Identifying Key Risk Indicator

Size: px
Start display at page:

Download "Identifying Key Risk Indicator"

Transcription

1 PUERTO RICO PAYMENTS SYMPOSIUM Identifying Key Risk Indicator EPOCPR Services

2 Agenda for Today Background History Regulators & Risk Management Let s have fun Regulators & Risk Assessment ACH Risks Categories So Where Do We Start? Risk Assessment Tools ACH EPOCPR Services 2

3 ACH Historical Background NewpaymentneedssuchasWEBandTELandsame day ACH is closer than ever. ACH transactions have experienced exponential growth. As the awareness of risk management has grown, Regulators and NACHA have published Federal Regulator Letters, Guidance and Rules and Regulations. Is the FI s responsibility to be familiar and comply with the Federal Regulator s Letters, Guidance and Rules and Regulations and follow their recommendations as it may apply to the FI role (ODFI or RDFI) in the ACH operations. EPOCPR Services 3

4 Regulators & Risk Management Banks that participate in the ACH network, as well as their service providers, should have in place systems and controls to mitigate the risks associated with ACH activities. A strong risk management program begins with clearly defined objectives, a welldeveloped business strategy, and clear risk parameters (OCC bulletin ) Risk management is the process of identifying, measuring, monitoring, and managing risk. Risk exists whether the institution maintains information and technology services internally or elects to outsource them. Regardless of which alternative they choose, management is responsible for managing risk in all outsourcing relationships. Accordingly, institutions should establish and maintain an effective risk management process for initiating and overseeing all outsourced operations. (FFIEC IT Examination Handbook) EPOCPR Services 4

5 Let s Have Fun EPOCPR Services 5

6 Let s Have Fun EPOCPR Services 6

7 Regulators & Risk Assessment The ACH Rules requires that all Participating Depository Financial Institution must: To conduct, an assessment of the risks of its ACH activities every year; Implement, a risk management program on the basis of such an assessment; and, Comply with the requirements of its regulator(s) with respect to such assessment and risk management program. (Article One, Subsection Risk Assessments) EPOCPR Services 7

8 What can a Financial Institution do to mitigate the risks associated to ACH Operations? The Regulators believe that the Financial Institutions can mitigate many of the risks associated with electronic payments origination and processing, and must: Identify and assess the nature of risks associated to the ACH operation. Establish controls for Originators, TPSP/TPS and direct access to the ACH Operator. Establish an effective Vendor Management program as required by Regulators. Use existing risk management programs as leverage rather than monitoring risk in a silo environment; Compliance, Audit and Risk resources need to be involved on the Management risk effort. The Board and Management should establish an appropriate risk tolerance, effective reporting, employee training. Reporting to the Board of Directors metrics and trends analyses on ACH volume, returns, operational losses and transactions types with explanations and variances from previous reports. Reporting to the Board metrics and trends analyses in regard to the composition of the FI s Originators and Third Party Senders portfolios. EPOCPR Services 8

9 Which Retail Payments Products Does Your Financial Institution Offer? ACH products such as BOC, RCK, POP, WEB, TEL, IAT? Does the FI offer mobile banking and mobile payments? Does the FI offer credit cards, stored value cards, or merchant card acquiring services? Does the FI offer new products or services in addition to well established products? Is the FI a first to market leader with retail payment products? Do FI personnel and expertise align with payment channels and product offerings? What is the contribution of payments products to the total revenue and net income? What is the FI reliance on this revenue? Is this revenue dependent on a small number of customers? Does the FI include the risk management cost and risk exposures in the evaluation of fee income? EPOCPR Services 9

10 ACH Risk Categories The ACH network and Regulators define the following categories of risk related to the processing of ACH Entries: Credit risk It s the risk that a party to a payment transaction will not be able to settlement the payment of the transaction. There is credit risk for both debit and credit origination. There is additional risk related to the origination of ACH debits due to the consumer s right of adjustment under the NACHA Operating Rules and Regulation E. Operational risk It s the risk that a transaction is altered or delayed due to clerical errors or hardware and/or software failures. Fraud risk It s the risk that a payment transaction is initiated or altered in an attempt to misdirect or misappropriate funds due to embezzlement by a financial institution, a company employee, an intruder who has gained unauthorized access to a system, or by a user originating unauthorized transactions. EPOCPR Services 10

