Landing page banner US
Cost-effective Touchless Invoice ProcessingCost-effective Touchless Invoice Processing
Automated data capture,
coding, and approval routing
Automated data capture,
coding, and approval routing
Plug-and-play integrations
with accounting systems
Plug-and-play integrations
with accounting systems
One-click global
supplier payments
One-click global supplier
payments

ACH Fraud Prevention: What You Need to Know

Updated on: Sep 18th, 2023

|

9 min read

social iconssocial iconssocial iconssocial icons
ACH Fraud

The ACH network processed 30 billion transactions of $77 trillion in 2023. With the growing adoption of ACH transfers, especially for B2B payments, businesses must be aware of fraudsters attempting to exploit the network. ACH frauds are a rampant problem in today’s financial landscape. 

To help your business prevent such frauds, we’ll help you understand how the ACH network works, how fraudulent transactions occur, and how to combat them. 

What are ACH transfers, and how do they work?

ACH transfers are bank-to-bank electronic transfers through the Automated Clearing House (ACH) network. Governed by the National Automated Clearing House Association (NACHA), ACH transfers are processed in batches, wherein banks send payments and withdrawals to the central clearing house and are finally transferred to the recipient bank only after authorization. 

The ACH network supports two types of transactions: direct deposit and direct payment. The payer initiates direct deposits to a receiving bank, whereas the recipient initiates direct costs to request funds. 

What is ACH fraud?

ACH transfers only require a bank account number and a routing number. This makes the ACH network vulnerable, as anyone can initiate fraudulent transactions if they can get this information. When frauds are committed by intercepting ACH transactions, they are known as ACH frauds. 

Examples of ACH fraud

The most common and typical examples of ACH fraud are as follows - 

  • Phishing scam: Fraudsters send emails to individuals and businesses to gain access to banking information for initiating or diverting transactions for their personal gain. This access is gained by infecting systems with malware and recording the individual’s keystrokes. 
  • Data breach: In the event of any data breach, where credentials for many individuals are compromised, fraudsters can access a bank account and submit unauthorized ACH transactions. 
  • Debit card frauds: In case of any delay in reporting the loss or theft of a debit card, this window may be utilized by fraudsters to make unauthorized transactions. 

Liability of an ACH fraud

National Automated Clearing House Association (NACHA) holds the merchants and financial institutions processing transactions liable for unauthorized transactions. 

If an unauthorized transaction is received, the financial institution may face liability or legal action if they allow the individual customer to utilize funds before they are cleared. If the financial institution originates an unauthorized transaction, it must return funds to the sender if a challenge against the transaction is received within a 60-day window. 

Business impact of ACH fraud

The absence of an effective ACH fraud prevention system impacts a business in a large number of ways:

  • Unauthorized ACH transactions result in financial loss and negatively impact the company’s bottom line.
  • Considerable employee bandwidth is spent to recover funds that may be lost due to fraudulent transactions.
  • ACH frauds and unauthorized transactions can damage the reputation of a business and lead to challenges in doing business

How to prevent ACH fraud

  • Multi-factor authentication (MFA): Set up multi-layer, multi-factor authentication for your bank accounts to prevent fraudsters from gaining access in case of any data breach or leak of banking credentials.
  • One-time password (OTP) for payment authorization Authorize payment transactions with OTPs so that the identity of the payer is confirmed before transactions are initiated.
  • ACH blocks Such blocks can be placed on bank accounts to require an individual to manually review and approve each transaction. 
  • Set up authorized user lists. If your accounting team is responsible for paying bills regularly, you would benefit from setting up an authorized user list. Only requests by these specific users, within specified dollar limits or date ranges, would be processed, and all other transactions would be rejected or put on hold. 

Use of AP automation to safeguard against fraud

Utilizing software to automate accounts payable processes helps prevent fraud. Segregation of duties, comprehensive invoice audit trails, and 3-way match of invoices against purchase orders and goods receiving notes in such software flag outliers and anomalies in spend. While it is possible to run all the above checks manually as well, the benefits of AP automation make the processes more efficient. It increases the probability of fraud being prevented and caught on time. Software like ClearTech also identifies duplicate transactions and spiked invoices before processing. 

Key takeaways

  • ACH payments, while a growing mode of B2B payments are prone to ACH fraud
  • Fraudsters may use phishing scams, data breaches, or debit card frauds to initiate transactions for their personal gain.
  • Such fraudulent transactions adversely impact a business's bottom line and vendor relationships.
  • Businesses can employ multiple methods like multi-factor authentication and OTP for payment authorization, as well as use AP automation software to prevent themselves from ACH fraud. 

FAQs

  • What is an ACH transaction?

ACH (Automated Clearing House) transactions are electronic fund transfers between banks. ACH transactions can be of two types - ACH debits, where funds are pulled out of an account, and ACH credit, where funds are pushed into an account. 

  • What are the risks with ACH transactions?

Initiation of an ACH transaction only requires a bank account and a routing number. This makes ACH prone to fraudulent transactions where criminals obtain bank credentials and initiate unauthorized transactions. However, despite this, ACH has a lower rate of fraud than credit card transactions. 

  • What is an unauthorized ACH transaction?

Unauthorized transactions are fraudulent debit or credit transfers through the ACH network. Fraudsters initiate transactions to transfer funds for personal gain, either in a lump sum or recurring payments. 

  • Can you get a refund on an ACH payment?

If an authorized ACH transaction is reported within 60 days of the settlement date, the bank must credit the individual’s account with the transaction amount. The bank can also return the transaction to the originator bank. 

  • How does AP automation help prevent ACH fraud?

AP automation software provides multiple layers of protection against fraud. Comprehensive audit trails and segregating duties ensure that the banking information of suppliers remains sacrosanct. Further, end-to-end integration and encryption of ACH instructions and banking information safeguards against human tampering. 

 

 

CONTENTS