Debit must be accepted for any Incomplete Transaction involving any ARC, BOC, or POP Entry.
We are accepting this amendment.
7. Use of Tilde as Data Segment Terminator
This amendment corrected two IAT field descriptions, “Originator City and State/Province” and “Receiver City and State/Province,” to clarify that the tilde (“~”) is a valid data segment terminator.
We are accepting this amendment.
8. Editorial Clarification—Non-Consumer Receiver's Obligation to Credit Originator's Account
This amendment revised the text and title of Article Three, Subsection 3.3.1.3 (Non-Consumer Receiver Must Credit Originator's Account) to make the section's intent clearer and easier to understand for ACH Network participants. This change was editorial in nature only.
We are accepting this amendment.
9. Prenotification Entries—Reduction in Waiting Period for Live Entries
This amendment reduced the six banking-day waiting period between initiation of a Prenotification and “live” Entries for Originators choosing to originate Prenotes. This amendment also modified the NACHA Operating Rules related to Notifications of Change to clarify the Originator's obligations with respect to an NOC received in response to a Prenote. This change permits an Originator that has originated a Prenotification Entry to a Receiver's account to initiate subsequent Entries to the Receiver's account as soon as the third Banking Day following the Settlement Date of the Prenotification Entry, provided that the ODFI has not received a return or NOC related to the Prenotification.
We are accepting this amendment.
10. Notification of Change—Removal of Change Code C04 (Incorrect Individual Name/Receiving Company Name)
This amendment removed the Notification of Change Code—C04 (Incorrect Individual Name/Receiving Company Name) from the NACHA Operating Rules. Change Code C04 (Incorrect Individual Name/Receiving Company Name) had been used by RDFIs to request a correction to the name of the Receiver indicated in an ACH Entry. As with any Notification of Change, the RDFI that transmitted an NOC with this change code warranted the accuracy of the corrected data (in this case, the Receiver's name). The Originator was then obligated to make the requested change within six banking days or prior to initiating a subsequent Entry, whichever is later.
In certain scenarios, the use of C04 created compliance and liability challenges for the Originator, ODFI, and RDFI. Generally speaking, an ACH transaction involves a mutual customer of both the Originator and the RDFI. In the event that the Receiver's name on a debit Entry was different from the name on the account, most RDFIs would either post the Entry based solely on the account number or return the transaction using Return Reason Code R03 (No Account/Unable to Locate Account). In some cases, RDFIs transmitted NOCs using Change Code C04 to instruct the Originator to change the Receiver's name on future Entries. The use of C04 presented additional risk to the RDFI and the ODFI and/or the Originator because the RDFI was warranting that the name change is accurate, but it did not always reflect the party with whom the Originator has the relationship. As a result, Originators were typically unable or unwilling to make the changes in accordance with their obligations under the NACHA Operating Rules. An Originator continuing to debit its customer without making the change warranted by the RDFI did so in violation of the current Rules, creating challenges and conflict for all parties. Eliminating Change Code C04 (Incorrect Individual Name/Receiving Company Name) removed the challenges and potential rules violations that Originators faced when they receive a request for a name change that they were unable to make. Under the amendment, an Originator can rely on its own contracts and records to properly identify the name of the Receiver being credited or debited without being in violation of the NACHA Operating Rules because of the failure to respond to an NOC.
Eliminating Change Code C04 (Incorrect Individual Name/Receiving Company Name) lessens the risk to the RDFI as it warrants that information contained in an NOC is correct. A change as significant as a name change should be accomplished through communication of the Receiver with the Originator so that the authorization held by the Originator is accurate. The RDFI that identifies a name mismatch can post the Entry based solely on the account number, return the Entry as R03, or choose to assist its Receiver by communicating directly with the ODFI/Originator. Any of these options should cause the Originator and the Receiver to communicate relating to needed changes while relieving the RDFI of the warranty that the information is correct.
We are accepting this amendment.
11. ACH Operator Edit for Returns
This amendment incorporated an additional ACH Operator edit within the listing of ACH Operator file/batch reject edit criteria specified within Appendix Two of the NACHA Operating Rules. Specifically, this edit requires ACH Operators to reject any batch of Return Entries in which RDFI returns and ACH Operator returns are commingled. By definition, different parties are responsible for generating each type of return, and each must be separately identified within the Company/Batch Header Record as the sender of the batch. This ACH Operator edit codifies this fact within the NACHA Operating Rules and ensures consistent processing of return batches by all ACH Operators.
We are accepting this amendment.
B. 2015 NACHA Operating Rules & Guidelines Book Changes
The 2015 edition of the NACHA Operating Rules contains changes related to the following amendments:
The 2015 Rules & Guidelines book also included two amendments addressed in the 2014 Rules & Guidelines book that had effective dates in 2015: (1) Dishonored Returns and Contested Dishonored Returns Related to an Unintended Credit to a Receiver and (2) Notification of Change—Removal of Change Code C04. Because those amendments are addressed in Section A above, we are not including them in Section B.
- ACH Network Risk and Enforcement;
- Improving ACH Network Quality—Unauthorized Entry Fee;
- Clarification on Company Identification for P2P WEB Credit Entries;
- Point-of-Sale Entries—Clarification of General Rule;
- Return Fee Entry Formatting Requirements;
- Entry Detail Record for Returns—Clarification Regarding POP Entries;
- Clarification of RDFI's Obligation to Recredit Receiver;
- Clarification on Prenotification Entries and Addenda Records; and
- ACH Operator Edit for Returns.
We are incorporating in part 210 all of the foregoing amendments, which are summarized below, other than some provisions of the amendment relating to ACH Network Risk and Enforcement.
1. ACH Network Risk and Enforcement
This amendment expanded existing rules regarding ODFIs' and Third-Party Senders' requirements for risk management and origination practices, such as return rate levels. It also expanded NACHA's authority to initiate enforcement proceedings for a potential violation of the NACHA Operating Rules related to unauthorized Entries.
Return Rate Levels
The amendment reduced the threshold for unauthorized debit Entries (Return Reason Codes R05, R07, R10, R29, and R51) from 1.0 percent to 0.5 percent and also established two new return rate levels for other types of returns. First, a return rate level of 3.0 percent will apply to debit entries returned due to administrative or account data errors (Return Reason Codes R02—Account Closed; R03—No Account/Unable to Locate Account; and R04—Invalid Account Number Structure). Second, a return rate level of 15.0 percent will apply to all debit entries (excluding RCK entries) that are returned for any reason.