11 ACH Risk Categories (Continued) Systemic Risk (Settlement/Liquidity) It s the risk posed to the reliability and soundness of the payment system as a whole. One example is the inability of one system participant to settle its commitments that causes other participants to be unable to settle their commitments. Reputational Risk The risk that arises from adverse publicity related to a negative financial event, resulting in a loss of business. Sources of reputational risk include word of mouth, media coverage and news publications. Compliance (legal/regulatory) risk It s the risk that a party to a transaction fails to comply, either knowingly or inadvertently with the NACHA Operating Rules & policies and applicable U.S. and state law and other regulations. EPOCPR Services 11

12 ACH Risk Categories (Continued) 1. Credit Risk Start with the Business Strategy and the risk appetite the FI is willing to take with regards to the ACH operation. Each Financial Institution should establish underwriting standards and approval policies for ACH origination that enable the FI to document the required information for approving a new Originator or to expand an existing customer. Risk taker vs Risk oppose. In either case, you must consider the following risk factors: Does the RDFI make available to its customers funds prior to settlement of the credit Entries? Does the ODFI initiate credit Entries prior to having funds available on the Originator s account? Does the ODFI make available to its customers funds on ACH debit files before the transaction can no longer be returned? Does the Originator have a history of excessive unauthorized Returns? Does the FI s underwriting standards define desirable, prohibited, and restricted Originators? Does the FI implement a business case prior to engaging in a high risk merchant or Third Party Sender? EPOCPR Services 12

13 ACH Risk Categories (Continued) How to mitigate Credit Risk? Perform credit and financial analysis for Originators, Third Party Vendors and Third Party Senders Ensure that Originators and TPS agreements are maintained and updated Policies and Procedures should address high risk Originators and SEC codes Establish exposure limits with exception approval requirements Make use of ACH activity monitoring and reporting Establish pre funding and reserve requirements EPOCPR Services 13

14 ACH Risk Categories (Continued) 2. Fraud Risk This is the risk associated to the attempt to misdirect or incorrect appropriation of the funds. It could be performed by a company employee, an intruder who has gained access to a system or application, or an Originator sending unauthorized transactions. For all transactions that involve the exchange of critical banking information, specific data security standards and system controls have to be in place. Effective Technology Environment Risk Management requires a direct specific approach to identify, measure, and manage the technology associated with risk. The FFIEC Examination Handbook provides guidance to assess most risks associated with technology. FIs should maintain consistent and effective controls over the technology used especially in the key control functions of Information Security and Business Continuity. EPOCPR Services 14

15 ACH Risk Categories (Continued) ACH related systems should be included in the FI s Information Security programs. An FI that provides Internet Banking Applications needs to ensure that their online ACH services comply with OCC Bulletin (Authentication over the Internet Banking), also with OCC Bulletin (frequently asked questions). This program should include: Customer Access The FI needs to ensure all Originators use dual control and privacy on the initial set up of the ACH application. Employee Access The FI should minimize and monitor the number of employees accessing their systems. Segregation of Duties ACH Staff should have limited access to the ACH transactions support functions. Data Security Sound risk related data security controls should exist across all ACH related systems, applications and processes. Policies and Procedures should address data transit and storage. Properly Authenticated source data is accepted. Purging data, encrypting, and destroying trace data are some of the key practices that the FI should employ. FI should implement the appropriate physical and logical controls, such as controls on:» Corporate account takeover» Service providers and external networks» Storage of ACH payment information EPOCPR Services 15

16 ACH Risk Categories (Continued) Business Continuity Plan FI should ensure that business continuity tested plans are consistent with the criticality and complexity of the ACH operations. ACH Activities ACH activities should be included on every FI Business Continuity Plan, and categorized within all the applications in the FI and give them the importance that they need. ACH Activities should resume their normal functionality in no less that 24hrs, in case of a disaster. EPOCPR Services 16

