Overview of applicable regulations
The following regulations and rules apply to ACH transactions:- ACH Rules - Primary source for Commercial ACH Network regulations
- Office of Foreign Asset Control (OFAC) - Economic sanctions and embargo programs
- Regulation E and Electronic Fund Transfer Act (EFTA) - Consumer protection for electronic transfers
- State law - Additional state-specific requirements
- Title 31 CFR Part 210 - Federal government agency ACH usage
- Uniform Commercial Code Article 4A (UCC 4A) - Corporate ACH transactions
- USA PATRIOT Act - Anti-terrorism and money laundering provisions
ACH Rules
The ACH Rules serve as the primary source for rules and regulations for the Commercial ACH Network and are contract law that is made binding by agreements. Commercial ACH entries are originated by the private sector, which includes individuals, companies and state and local governments.The ACH Rules define the obligations and liabilities of each financial institution, including a provision to perform an annual audit, and provide a mechanism for a receiving institution to return an entry to the sending institution.
Office of Foreign Assets Control (OFAC)
The U.S. Department of the Treasury, Office of Foreign Assets Control, administers economic sanctions and embargo programs that require assets and transactions involving interests of targeted countries, targeted country nationals and other specifically identified companies and individuals to be frozen.SDN List compliance
OFAC maintains a list of Specially Designated Nationals and Blocked Persons (SDN List) to assist financial institutions in identifying blocked parties.All U.S. participants in the ACH Network may be held accountable for sanction violations and must understand their compliance obligations.
Regulation E and Electronic Fund Transfer Act (EFTA)
Regulation E carries out the purpose of the EFTA, which establishes the basic rights, liabilities and responsibilities of consumers who use electronic fund transfer services. The primary objective of this act and regulation is the protection of individual consumers engaging in electronic fund transfer services.Key areas covered
Regulation E addresses the responsibilities of financial institutions regarding:- Disclosures to consumers
- Stop payment procedures
- Unauthorized debit transactions to consumer accounts
- Process for resolving errors
State Law
Some state laws may impact ACH transactions if the law is more restrictive or provides greater consumer protection than other prevailing rules or regulations.Common state requirements
- Direct Deposit mandates: Some states allow companies to mandate employees to be paid by Direct Deposit; however, most state labor codes restrict companies from offering only Direct Deposit
- Tax payments: Many states have mandated state taxes paid by businesses and corporations be initiated through the ACH
- Legal guidance: The states’ Attorneys General Offices can provide specifics on state-specific requirements
Title 31 Code of Federal Regulation Part 210 (31 CFR Part 210)
31 CFR Part 210 provides the regulatory foundation for the use of the ACH Network for federal government agencies. It defines the rights and liabilities of agencies, Federal Reserve Banks, financial institutions and the public in connection with ACH entries.The Green Book
The Green Book is the procedures manual for financial institutions processing federal government payments. Among the procedures covered by the Green Book are:- Handling of federal government reclamations
- Enrollment in federal government benefit payment programs
By accepting a federal government benefit payment, a financial institution agrees to be bound to 31 CFR Part 210, and therefore, must adhere to these procedures.
Uniform Commercial Code Article 4A (UCC 4A)
Uniform Commercial Code (UCC) is a series of state laws that govern commercial transactions. Article 4A of the UCC governs corporate ACH transactions that are referred to as “corporate wholesale credit entries.”Transaction identification
RDFIs may identify these transactions by Standard Entry Class Codes:- CCD - Corporate Credit or Debit
- CTX - Corporate Trade Exchange
Security requirements
UCC 4A also addresses the ‘commercially reasonable security procedures’ that must be in place for ACH Origination to occur.USA PATRIOT Act
The Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 establishes a wide variety of ways to combat international terrorism.Title III provisions
Title III—International Money Laundering Abatement and Anti-Terrorist Financing contains provisions relating to money laundering and terrorist access to the financial system. This section affects financial institutions with regard to information sharing and customer identification programs (CIPs).Customer Identification Program requirements
CIPs require financial institutions to complete the following prior to opening a new account:- Verify identity - Verify the identity of any person seeking to open an account
- Maintain records - Maintain records of the information used to verify identity
- Consult terrorist lists - Consult government-known or suspected terrorist lists to determine whether the customer appears on any such list
Regulatory conflicts and precedence
Rule of thumb: When conflicts are found among these various rules and regulations, the most restrictive rule or regulation applies. In other words, the one that benefits or provides the most protection to the consumer would be applied.
The future of ACH
Over the years, consumer and corporate customers have become more and more aware of the advantages of the electronic payments network. As a result, customers are more demanding and financially savvy.ACH Network capabilities
The ACH Network provides the ability to:- Directly deposit employee payroll
- Permit automated bill payment services
- Allow for purchases online
- Enable companies to perform cash concentration
- Facilitate corporate-to-corporate payments