The amendment also established an inquiry process, which is separate and distinct from an enforcement proceeding, as a starting point to evaluate the origination activity of Originators and Third-Party Senders that reach the new administrative return and overall debit return rate levels. The identification of an Originator or Third-Party Sender with a return rate that is higher than the respective return rate level may trigger a review of the Originator's or Third-Party Sender's ACH origination procedures. At the conclusion of the inquiry, NACHA may determine that no further action is required, or it may take the next step and recommend to the ACH Rules Enforcement Panel that the ODFI be required to reduce the Originator's or Third-Party Sender's overall or administrative return rate below the established level.
In this new role, the ACH Rules Enforcement Panel will be the final authority in deciding, after the completion of the inquiry, whether the ODFI should be required to reduce the Originator's or Third-Party Sender's overall or administrative return rate. After reviewing NACHA's recommendation, the Panel can decide either to take no action, at which point the case would be closed, or to have NACHA send a written directive to the ODFI, which would require the reduction of the Originator's or Third-Party Sender's administrative or overall return rate.
We are incorporating in part 210 the provisions of the amendment relating to return rate level reporting at section 2.17. We are not accepting the provisions for enforcement of Section 2.17 that are set forth at Appendix 10 to the NACHA Operating Rules, which is separately exempted from part 210. The exclusion from Section 2.17 in the regulation text is limited to Sections 2.17.2.2 through 2.17.2.6.
Reinitiation of Entries
This amendment explicitly prohibited the reinitiation of Entries outside of the express limited circumstances under which they are permitted under the NACHA Operating Rules. The amendment also added a specific prohibition against reinitiating a transaction that was returned as unauthorized. The amendment further included an anti-evasion provision, specifying that any other Entry that NACHA reasonably believes represents an attempted evasion of the defined limitations will be treated as an improper reinitiation. The ACH Rules Enforcement Panel will have final authority in deciding whether a specific case involves an attempted evasion of the limitations on reinitiation.
To avoid unintended consequences from these clarifications, the amendment included two categories of Entries that will not be considered reinitiations. First, the amendment clarified that a debit Entry in a series of preauthorized recurring debit Entries will not be treated as a reinitiated Entry, even if the subsequent debit Entry follows a returned debit Entry, as long as the subsequent Entry is not contingent upon whether an earlier debit Entry in the series has been returned. Second, the amendment expressly stated that a debit Entry will not be considered a “reinitiation” if the Originator obtains a new authorization for the debit Entry after the receipt of the Return.
The amendment requires a reinitiated Entry to contain identical content in the following fields: Company Name, Company ID, and Amount. Further, the amendment permits modification to other fields only to the extent necessary to correct an error or facilitate processing of an Entry. This change allows reinitiations to correct administrative errors, but prohibits reinitiation of Entries that may be attempts to evade the limitation on the reinitiation of returned Entries by varying the content of the Entry. Finally, the amendment addressed certain technical issues associated with the reinitiation requirements.
We are accepting the reinitiation provisions of the amendment.
Third-Party Sender Issues
The amendment added a direct obligation on Third-Party Senders to monitor, assess and enforce limitations on their customer's origination and return activities in the same manner the NACHA Operating Rules require of ODFIs. Prior to this amendment, the NACHA Operating Rules required ODFIs to establish, implement, periodically review and enforce exposure limits for their Originators and Third-Party Senders. The ODFI was required to monitor each Originator's and Third-Party Sender's origination and return activity across multiple Settlement Dates, enforce restrictions on the types of Entries that may be originated and enforce the exposure limit. If an ODFI enters into a relationship with a Third-Party Sender that processes Entries such that the ODFI itself cannot or does not perform these monitoring and enforcement tasks with respect to the Originators serviced by the Third-Party Sender, the Third-Party Sender must do so. The amendment added a specific statement of this obligation.
We are accepting the Third-Party Sender provisions of the amendment.
NACHA's Enforcement Authority
The amendment provided NACHA with the express authority to bring an enforcement action based on the origination of unauthorized entries. To ensure the judicious use of the expanded authority, the amendment requires the ACH Rules Enforcement Panel to validate the materiality of this type of enforcement case before NACHA can initiate any such proceeding. In addition, the amendment encourages RDFIs to voluntarily provide to NACHA information, such as return data, that may be indicative of a potential rules violation for improper authorization practices by other ACH Network participants, even if the RDFI is not interested in itself initiating a rules enforcement proceeding. Such early sharing of information regarding unusual return rates or unauthorized transactions can help eliminate improper activities more quickly.
We are not incorporating in part 210 the provisions of the amendment that relate to NACHA's enforcement authority. Part 210 excludes the government from the risk investigation and enforcement provisions of the NACHA Operating Rules. Fiscal Service tracks unauthorized return rates for Federal agencies and will use the new unauthorized return limits and reinitiation limitations in overseeing agency ACH origination activity. No change to the text of part 210 is required to exclude these provisions because part 210 already excludes Appendix Ten of the NACHA Operating Rules, which governs rules enforcement.
2. Improving ACH Network Quality—Unauthorized Entry Fee
This amendment requires an ODFI to pay a fee to the RDFI for each ACH debit that is returned as unauthorized (Return Reason Codes R05, R07, R10, R29 and R51). RDFIs will be compensated for a portion of the costs they bear for handling unauthorized transactions, and will experience reduced costs due to a reduction in unauthorized transactions over time. The amendment provides that ODFIs and RDFIs authorize debits and credits to their accounts for the collection and distribution of the fees. IAT transactions are not covered by the fee, but could be included in the future. The amendment defines a methodology by which NACHA staff will set and review every three years the amount of the Unauthorized Entry Fee. In setting the amount of the fee, NACHA staff will apply several stated principles, including the review of RDFI cost surveys. Based on the results of the current data collection on RDFIs' costs for handling unauthorized transactions, NACHA has estimated that the fee amount will be in the range of $3.50-$5.50 per return.
We are accepting the Unauthorized Entry Fee provisions of the amendment.
3. Clarification of Company Identification for Person-to-Person WEB Credit Entries
This amendment added language to the Company Identification field description to clarify content requirements for Person-to-Person (P2P) WEB credit Entries.