17 ACH Risk Categories (Continued) 3. Compliance Risk: As the awareness of risk management has grown, Regulators and NACHA have published Financial Institution Letters, Guidance, and Rules and Regulations that FIs must be in compliance with. Does the FI have an adequate BSA/AML, KYC, GLBA, and OFAC screening policies and procedures in place? Is there an effective Vendor Management Program, that includes a due diligence process for selecting third party service providers, and an oversight process for monitoring them? Does the FI request from TPSP / TPS an annual ACH Audit and / or SSAE16 as part of the VMP? Does the ACH Agreement include all required regulatory and compliance language set forth by Regulators and NACHA, including the right to audit? Are customer claims and exceptions processed in a timely manner? Is there an employee training program to ensure knowledge and readiness of the ACH staff? EPOCPR Services 17

18 ACH Risk Categories (Continued) How to Mitigate the Compliance Risk: OFAC screening policies and procedures Conduct Due Diligence for all Originators and TPS with suspicious activities Perform annual audits and ACH Risk Assessments Ensure that all Originator agreements and TPS contracts address regulatory and compliance issues and contain regulatory language Ensure proper monitoring of exceptions reports Ensure employees have proper training EPOCPR Services 18

19 ACH Risk Categories (Continued) 4. Liquidity Risk or Systemic Risk: Relates to the possibility for a transaction not to settle, causing other participants to be unable to settle their commitments. There are requirements to implement specified in the NACHA Operating Rules and under UCC Article 4A. A RDFI has the option to reverse an ACH credit payment that have been made available to its Corporate Customer (Provisional Credit). Systemic Risk is closely related to credit risk How do we mitigate this Risk? Monitor the volumes and trends for each Originator Identifying peaks in usage (examples Christmas Bonus, Dividend Payments) Use of prefunding and reserve accounts Use of the seasonal or temporary increase of limits Monitor velocity activity Federal Reserve s Payment System Risk Policy on Daylight Credit Guide includes controls that minimize the possibility of financial institutions failing due to ACH exposures Both ACH Operators have established risk management policies and procedures to almost eliminate the possibility of Systemic Risk EPOCPR Services 19

20 ACH Risk Categories (Continued) 5. Operational Risk: The FI may decide not to process ACH Entries in house but rather outsource the service with a Third Party Service Provider. An FI must be aware that it s still responsible for all Entries sent to the ACH Processor by the TPSP on behalf of the FI. Does the FI have an adequate and comprehensive Vendor Management Program? Does the FI ensure that all its employees have the proper training and expertise? Has the FI established an effective program to monitor the Service Level Agreements? Has the FI established an effective system to monitor daily and report any issue? Does the FI ensure the proper access controls, user authentication and separation of duties regarding the ACH Operation? Does the FI have adequate Contingency and Business Continuity plans in place and are these periodically tested? Does the FI perform Annual ACH Audit as NACHA requires, and also perform the Risk Assessment on an annual basis? EPOCPR Services 20

21 ACH Risk Categories (Continued) How to mitigate the Operational Risk? Proper due diligence Background checks Used of Fraud Detection Software Verification and Validation of each Transmission Follow the credit policies A deep underwriting and financial analysis Establish proper reserves for debit Originators Enforce updated agreements for all Originators and TPS Monitor activity and exceptions reports on daily basis Comply with NACHA and Operators Rules/ Regulations Defined objectives, develop business strategies Develop Policies and Procedures that define the responsibilities and internal controls Periodic reports to the Board EPOCPR Services 21

22 ACH Risks Categories (Continued) 6 Reputational and Cross Channel Risk These are called Ancillary Risks. Reputational Risk : Occurs when a customer losses the confidence in a financial institution or the Network is compromised. To Reduce the Reputational Risk : The Institution should use Know your Customer principles, including Third Parties. ODFIs should exercise due diligence to determine whether the relationship is appropriate. Some tasks to be performed: Visit the Originator s physical location Request and verify business references Perform a credit analysis Review samples of the products Review information on companies with industry resources Review Originator s sales history Review Originator s refund policies Verify customer service phone number Check history of return rates and determine remedial plans if the Originator has high return rates EPOCPR Services 22

23 ACH Risk Categories (Continued) 6 Reputational and Cross Channel Risk These are called Ancillary Risks. Cross Channel Risk occurs when fraudulent or illegal transactions move from one payment system to another. How to avoid Cross Channel Risk It is important that the ODFI understand the business activity of the Originator in order to ensure that it is using the correct payment type that serves their needs. Also is important to address the Originator that is not using the appropriately use of any payment type. EPOCPR Services 23

