NACHA Rules Changes

March – Same Day ACH per Transaction Increases to $100,000

Effective on March 20, 2020, the per-transaction dollar limit for Same Day ACH transactions will increase from $25,000 to $100,000. Both Same Day ACH credits and Same Day ACH debits will be eligible for same day processing up to $100,000 per transaction.

April – New R11 Will Differentiate Unauthorized Return Reasons

Effective on April 1, 2020, the Rule to better differentiate unauthorized return reasons goes into effect. Up until this time, return reason R10 with the description of “Unauthorized” has been a catch-all for various types of ACH debit returns including those when the originator has made an error. R11, a re-purposed reason will going forward have the description of “Customer Advises Entry Not In Accordance with the Terms of the Authorization”. R11 will be used to return an ACH entry when a receiving financial institution receives a claim from their account holder that the ACH entry has an error such as the wrong date or the incorrect amount. R11 will have the same 60-day extended return time frame and requirement for a Written Statement as with R10 and the sender of the ACH debit will not be required to obtain a new authorization if the error is corrected. R11 returns will be covered by the Unauthorized Entry Return Rate reporting requirement as with R10 returns. The Unauthorized Entry Fee for R11 returns will take effect on April 1, 2021.

June – Supplementing Data Security Requirements for Large Originators, Third-Party Service Providers (TPSPs) and Third-Party Senders (TPSs)

• The Supplementing Data Security Requirements originally scheduled for a June 2020 implementation has been moved to a June 2021 implementation. View details below. 

March - Supplementing Fraud Detection Standards for WEB Debits

Effective on March 19, 2021, the rule change is intended to enhance quality and improve risk management within the ACH Network by supplementing the fraud detection standard for Internet-initiated (WEB) debits. ACH originators of WEB debit entries have always been required to use a “commercially reasonable fraudulent transaction detection system” to screen WEB debits for fraud. The existing screening requirement is supplemented by this change to make it explicit that “account validation” is part of a “commercially reasonable fraudulent detection system”. The supplement requirement would apply to the first use of an account number or changes to the existing account. 

March – Expanding Same Day ACH to Later Deadline

The effective date of a new, third Same Day ACH processing window is March 19, 2021. RDFIs must make funds available for SDA credits in this new SDA processing window no later than the end of its processing day.

June – Supplementing Data Security Requirements for Large Originators, Third-Party Service Providers (TPSPs) and Third-Party Senders (TPSs)

Effective on June 30, 2021, this change to the Rules is intended to enhance quality and improve risk management within the ACH Network by supplementing the existing account information security requirements for large-volume Originators and Third-Parties. Participants are required to protect deposit account information collected for or used in creating ACH transactions by rendering it unreadable when it is stored electronically. 

This change will be implemented in two phases:

• The rule initially applies to ACH originators, TPSPs and TPSs with ACH volume of 6 million transactions or greater annually. An ACH originator, TPSP or TPS that originated 6 million or more ACH transactions in calendar year 2019 would need to be compliant by June 30, 2021.
• The second phase would apply to ACH originators, TPSPs and TPSs with ACH volume of 2 million transactions or greater annually in the 2020 calendar year and compliance is required by June 30, 2022.