For P2P WEB credit Entries, the Company/Batch Header Record identifies the P2P service provider (i.e., the consumer Originator's own financial institution or a third-party service provider) rather than the consumer Originator. Prior to the amendment, the NACHA Operating Rules specifically defined service provider content requirements for the Company Name field, but omitted the same clarification for the Company Identification, which is a related field. The purpose of the amendment was to eliminate any potential confusion over proper formatting of this field.
We are accepting this amendment.
4. Point-of-Sale (POS) Entries—Clarification of General Rule
This amendment re-aligned the general rule for POS Entries with the definition of POS Entries in Article Eight. A POS Entry is generally considered to be a debit Entry initiated at an electronic terminal by a consumer to pay an obligation incurred in a point-of-sale transaction. However, a POS Entry can also be an adjusting or other credit Entry related to the debit Entry, transfer of funds, or obligation (for example, a credit to refund a previous point-of-sale transaction). Prior to the amendment, the definition of POS within the NACHA Operating Rules recognized these Entries as both debits and credits, but the general rule for POS identified POS Entries only as debits. This amendment corrected the discrepancy.
We are accepting this amendment.
5. Return Fee Entry Formatting Requirements
This amendment modified the description of the Individual Name Field in a PPD Return Fee Entry related to a returned ARC, BOC, or POP Entry to require that it contain the same information identified within the original ARC, BOC, or POP Entry. The Individual Name Field is optional for ARC, BOC, and POP; therefore, this field (1) may include the Receiver's name, (2) may include a reference number, identification number, or code that the merchant needs to identify the particular transaction or customer, or (3) may be blank.
The name of the Receiver must be included in all PPD Entries. With ARC, BOC, or POP Entries, where a reading device must be used to capture the Receiver's routing number, account number, and check serial number, it is difficult for the Originator to capture the Receiver's name in an automated fashion. For this reason, the NACHA Operating Rules do not require Originators to include the Receiver's name in the ARC, BOC, or POP Entry Detail Record. Originators are permitted the choice of including either the Receiver's name, or a reference number, identification number, or code necessary to identify the transaction, or the field may be left blank. Because information contained within the returned ARC, BOC, or POP Entry is typically used to create a related Return Fee Entry, the Receiver's name is likely not readily available to the Originator for use in the Return Fee Entry, especially when the Receiver's authorization for the Return Fee Entry was obtained by notice. This amendment established consistent formatting requirements with respect to the Receiver's name for check conversion entries and related return fees.
We are accepting this amendment.
6. Entry Detail Record for Returns—Clarification Regarding POP Entries
This amendment added a footnote to the Entry Detail Record for Return Entries to clarify the specific use of positions 40-54 with respect to the return of a POP Entry. On a forward POP Entry, positions 40-54 represent three separate fields to convey (1) the check serial number (positions 40-48); (2) the truncated name or abbreviation of the city or town in which the electronic terminal is located (positions 49-52); and (3) the state in which the electronic terminal is located (positions 53-54). However, these three fields are not explicitly identified in the Entry Detail Record for Return Entries, which caused some confusion among users as to how to map such information from the original forward Entry into the Return Entry format.
We are accepting this amendment.
7. Clarification of RDFI's Obligation To Recredit Receiver
This amendment clarified that an RDFI's obligation to recredit a Receiver for an unauthorized or improper debit Entry is generally limited to Consumer Accounts, with certain exceptions for check conversion and international transactions. Prior to the NACHA Operating Rules simplification initiative in 2010, the rules governing a Receiver's right to recredit for unauthorized debit entries clearly limited this provision to debit Entries affecting Consumer Accounts, except as expressly provided for ARC, BOC, IAT, and POP Entries (which can affect both consumer and business accounts). However, when rules language was combined and revised during the simplification process into a general discussion on recredit, some of this clarity was lost, resulting in language that was somewhat ambiguous and the cause of confusion for some ACH participants. This change more clearly defines the intent of the rule requirement for an RDFI to recredit a Receiver.
We are accepting this amendment.
8. Clarification of Prenotification Entries and Addenda Records
This amendment revised the NACHA Operating Rules to clarify that, with the exception of IAT Entries, a prenotification Entry is not required to include addenda records that are associated with a subsequent live Entry. Generally speaking, the format of a Prenotification Entry must be the same as the format of a live dollar Entry. There are, however, some differences between Prenotes and live Entries to which the Prenotes relate:
- The dollar amount of a Prenotification Entry must be zero;
- a Prenotification Entry is identified by a unique transaction code; and
- addenda records associated with a live Entry are not required with Prenotes (unless the Prenote relates to an IAT Entry).
While the first two formatting criteria above for Prenotification Entries are clearly defined within the technical standards and are commonly understood by industry participants, the issue of whether Prenotification Entries require addenda records was somewhat ambiguous. The amendment eliminated that ambiguity.
We are accepting this amendment.
9. ACH Operator Edit for Returns
This amendment incorporated an additional ACH Operator edit within the listing of ACH Operator file/batch reject edit criteria specified within Appendix Two of the NACHA Operating Rules. Specifically, this edit requires ACH Operators to reject any batch of Return Entries in which RDFI returns and ACH Operator returns are commingled. By definition, different parties are responsible for generating each type of return, and each must be separately identified within the Company/Batch Header Record as the sender of the batch. This ACH Operator edit codifies this fact and ensures consistent processing of return batches by all ACH Operators.
We are accepting this amendment.
C. 2016 NACHA Operating Rules & Guidelines Book Changes
The 2016 edition of the NACHA Operating Rules & Guidelines contains changes related to the following amendments:
The 2016 Rule Book also codified changes related to the rule NACHA adopted in 2015 on Improving ACH Network Quality (Unauthorized Entry Fee), which is addressed above in Section B—2015 NACHA Operating Rule Book Changes.
- Same-Day ACH: Moving Payments Faster;
- Disclosure Requirements for POS Entries;
- Recrediting Receiver—Removal of Fifteen Calendar Day Notification Time Frame;
- Clarification of RDFI Warranties for Notifications of Change; and
- Minor Rules Topics.
We are incorporating in part 210 all of the foregoing amendments except that we are delaying our implementation of Same-Day ACH as discussed below.