24 So, where do we start identifying ACH risk? 1. Originator Selection Originator selection will be influenced by the FI s underwriting guidelines for credit and/or debit origination and Risk Selection, and the Know Your Customer policy in place. Is there an adequate Know Your Customer program that is revised at least every year? Prior to signing an a Service Agreement, is a background check of the Originator required? Has the Board approved risk policy(ies) defining underwriting guidelines for credit and/or debit origination and Risk Selection? Are permissible Standard Entry Class (SEC) types listed? Has there been a background check to validate each Originator? Has there been a creditworthiness evaluation, including financial analysis? Have Authorization procedures been set up? Have exposure limits been set, with separate limits for high risk activity such as WEB and TEL? Have procedures been established for monitoring exposure limits across multiple settlement dates? Has the ODFI reviewed the Originator s sales history? EPOCPR Services 24

25 Has Originator s documentation been reviewed, such as: tax id, or social security number? Has over limit situation approvals and monitoring been set up? Does the agreement include allowing the FI to audit the Originator s procedures? Has the Originator ever been involved in questionable business practices? Does the expected volume of ACH Entries to be originated reasonably compare with the business volume activity? Does the Originator have in place sound internal controls that guarantee that only authorized personal will originate ACH Entries? EPOCPR Services 25

26 So, where do we start identifying ACH risk? 2. Knowledge and Readiness With regards to the ACH services offered by the FI, is the knowledge of Management / Board adequate and the readiness of management and employee adequate to execute the task associated to the services rendered? Is ACH staff sufficient and trained properly; any AAPs? Do they participate on ACH training at least once a year? Does the risk policy(ies) approved by the Board define the overall ACH Strategic Plan and objectives? Does the risk policy(ies) approved by the Board provide clear direction to management regarding compliance with appropriate rules and regulations? Do ACH personnel have adequate tools to process and oversee transaction volumes and dollar values? Has the FI conducted the annual ACH compliance Audit as directed by the NACHA Operating Rules? Has the ODFI conducted a Risk Assessment of its ACH Activities and implemented risk management program based on the results of such assessment? EPOCPR Services 26

27 So, where do we start identifying ACH risk? 3. NACHA RULES Rule amendment effective June 18, 2010 requires that all participating DFI s conduct a Risk Assessment of their ACH activities, and implement Risk Management Programs based on the results of such assessments. Assess the nature of the Risk Perform appropriate KYC due diligence Establish controls for Originators, Third Parties, Direct Access to ACH Operator Adequate management, information and reporting systems EPOCPR Services 27

28 Identifying Key Risk Indicators So, where do we start identifying ACH risk? 4. FFIEC IT Examination Handbook (Retail Payment System Booklet) Provides guidance to examiners, financial institutions and technology service providers (TPSPs) on identifying and controlling risk Tier 1 Evaluate the effectiveness of the internal controls and risk management processes implemented Strategic Plan Audits Staff Policies and Procedures Compliance with NACHA Operating Rules. EPOCPR Services 28

29 Identifying Key Risk Indicators So, where do we start identifying ACH risk? Tier 2 Goes deeper into the complexity of the organization and requires additional information Information Security Business Continuity ACH ODFI and RDFI ACH Accounting and Transaction Processing ACH Funding and Credit WEB and TEL ACH Contingency Planning EPOCPR Services 29

30 Identifying Key Risk Indicators So, where do we start identifying ACH risk? 5. Policies should addressed these: Objective of the program Approved new Products and Services Prohibited Originators Third Party Senders Exposure limits Contracts and Agreements OFAC, PATRIOT Act, BSA/AML UCC4A provisions Third Party Service Providers Direct Access to ACH Operator File Delivery Data Breach Audits EPOCPR Services 30

31 So, where do we start identifying ACH Risk? Before an Institution engages in a high risk ACH activity, the Board of Directors should consider the risks associated with these activities. They should provide clear direction on whether or to what extent the bank will compromise on the activity. The bank should have strong systems to monitor and control risk. The system should be able to identify high levels of unauthorized returns Identify variances on Originator profiles and volumes Verify the proper use of the SEC Codes For TEL and Web transactions ensure that they are within the FI risk tolerance EPOCPR Services 31