1. Same-Day ACH: Moving Payments Faster
This amendment allows for same-day processing of ACH payments. Previously, the standard settlement period for ACH transactions is one or two business days after processing. The Same-Day ACH amendment enables the option for same-day processing and settlement of ACH payments through new ACH Network functionality without affecting existing ACH schedules and capabilities. Originators that desire same-day processing have the option to send Same Day ACH Entries to accounts at any RDFI. All RDFIs are required to receive Same-Day ACH Entries, which gives ODFIs and Originators the certainty of being able to send same day ACH Entries to accounts at all RDFIs in the ACH Network. The amendment includes a “Same-Day Entry fee” on each Same-Day ACH transaction to help mitigate RDFI costs for supporting Same-Day ACH.
The amendment has a phased implementation period, spreading from 2016 to 2018, with the following effective dates:
- Phase 1—September 23, 2016: ACH credits became eligible to be processed during two new Same-Day ACH windows with submission deadlines at 10:30 a.m. ET and 2:45 p.m. ET, with settlement occurring at 1:00 p.m. ET and 5:00 p.m. ET, respectively. RDFIs are required to provide funds availability by the end of the RDFI's processing day. Applicable to ACH credits only and non-monetary Entries, with funds availability due at the end of the RDFI's processing day.
- Phase 2—September 15, 2017: ACH debits will become eligible for same-day processing during the two new Same-Day windows.
- Phase 3—March 16, 2018: RDFIs will be required to provide funds availability for same day credits no later than 5:00 p.m. at the RDFI's local time.
The existing next-day ACH settlement window of 8:30 a.m. ET will not change. With the addition of the new Same-Day ACH processing windows, the ACH Network will provide three opportunities for ACH settlement each day.
Payment Eligibility
Virtually all types of ACH payments will be eligible for same-day processing by the end of the implementation period. The only ACH transactions ineligible for same-day processing will be IAT transactions and individual transactions over $25,000. In addition to credits and debits, the ACH Network supports a number of transaction types that do not transfer a dollar value. Non-monetary transactions include Prenotifications; Notifications of Change (NOCs); Zero Dollar Entries that convey remittance information using CCDs and CTXs; and Death Notification Entries. With the exception of Prenotifications for future debit Entries, these non-monetary transactions are eligible for same-day processing from the outset. Automated Enrollment Entries (ENRs) do not use Effective Entry Dates. Since there will not be a way to distinguish same day ENR Entries from next-day Entries, ENRs will not be processed as same day transactions.
Identification of Same-Day Transactions via the Effective Entry Date
Same-Day ACH transactions are identified by the ODFI and its Originator by using the current day's date in the Effective Entry Date field of the Company/Batch Header Record. (Note: The NACHA Operating Rules define the Effective Entry Date as “the date specified by the Originator on which it intends a batch of Entries to be settled.”) In addition, transactions intended for same-day processing that carry a current day Effective Entry Date must meet an ACH Operator's submission deadline for same-day processing. For example, transactions originated on Tuesday, October 10, 2017 that are intended for same-day processing must have an Effective Entry Date of “171010” in the Company/Batch Header Record and be submitted to an ACH Operator no later than the 2:45 p.m. ET deadline to ensure same-day settlement. Any Entry carrying the current day's date in the Effective Entry Date field that is submitted prior to an ACH Operator's same-day processing submission deadline will be handled as a Same-Day ACH transaction and assessed the Same-Day Entry fee.
Stale or Invalid Effective Entry Dates
ACH transactions submitted to an ACH Operator with stale or invalid Effective Entry Dates will be settled at the earliest opportunity, which could be the same day. If the transactions are submitted prior to the close of the second same-day processing window at 2:45 p.m. ET, the Entries will be settled the same day and the Same-Day Entry fee will apply. If the transactions are submitted to the ACH Operator after 2:45 p.m. ET, the Entries will be settled the next day and the Same-Day Entry fee will not apply.
Return Entry Processing
The amendment allows same-day processing of return Entries at the discretion of the RDFI, whether or not the forward Entry was a Same-Day ACH transaction. Any return Entry is eligible for settlement on a same-day basis; the $25,000 per transaction limit and IAT restriction will not apply. Because returns are initiated and flow from RDFI to ODFI, return Entries processed on a same-day basis will not be subject to the Same-Day Entry fee.
RDFIs are not required to process returns on the same day that the forward Entry is received. The return Entry must be processed in such time that it is made available to the ODFI no later than the opening of business on the second banking day following the Settlement Date of the original Entry. RDFIs have the option of using any of the available settlement windows for returns, as long as the existing return time frame is met.
Same-Day Entry Fee
In order to ensure universal reach to any account at any RDFI, all RDFIs must implement Same-Day ACH. To assist RDFIs in recovering costs associated with enabling same-day transactions, the amendment includes a fee paid from the ODFI to the RDFI for each Same-Day ACH Entry. The fee provides a mechanism to help RDFIs mitigate investment and operating expenses and provide a fair return on their required investments. The initial Same-Day Entry fee is set at 5.2 cents per Same Day Entry. The fee is assessed and collected by the ACH Operators through their established monthly billing. The amendment includes a methodology to measure the effectiveness of the Same-Day Entry fee at five, eight and ten full years after implementation. After each review, the Same-Day Entry fee could be maintained or lowered, but not increased.
We are accepting the Same-Day amendment but with delayed implementation of NACHA's Phase 1 implementation date until September 15, 2017. Fiscal Service plans to enable agencies to originate Same-Day Entries in appropriate situations and is working with agencies to develop and publish guidance outlining the criteria and procedures to be used for originating Same-Day Entries. Fiscal Service believes that Same-Day credit Entries may be useful to agencies that need to make certain emergency or time-sensitive payments, including payments not exceeding $25,000 that are currently made by Fedwire. We believe that the majority of ACH credit Entries originated by the government are not suitable for same-day processing in light of the fee payable for Same-Day Entries, and therefore we anticipate that the government's origination of Same-Day Entries will be limited. We plan to publish guidance for agencies that will set forth both the criteria and the procedure for certifying a Same-Day ACH transaction. That guidance will indicate whether agencies should indicate their intent for same-day processing and settlement solely by utilizing the Effective Entry Date, or may also utilize the optional standardized content in the Company Descriptive Date field as a same-day transaction indicator.