32 So, where do we start identifying ACH Risk? 6. Third Party Service Provider: The use of a TPSP adds complexity and increases the Risk associated with credit, reputation, compliance among others. Although the use of a Third Party Service Provider may reduce the processing cost of the ACH Operation, this could increase the risk because the FI bank remains legally responsible. An FI must be aware that it is still responsible for all Entries sent to the ACH Operator by the TPSP on behalf of the FI Management should have a effective monitoring program to oversee all the activity that is conducted through the FI FIs should identify and validate the type of business the TPSP is doing They should make a background check on the TPSP including owners, and financial capacity EPOCPR Services 32

33 So, where do we start identifying ACH Risk? 7. For Third Party Senders : Institutions that initiate ACH transactions for TPS should know which Originators they are initiating Entries for. These FIs should require specific information from the TPS on the Originator customers such as: Originator s name Taxpayer ID Principal business activity Geographic location Validate if it is a legitimate business Bank management should establish written agreements and SLAs with the TPS The Bank should establish a system to audit periodically each TSP EPOCPR Services 33

34 So, where do we start identifying ACH risk? 8. Originator Agreements should include but not limited to: Set forth the responsibilities of all parties Bind to the NACHA Operating Rules Funding arrangements, SEC Codes permitted Regulation CC Regulation UCC 4A Regulation E EPOCPR Services 34

35 So, where do we start identifying ACH risk? 9. Third Party Sender Agreements : ODFI approval of all Originators Exposure limits per Originator An exposure limit for the TPS A way to identify each Originator Third Party Sender ACH audit is now required EPOCPR Services 35

36 So, where do we start identifying ACH risk? 10. Vendor Management Program: Assess the ability to manage outsourced relationships with technology services provider: Encrypt transactions while in route between service provider and institution Contract provisions Personnel Equipment Contingency Planning Measure what seems to be inadequate performance Appropriate Sanctions EPOCPR Services 36

37 So, where do we start identifying ACH risk? 11. ACH Accounting : Balancing procedures General ledger ACH activity with warehouse files totals Separate accounts for return Entries Separation of duties EPOCPR Services 37

38 So, where do we start identifying ACH risk? 12. ACH Funding : Perform balance check before sending the files to the Operator Prefunding (determine if needed) EPOCPR Services 38

39 A ACH Risk Assessment Tool 2014 Please contact TCH PA for more information ACH 2014 Electronic Payments & Operations Consultants V1.0» To initiate your Risk Assess» ODFI EPOCPR Services 39

40 A QUESTIONS?????? ODFI EPOCPR Services 40

O OCC BULLETIN OCC 2006-39. Automated Clearing House Activities. Risk Management Guidance

O OCC BULLETIN OCC 2006-39. Automated Clearing House Activities. Risk Management Guidance O OCC BULLETIN Comptroller of the Currency Administrator of National Banks Subject: Automated Clearing House Activities Description: Risk Management Guidance TO: Chief Executive Officers, Chief Risk Officers,

More information

Third-Party Senders Risks and Best Practices

Third-Party Senders Risks and Best Practices Third-Party Senders Risks and Best Practices Please turn off all cell phones or mobile devices. Thank you to today s sponsors! This morning s refreshment break sponsored by The Royal Bank of Scotland EventMobile

More information

2015, EPCOR. All Rights Reserved. 1

2015, EPCOR. All Rights Reserved. 1 s Risks Regional Payments Associations, through their Direct Membership in NA, are specially recognized and licensed providers of education, publications and support. Regional Payments Associations are

More information

ACH Operations Bulletin #1-2014

ACH Operations Bulletin #1-2014 ACH Operations Bulletin #1-2014 Questionable ACH Debit Origination: Roles and Responsibilities of ODFIs and RDFIs September 30, 2014 Replaces ACH Operations Bulletin #2-2013 (Originally Issued March 14,

More information

ACH GUIDE ACH PARTICIPATION

ACH GUIDE ACH PARTICIPATION Materials needed: ACH policies (Audit and general), the last two ACH audits, security settings (Operator Reports) for the processing method the FI has chosen, Originator contracts and any reviews of Originator

More information

ACH Internal Control Questionnaire

ACH Internal Control Questionnaire ACH Internal Control Questionnaire AUTOMATED CLEARING HOUSE (ACH) Assessment of the Adequacy of Internal Controls Completed by: Date Completed: Quality of Management and Support for ACH Processing Activity

More information

Federal Financial Institutions Examination Council FFIEC. Retail Payment Systems RPS. February 2010 IT EXAMINATION HANDBOOK

Federal Financial Institutions Examination Council FFIEC. Retail Payment Systems RPS. February 2010 IT EXAMINATION HANDBOOK Federal Financial Institutions Examination Council FFIEC Retail Payment Systems February 2010 RPS IT EXAMINATION HANDBOOK RETAIL PAYMENT SYSTEMS RISK MANAGEMENT Action Summary Financial institutions engaged

More information

A Cautionary Tale Plus Cross-Channel Risk

A Cautionary Tale Plus Cross-Channel Risk Dan Tobin A Cautionary Tale Plus Cross-Channel Risk IT Examiner Supervision, Regulation & Credit Dan.tobin@bos.frb.org Agenda A Cautionary Tale Shames-Yeakel v. Citizens Financial Bank Cross-Channel Risk

More information

This presentation was originally given by:

This presentation was originally given by: This presentation was originally given by: Michael Alfonsi, Managing Director Analytic Results For questions about this material contact Michael at: 610-329-7980 ACH: Basics Michael Alfonsi AnalyticResults

More information

Third Party Payment Processors Job Aid

Third Party Payment Processors Job Aid Third Party Payment Processors Job Aid This job aid is to be used by state institution examiners as a means to understand, identify, and assess the risks associated with institutions relationships with

More information

ACH Audit Guide Step-by-Step Guidance and Interactive Form For Internal ACH Audits Audit Year 2015

ACH Audit Guide Step-by-Step Guidance and Interactive Form For Internal ACH Audits Audit Year 2015 ACH Audit Guide Step-by-Step Guidance and Interactive Form For Internal ACH Audits Audit Year 2015 Price: $399 Member Price: $199 (Publication #500-15) Sharing Our Passion For Payments ACH Audit Guide

More information

ACH Operations Bulletin #2-2013

ACH Operations Bulletin #2-2013 ACH Operations Bulletin #2-2013 High-Risk Originators and Questionable Debit Activity March 14, 2013 EXECUTIVE SUMMARY Recent press reports have inaccurately stated that some Receiving Depository Financial

More information

Don t Originate in the Dark: Shine Some Light on Your Third-Party Senders and Their Originators

Don t Originate in the Dark: Shine Some Light on Your Third-Party Senders and Their Originators Don t Originate in the Dark: Shine Some Light on Your Third-Party Senders and Their Originators This ACH risk management white paper examines the risks related to ACH transactions processed by Third-Party

More information

Treasury Management Services Product Terms and Conditions

Treasury Management Services Product Terms and Conditions Treasury Management Services Product Thank you for choosing M&T Bank for your treasury management service needs. We appreciate the opportunity to serve you. If you have any questions about this Product

More information

Automated Clearing House

Automated Clearing House Automated Clearing House THE SERVICE Customer wishes to initiate credit and/or debit Entries as an Originator through Bank to Accounts maintained at Bank and in other depository financial institutions

More information

Understanding & Managing Third Party Relationships in the ACH Network. PAYMENTS 2008 May 18, 2008 Las Vegas, NV

Understanding & Managing Third Party Relationships in the ACH Network. PAYMENTS 2008 May 18, 2008 Las Vegas, NV Understanding & Managing Third Party Relationships in the ACH Network PAYMENTS 2008 May 18, 2008 Las Vegas, NV 1 Your Presenters Stuart Williams Director, CheckFree Payment Services CheckFree now part

More information

Knowing your customers and their customers and their customers and so on and so on

Knowing your customers and their customers and their customers and so on and so on Knowing your customers and their customers and their customers and so on and so on Identifying your Third-Party s and their Nested s This ACH risk management white paper provides an overview of ACH relationships