The delayed implementation date reflects coding and reporting changes and testing that are underway to enable the processing of incoming Same-Day credit Entries by Fiscal Service's ACH credit processing systems. The U.S. government will not originate Same-Day entries prior to September 15, 2017 and any ACH Entry received by the government prior to that date will not be eligible for same-day settlement and will continue to settle on a future date (typically the next banking day) regardless of submission date and time. We are not delaying the government's implementation of the NACHA Same-Day ACH amendment's Phase 2 or Phase 3 implementation dates.
The 2016 NACHA Operating Rules incorporate in the rule text only those provisions of the Same-Day ACH amendment that have effective dates in 2016. However, in order to provide advance notice of the impact of the Phase 2 and 3 implementations, the 2016 Rules Book sets forth the sections of the NACHA Operating Rules affected by the Same-Day ACH amendment as they will read upon implementation in 2017 and 2018.
We are incorporating in part 210 the future changes relating to the Same-Day ACH amendment's Phase 2 and 3 implementation provisions scheduled for 2017 and 2018 as they appear in the 2016 NACHA Operating Rules & Guidelines book.
2. Disclosure Requirements for POS Entries
This amendment established an Originator/Third-Party Service Provider obligation to provide consumer Receivers with certain disclosures when providing those consumers with cards used to initiate ACH Point of Sale (POS) Entries. The amendment requires Originators or Third-Party Service Providers that issue ACH cards (or their virtual, non-card equivalent, collectively referred to as “ACH Cards”) to make the following disclosures in written or electronic, retainable form to a consumer prior to activation:
- The ACH Card is not issued by the consumer's Depository Financial Institution.
- POS Entries made with the ACH Card that exceed the balance in the consumer's financial institution account may result in overdrafts and associated fees, regardless of whether the consumer has opted to allow overdrafts with respect to debit cards issued by the Depository Financial Institution that holds the consumer's account.
- Benefits and protections for transactions made using the ACH Card may vary from those available through debit cards issued by the consumer's Depository Financial Institution.
The amendment included sample language for Originators or Third-Party Service Providers to consider in designing an ACH Card disclosure for purposes of compliance with the NACHA Operating Rules. This amendment will not affect Agencies because they do not issue ACH Cards.
We are accepting this amendment.
3. Recrediting Receiver—Removal of Fifteen Calendar Day Notification Time Frame
This amendment removed the fifteen calendar day notification period associated with an RDFI's obligation to promptly recredit a consumer account for an unauthorized debit Entry, and aligned the RDFI's recredit obligation with its ability to transmit an Extended Return Entry. Because of the extended return window for unauthorized consumer debits under the NACHA Operating Rules, prior to the amendment many RDFIs found the reference to the fifteen calendar day timing to be a source of confusion and misunderstanding. The amendment revised the NACHA Operating Rules to align the provision for prompt recredit with the RDFI's receipt of a Written Statement of Unauthorized Debit from the consumer and the RDFI's ability to transmit an Extended Return Entry (i.e., transmitted to the ACH Operator so that the Extended Return Entry is made available to the ODFI no later than opening of business on the banking day following the sixtieth calendar day following the settlement date of the original Entry). This change applies to unauthorized/improper entries bearing Standard Entry Class Codes (SECs) that are classified as consumer entries, as well as those that can be both consumer and non-consumer entries (ARC, BOC, POP, and IAT debit entries).
We are accepting this amendment.
4. Clarification of RDFI Warranties for Notifications of Change
This amendment modified the NACHA Operating Rules with respect to Notifications of Change (NOCs) to clarify aspects of: (1) The RDFI's warranties made with respect to its transmission of a Notification of Change or Corrected Notification of Change; and (2) the ODFI's warranties made with respect to usage of the corrected data within subsequent transactions. Specifically, the amendment clarified that the RDFI's warranty for information contained in a Notification of Change or Corrected Notification of Change is applicable only to the corrected information supplied by the RDFI.
This modification removed from the RDFI's warranty on NOCs the specific statement that the Receiver has authorized the change identified in the NOC, if the Receiver's authorization is required. This subsection has been misinterpreted to mean that it supersedes the ODFI's warranty that a subsequent Entry is properly authorized by the Receiver. The RDFI does not warrant that the Entry itself has been properly authorized by the Receiver, but only that the data supplied in the Corrected Data field is accurate. The warranty that any Entry (including a subsequent Entry that uses corrected data from an NOC) is properly authorized still lies with the ODFI per Article Two, Subsection 2.4.1.1 (The Entry is Authorized by the Originator and Receiver).
We are accepting this amendment.
5. Minor Rules Topics
These amendments changed four areas of the NACHA Operating Rules to address minor topics. Minor changes to the NACHA Operating Rules have little-to-no impact on ACH participants and no significant economic impact.
i. Clarification of ODFI Periodic Statement Requirements for CIE and WEB Credits
This amendment made minor, editorial clarifications to the language within Article Two, Subsections 2.5.4.2 (ODFI to Satisfy Periodic Statement Requirement) and 2.5.17.6 (ODFI to Satisfy Periodic Statement Requirement for Credit WEB Entries) to clarify the intent of language governing an ODFI's periodic statement obligations with respect to the origination of CIE and credit WEB Entries by consumers.
Periodic statement requirements typically are an obligation of the RDFI for the receipt of Entries to a consumer account. For CIE and WEB credits, however, the Originator of the ACH credit also is a consumer, thus putting periodic statement requirements on the ODFI as well for these entries. These clarifications do not affect the substance of the ODFI's obligation to identify on the consumer Originator's periodic statement the date, amount, and description of a transaction involving the consumer's account; rather, they simply recognize that the debiting of the consumer's account to provide funds for the CIE or WEB credit could be accomplished by something other than an ACH debit.
We are accepting this amendment.
ii. Clarifying the Commercially Reasonable Encryption Standard
The NACHA Operating Rules require ACH participants to utilize a commercially reasonable standard of encryption technology when transmitting any banking information related to an Entry via an Unsecured Electronic Network. This amendment removed the reference to 128-bit encryption technology as the minimum acceptable commercially reasonable standard, but retained the general reference to using a commercially reasonable level of encryption. The amendment also clarified that a commercially reasonable level of security must comply with current, applicable regulatory guidelines, which already impose more rigorous encryption obligations.