More information

ACH Welcome Kit. Rev. 10/2014. Member FDIC Page 1 of 8

ACH Welcome Kit. Rev. 10/2014. Member FDIC Page 1 of 8 ACH Welcome Kit Rev. 10/2014 Member FDIC Page 1 of 8 Dear Customer, Thank you for utilizing FirstMerit s ACH services. We have finalized the setup of your ACH product and you may now begin processing ACH

More information

GUIDANCE ON PAYMENT PROCESSOR RELATIONSHIPS (Revised July 2014)

GUIDANCE ON PAYMENT PROCESSOR RELATIONSHIPS (Revised July 2014) Federal Deposit Insurance Corporation 550 17th Street NW, Washington, D.C. 20429-9990 Financial Institution Letter FIL-127-2008 November 7, 2008 GUIDANCE ON PAYMENT PROCESSOR RELATIONSHIPS (Revised July

More information

Third-Party Sender Case Studies: ODFI Best Practices to Close the Gap An ACH Risk Management White Paper

Third-Party Sender Case Studies: ODFI Best Practices to Close the Gap An ACH Risk Management White Paper Third-Party Sender Case Studies: ODFI Best Practices to Close the Gap An ACH Risk Management White Paper This ACH risk management white paper examines three case studies related to Third-Party Sender Risk.

More information

Risk Management of Remote Deposit Capture

Risk Management of Remote Deposit Capture Federal Financial Institutions Examination Council 3501 FAIRFAX DRIVE ROOM 3086 ARLINGTON, VA 22226-3550 (703) 516-5487 http://www.ffiec.gov Background and Purpose Risk Management of Remote Deposit Capture

More information

Know Your Customer & Know Your Customer s Customers (KYCC) BITS ACH Fraud Risk Subgroup Presented by George Thomas November 19, 2008

Know Your Customer & Know Your Customer s Customers (KYCC) BITS ACH Fraud Risk Subgroup Presented by George Thomas November 19, 2008 Know Your Customer & Know Your Customer s Customers (KYCC) BITS ACH Fraud Risk Subgroup Presented by George Thomas November 19, 2008 Agenda Theme and Issue Types of Third Party Processors Risk from Third

More information

ACH GENERAL 4 5 6 7 8

ACH GENERAL 4 5 6 7 8 3 A B C E ACH GENERAL 4 5 6 7 8 INTRODUCTION AND PURPOSE ABBREVIATIONS AND DEFINITIONS NCUA REFERENCES EXTERNAL REFERENCES General Is the credit union a Receiving Depository Financial Yes/No/NA Comments

More information

Payment Systems. Version 1.0 July 2013. Introduction

Payment Systems. Version 1.0 July 2013. Introduction Introduction This module applies to examinations of the Federal Home Loan Banks (FHLBanks), the Office of Finance; Fannie Mae and Freddie Mac. The module refers to these institutions collectively as the

More information

Operational Means to Fraud Mitigation and BSA/AML Compliance

Operational Means to Fraud Mitigation and BSA/AML Compliance Operational Means to Fraud Mitigation and BSA/AML Compliance Brad Johnson Director of Business Development Centrix Solutions Helen May SVP, Director of Operations Bank of Tampa www.centrixsolutions.com

More information

Industry Update & New Rules. Stephanie Schrickel, AAP Director, emarketing. 2014 EastPay. All Rights Reserved 1 EASTPAY

Industry Update & New Rules. Stephanie Schrickel, AAP Director, emarketing. 2014 EastPay. All Rights Reserved 1 EASTPAY Industry Update & New Rules Stephanie Schrickel, AAP Director, emarketing EASTPAY Not-for-profit Regional Payments Association Educational Programs Member benefits Voice & Representation in National Rule

More information

ACH and Third Party Payment Processors

ACH and Third Party Payment Processors ACH and Third Party Payment Processors Definition of Third-Party Relationship Entity with which financial institution has entered into a business relationship Facilitate customer access to bank services

More information

Government Crime Prevention Regulations. Richard Fraher VP & Counsel to the Retail Payments Office Federal Reserve Bank of Atlanta

Government Crime Prevention Regulations. Richard Fraher VP & Counsel to the Retail Payments Office Federal Reserve Bank of Atlanta Government Crime Prevention Regulations Richard Fraher VP & Counsel to the Retail Payments Office Federal Reserve Bank of Atlanta The Big Disclaimers The views expressed in this presentation are those