Prior to the amendment the NACHA Operating Rules established a minimum for this commercially reasonable encryption standard at the 128-bit RC4 encryption technology level. A task force of NACHA's former Internet Council, comprised of technology expert members, recommended that the specific reference to 128-bit RC4 encryption be removed, on the grounds that it is now out of date as a commercially reasonable standard.
We are accepting this amendment.
iii. Definition of Zero-Dollar Entry
This amendment reintroduced the definition of a Zero-Dollar Entry within Article Eight (Definitions of Terms Used in These Rules) to correspond to unique technical references in the Appendices of the NACHA Operating Rules. Zero Dollar Entries are unique in that, although their dollar amount is zero, they bear remittance data that must be provided to the Receiver in an identical manner as “live” entries that transfer funds. The definition was removed in 2010 when the definition of a “Non-Monetary Entry” was introduced into the NACHA Operating Rules.
We are accepting this amendment.
iv. Expansion of Permissible Criteria for ODFI Requests for Return
In addition to being able to request the return of an Erroneous Entry, as permitted by the NACHA Operating Rules, this amendment revised the NACHA Operating Rules to permit an ODFI to request that an RDFI return any Entry that the ODFI claims was originated without the authorization of the Originator. This amendment also expanded the description of Return Reason Code R06 (Returned per ODFI's Request) to include Entries returned by the RDFI for this reason. This newly permissible circumstance reflects actual current industry practice with regard to the recovery of funds related to unauthorized credit origination.
Use of the ODFI Request for Return process is always optional on the part of both ODFIs and RDFIs. An RDFI will continue to be able to make its own business decision about whether to agree to return an Entry that the ODFI claims was originated without the authorization of the Originator. An RDFI responding to a request for the return of such an Entry will be indemnified under the NACHA Operating Rules against loss or liability by the ODFI.
We are accepting this amendment.
D. Notification of Reversals
NACHA Operating Rule 2.9.1 requires that the Originator of a Reversing Entry make a reasonable attempt to notify the Receiver of the Reversing Entry and the reason for the Reversing Entry no later than the settlement date of the Entry. For the reasons discussed in Section I above, we are accepting this amendment.
E. Prepaid Cards
In 2010, Fiscal Service amended part 210 to establish requirements that prepaid accounts receiving Federal payments must meet. 75 FR 80335. To be eligible to receive Federal payments, a card accessing a prepaid account must meet four conditions: (1) The card account must be held at an insured financial institution; (2) the account be set up to meet the requirements for pass through deposit or share insurance under 12 CFR part 330 or 12 CFR part 745; (3) the account may not be attached to a line of credit or loan agreement under which repayment from the card account is triggered by delivery of the Federal payment; and (4) the issuer of the card must comply with all of the requirements, and provide the Federal payment recipient with the same consumer protections, that apply to a payroll card under regulations implementing the Electronic Fund Transfer Act, 15 U.S.C. 1693a(1). See 31 CFR 210.5(b)(5)(i).
We required that issuers of prepaid cards provide Regulation E payroll card protections because when our prepaid rule was issued in 2010, Regulation E did not cover any prepaid cards other than payroll cards. However, on November 22, 2016, the Consumer Financial Protection Bureau (CFPB) published its final rule to amend Regulation E to cover prepaid accounts. 81 FR 83934. We are therefore amending our prepaid rule to replace the reference in § 210.5(b)(5)(i)(D) to “payroll card” with a reference to “prepaid account” so that issuers of prepaid accounts are required to provide the holder of an account with all of the consumer protections that apply to a prepaid account under the rules implementing the Electronic Fund Transfer Act. We are also conforming the references to use the CFPB's terminology of “prepaid account” rather than “prepaid card.” These changes are effective on April 1, 2018, the effective date of the CFPB's final rule.
III. Section-by-Section Analysis
In order to incorporate in part 210 the NACHA Operating Rule changes that we are accepting, we are replacing references to the 2013 NACHA Operating Rules & Guidelines book with references to the 2016 NACHA Operating Rules & Guidelines book. Several of the NACHA Operating Rule amendments that we are not incorporating are modifications to provisions of the NACHA Operating Rules that are already excluded under part 210. Other than replacing the references to the 2013 NACHA Operating Rules & Guidelines book, no change to part 210 is necessary to exclude those amendments.
§ 210.2
We are amending the definition of “applicable ACH Rules” at § 210.2(d) to reference the rules published in NACHA's 2016 Rules & Guidelines book rather than the rules published in NACHA's 2013 Rules & Guidelines book. The definition has been updated to reflect the reorganization and renumbering of the NACHA Operating Rules. The reference in § 210.2(d)(5) to Section 2.17 has been revised to read Section 2.17.2.2-2.17.2.6 in order to carve out the return rate level reporting obligation. The reference in § 210.2(d)(6) to the NACHA Operating Rule governing International ACH Transactions section has been updated by replacing an obsolete reference to ACH Rule 2.11 with the correct reference to Section 2.5.8. A new paragraph (7) is added to exclude from part 210, until September 15, 2017, the provisions of Subsection 3.3.1.1, Section 8.99 and Appendix Three (definition of Effective Entry Date) relating to Same-Day Entries.
§ 210.3(b)
We are amending § 210.3(b) by replacing the references to the ACH Rules as published in the 2013 Rules & Guidelines book with references to the ACH Rules as published in the 2016 NACHA Operating Rules & Guidelines book. We are revising § 210.3(b) by consolidating former paragraphs (b)(1) and (b)(2) into a single paragraph. Previously, paragraph (b)(2) stated that any amendment to the applicable ACH Rules approved by NACHA after publication of the edition of the NACHA Operating Rules & Guidelines that are incorporated by reference do not apply to Government entries unless Fiscal Service expressly accepts the amendments by publishing notice of acceptance of the amendment in the Federal Register. We have replaced paragraph (b)(2) with a sentence that states that, to enforce an edition other than that specified in § 210.3(b), Fiscal Service must publish a document in the Federal Register and the material must be available to the public. The replacement wording is the standard sentence recommended by the Federal Register, and is not substantively different from the former paragraph (b)(2).
§ 210.5
We are amending § 210.5(b)(5)(i)(D) to replace the references to “payroll card” with references to “prepaid account” in order to require issuers of prepaid accounts to which Federal payments are delivered to provide account holders with all of the consumer protections that will apply to a prepaid account under the rules adopted by the CFPB to implement the Electronic Fund Transfer Act and the Truth in Lending Act. These changes are effective on April 1, 2018, the effective date of the CFPB's final rule.
§ 210.6
In § 210.6 we are replacing the reference to ACH Rule 2.4.4 with a reference to ACH Rule 2.4.5 to reflect the re-numbering of ACH Rule 2.4.4. This change is not substantive.
§ 210.8
In § 210.8(b) we are replacing the reference to ACH Rule 2.4.4 with a reference to ACH Rule 2.4.5 to reflect the re-numbering of ACH Rule 2.4.4. This change is not substantive.
IV. Incorporation by Reference
In this rule, Fiscal Service is incorporating by reference the 2016 NACHA Operating Rules & Guidelines book. The Office of Federal Register (OFR) regulations require that agencies discuss in the preamble of a final rule ways that the materials the agency proposes to incorporate by reference are reasonably available to interested parties or how it worked to make those materials reasonably available to interested parties. In addition, the preamble of the rule must summarize the material. 1 CFR 51.5(a). In accordance with OFR's requirements, the discussion in the Supplementary Information section summarizes the 2016 NACHA Operating Rules. Financial institutions utilizing the ACH Network are bound by the NACHA Operating Rules and have access to the NACHA Operating Rules in the course of their everyday business. The NACHA Operating Rules are available as a bound book or in online form from NACHA—The Electronic Payments Association, 2550 Wasser Terrace, Suite 400, Herndon, Virginia 20171, tel. 703-561-1100, info@nacha.org.
V. Procedural Analysis
Regulatory Planning and Review
The rule does not meet the criteria for a “significant regulatory action” as defined in Executive Order 12866. Therefore, the regulatory review procedures contained therein do not apply.
Congressional Review Act (CRA)
This rule is not a major rule pursuant to the CRA, 5 U.S.C. 801 et seq. It is not expected to lead to any of the results listed in 5 U.S.C. 804(2). This rule will take effect upon publication in the Federal Register. The amendment to § 210.5 is applicable on April 1, 2018.
Administrative Procedure Act
Except for the amendments to § 210.5, this final rule is effective on September 11, 2017. Under the Administrative Procedure Act, a final rule may be published less than 30 days before its effective date “for good cause found and published with the rule.” 5 U.S.C. 553(d)(3). The purpose of a delayed effective date is to permit regulated entities to adjust their behavior before the final rule takes effect. As discussed above, this rule adopts, with some exceptions, the NACHA Operating Rules developed by NACHA—The Electronic Payments Association (NACHA) as the rules governing the use of the ACH Network by Federal agencies. The affected industry is already prepared for Federal agencies to implement this rule. Therefore, the Department of the Treasury finds good cause to dispense with a delayed effective date.
Regulatory Flexibility Act Analysis
It is hereby certified that the rule will not have a significant economic impact on a substantial number of small entities. The rule imposes on the Federal government a number of changes that NACHA—The Electronic Payments Association, has already adopted and imposed on private sector entities that utilize the ACH Network. The rule does not impose any additional burdens, costs or impacts on any private sector entities, including any small entities. Accordingly, a regulatory flexibility analysis under the Regulatory Flexibility Act (5 U.S.C. 601 et seq. ) is not required.
Unfunded Mandates Act of 1995
Section 202 of the Unfunded Mandates Reform Act of 1995, 2 U.S.C. 1532 (Unfunded Mandates Act), requires that the agency prepare a budgetary impact statement before promulgating any rule likely to result in a Federal mandate that may result in the expenditure by State, local, and tribal governments, in the aggregate, or by the private sector, of $100 million or more in any one year. If a budgetary impact statement is required, section 205 of the Unfunded Mandates Act also requires the agency to identify and consider a reasonable number of regulatory alternatives before promulgating the rule. We have determined that the rule will not result in expenditures by State, local, and tribal governments, in the aggregate, or by the private sector, of $100 million or more in any one year. Accordingly, we have not prepared a budgetary impact statement or specifically addressed any regulatory alternatives.
List of Subjects in 31 CFR Part 210
- Automated clearing house
- Electronic funds transfer
- Financial institutions
- Fraud
- Incorporation by reference
Words of Issuance
For the reasons set out in the preamble, 31 CFR part 210 is amended as follows:
PART 210—FEDERAL GOVERNMENT PARTICIPATION IN THE AUTOMATED CLEARING HOUSE
1. The authority citation for part 210 continues to read as follows:
Authority: 5 U.S.C. 5525; 12 U.S.C. 391; 31 U.S.C. 321, 3301, 3302, 3321, 3332, 3335, and 3720.
2. Section 210.2 is amended by revising paragraph (d) to read as follows:
(d) Applicable ACH Rules means the ACH Rules with an effective date on or before March 16, 2018, as published in “2016 NACHA Operating Rules & Guidelines: A Complete Guide to Rules Governing the ACH Network” (incorporated by reference, see § 210.3(b)) except:
(1) Subsections 1.2.2, 1.2.3, 1.2.4, 1.2.5 and 1.2.6; Appendix Seven; Appendix Eight; Appendix Nine and Appendix Ten (governing the enforcement of the ACH Rules, including self-audit requirements, and claims for compensation);
(2) Section 2.10 and Section 3.6 (governing the reclamation of benefit payments);
(3) The requirement in Appendix Three that the Effective Entry Date of a credit entry be no more than two Banking Days following the date of processing by the Originating ACH Operator (see definition of “Effective Entry Date” in Appendix Three);
(4) Section 2.2 (setting forth ODFI obligations to enter into agreements with, and perform risk management relating to, Originators and Third-Party Senders) and Section 1.6 (Security Requirements);
(5) Section 2.17.2.2-2.17.2.6 (requiring reduction of high rates of entries returned as unauthorized);
(6) The requirements of Section 2.5.8 (International ACH Transactions) shall not apply to entries representing the payment of a Federal tax obligation by a taxpayer; and
(7) Until September 15, 2017, the provisions of Subsection 3.3.1.1, Section 8.99 and Appendix Three (definition of Effective Entry Date) relating to Same-Day Entries.
3. Section 210.3 is amended by revising paragraph (b) to read as follows:
(b) Incorporation by reference. Certain material is incorporated by reference into this part with the approval of the Director of the Federal Register under 5 U.S.C. 552(a) and 1 CFR part 51. To enforce any edition other than that specified in this section the Service must publish a document in the Federal Register and the material must be available to the public. All approved material is available for inspection at the Bureau of the Fiscal Service, 401 14th Street SW., Room 400A, Washington, DC 20227, 202-874-6680, and is available from the sources listed below. It is also available for inspection at the National Archives and Records Administration (NARA). For information on the availability of this material at NARA, call 202-741-6030 or go to https://www.archives.gov/federal-register/cfr/ibr-locations.html.
(1) NACHA—The Electronic Payments Association, 2550 Wasser Terrace, Suite 400, Herndon, Virginia 20171, tel. 703-561-1100, info@nacha.org.
(i) “2016 NACHA Operating Rules & Guidelines: A Complete Guide to Rules Governing the ACH Network,” copyright 2016.
(ii) [Reserved]
(2) [Reserved]
4. Section 210.5 is amended by revising paragraph (b)(5) to read as follows:
(b) * * *
(5)(i) Where a Federal payment is to be deposited to a prepaid account that meets the following requirements:
(A) The account is held at an insured financial institution;
(B) The account is set up to meet the requirements for pass-through deposit or share insurance such that the funds accessible through the card are insured for the benefit of the recipient by the Federal Deposit Insurance Corporation or the National Credit Union Share Insurance Fund in accordance with applicable law (12 CFR part 330 or 12 CFR part 745);
(C) The account is not attached to a line of credit or loan agreement under which repayment from the account is triggered upon delivery of the Federal payments; and
(D) The issuer of the account complies with all of the requirements, and provides the holder of the account with all of the consumer protections, that apply to a prepaid account under the rules implementing the Electronic Fund Transfer Act and the Truth in Lending Act.
(ii) No person or entity may issue a prepaid account that receives Federal payments in violation of this paragraph (b)(5), and no financial institution may maintain a prepaid account that receives Federal payments if the issuer violates this paragraph (b)(5).
(iii) For the purposes of this paragraph (b)(5), the term—
(A) “Prepaid account” means a prepaid account as defined for purposes of regulations implementing the Electronic Fund Transfer Act, as amended; and
(B) “Issuer” means a person or entity that issues a prepaid account.
5. Section 210.6 is revised to read as follows:
Notwithstanding any provision of the ACH Rules, including Subsections 2.4.5, 2.8.4, 4.3.5, 2.9.2, 3.2.2, and 3.13.3, agencies shall be subject to the obligations and liabilities set forth in this section in connection with Government entries.
(a) Receiving entries. An agency may receive ACH debit or credit entries only with the prior written authorization of the Service.
(b) Liability to a recipient. An agency will be liable to the recipient for any loss sustained by the recipient as a result of the agency's failure to originate a credit or debit entry in accordance with this part. The agency's liability shall be limited to the amount of the entry(ies).
(c) Liability to an originator. An agency will be liable to an Originator or an ODFI for any loss sustained by the originator or ODFI as a result of the agency's failure to credit an ACH entry to the agency's account in accordance with this part. The agency's liability shall be limited to the amount of the entry(ies).
(d) Liability to an RDFI or ACH association. Except as otherwise provided in this part, an agency will be liable to an RDFI for losses sustained in processing duplicate or erroneous credit and debit entries originated by the agency. An agency's liability shall be limited to the amount of the entry(ies), and shall be reduced by the amount of the loss resulting from the failure of the RDFI to exercise due diligence and follow standard commercial practices in processing the entry(ies). This section does not apply to credits received by an RDFI after the death or legal incapacity of a recipient of benefit payments or the death of a beneficiary as governed by subpart B of this part. An agency shall not be liable to any ACH association.
(e) Acquittance of the agency. The final crediting of the amount of an entry to a recipient's account shall constitute full acquittance of the Federal Government.
(f) Reversals. An agency may reverse any duplicate or erroneous entry, and the Federal Government may reverse any duplicate or erroneous file. In initiating a reversal, an agency shall certify to the Service that the reversal complies with applicable law related to the recovery of the underlying payment. An agency that reverses an entry shall indemnify the RDFI as provided in the applicable ACH Rules, but the agency's liability shall be limited to the amount of the entry. If the Federal Government reverses a file, the Federal Government shall indemnify the RDFI as provided in the applicable ACH Rules, but the extent of such liability shall be limited to the amount of the entries comprising the duplicate or erroneous file. Reversals under this section shall comply with the time limitations set forth in the applicable ACH Rules.
(g) Point-of-purchase debit entries. An agency may originate a Point-of-Purchase (POP) entry using a check drawn on a consumer or business account and presented at a point-of-purchase. The requirements of the 2016 NACHA Operating Rules & Guidelines, incorporated by reference, see § 210.3(b)(2), shall be met for such an entry if the Receiver presents the check at a location where the agency has posted the notice required by the ACH Rules and has provided the Receiver with a copy of the notice.
(h) Return Fee Entry. An agency that has authority to collect returned item service fees may do so by originating a Return Fee Entry if the agency provides notice to the Receiver in accordance with the ACH Rules.
6. Section 210.8 is amended by revising paragraphs (a) and (b) to read as follows:
(a) Status as a Treasury depositary. The origination or receipt of an entry subject to this part does not render a financial institution a Treasury depositary. A financial institution shall not advertise itself as a Treasury depositary on such basis.
(b) Liability. Notwithstanding ACH Rules Subsections 2.4.5, 2.8.4, 4.3.5, 2.9.2, 3.2.2, and 3.13.3, if the Federal Government sustains a loss as a result of a financial institution's failure to handle an entry in accordance with this part, the financial institution shall be liable to the Federal Government for the loss, up to the amount of the entry, except as otherwise provided in this section. A financial institution shall not be liable to any third party for any loss or damage resulting directly or indirectly from an agency's error or omission in originating an entry. Nothing in this section shall affect any obligation or liability of a financial institution under Regulation E, 12 CFR part 1005, or the Electronic Funds Transfer Act, 12 U.S.C. 1693 et seq.
Dated: September 5, 2017.
David Lebryk,
Fiscal Assistant Secretary.
[FR Doc. 2017-19135 Filed 9-7-17; 4:15 pm]
BILLING CODE P