More information

QUICK GUIDE Automated Clearing House (ACH) Rules for ACH Originators

QUICK GUIDE Automated Clearing House (ACH) Rules for ACH Originators QUICK GUIDE To ensure compliance with current regulations, all ACH Originators must obtain a current copy of the National Automated Clearing House Association (NACHA) Operating Rules (Rules) and Guidelines

More information

Vendor Management Compliance Top 10 Things Regulators Expect

Vendor Management Compliance Top 10 Things Regulators Expect Vendor Management Compliance Top 10 Things Regulators Expect Paul M. Phillips, CFA Attorney, Adams and Reese Pamela T. Rodriguez, AAP, CIA, CISA EVP, Risk Management & Education, EastPay 2014 EastPay.

More information

Get In Tune With Third Parties: Finding the harmonies between Third Party Senders, Originators, and Customers.

Get In Tune With Third Parties: Finding the harmonies between Third Party Senders, Originators, and Customers. Get In Tune With Third Parties: Finding the harmonies between Third Party Senders, Originators, and Customers. Marsha Jones President TPPPA Brent Siegel Vice President Argos Risk 1 1 AGENDA/OUTLINE Third-Party

More information

Outsourcing Technology Services A Management Decision

Outsourcing Technology Services A Management Decision Outsourcing Technology Services A Management Decision A Telephone Seminar for National Banks Tuesday, July 20, 2004 And again on Wednesday, July 21, 2004 Agenda Outsourcing activities and relationships

More information

Mobile Deposit Policy

Mobile Deposit Policy Mobile Deposit Policy Mobile Deposit, a deposit transaction delivery system, allows the Credit Union to receive digital information from deposit documents captured at remote locations (i.e., the Credit

More information

THIRD PARTY PAYMENT PROVIDERS

THIRD PARTY PAYMENT PROVIDERS THIRD PARTY PAYMENT PROVIDERS BY DARLIA FOGARTY, DIRECTOR OF COMPLIANCE & COO KNOWLEDGE. CLARITY. RELIABILITY. www.compliancealliance.com (888) 353-3933 THIRD PARTY PAYMENT PROCESSORS Third Party Payment

More information

Risk Management of Outsourced Technology Services. November 28, 2000

Risk Management of Outsourced Technology Services. November 28, 2000 Risk Management of Outsourced Technology Services November 28, 2000 Purpose and Background This statement focuses on the risk management process of identifying, measuring, monitoring, and controlling the

More information

ACH Operations Bulletin #2-2014

ACH Operations Bulletin #2-2014 ACH Operations Bulletin #2-2014 ACH Transactions Involving Third-Party Senders and Other Payment Intermediaries December 30, 2014 EXECUTIVE SUMMARY In most ACH transactions, the roles of the various parties

More information

Instructions for Completing the Information Technology Officer s Questionnaire

Instructions for Completing the Information Technology Officer s Questionnaire Instructions for Completing the The (Questionnaire) contains questions covering significant areas of a bank s information technology (IT) function. Your responses to these questions will help determine

More information

ACH Network Risk and Enforcement Topics Request for Comment and Request for Information. Executive Summary and Rules Description November 11, 2013

ACH Network Risk and Enforcement Topics Request for Comment and Request for Information. Executive Summary and Rules Description November 11, 2013 ACH Network Risk and Enforcement Topics Request for Comment and Request for Information Executive Summary and Rules Description November 11, 2013 RESPONSES DUE BY MONDAY, JANUARY 13 2014 NACHA requests

More information

Increasingly community banks are turning to

Increasingly community banks are turning to A system of ACH risk-management valves can help banks bypass the big loss By Jeanette A. Fox and Cary Whaley Increasingly community banks are turning to payments, specifically Automated Clearing House

More information

Information Technology

Information Technology Information Technology Information Technology Session Structure Board of director actions Significant and emerging IT risks Practical questions Resources Compensating Controls at the Directorate Level

More information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1

More information

Going All In on Board Reporting

Going All In on Board Reporting Going All In on Board Reporting February 13, 2014 10:15 A.M to 11:15 A.M. Tony DaSilva, AAP, CISA Senior Examiner, Federal Reserve Bank of Atlanta Rajiv Donde President, Laru Technologies Peter Davey,

More information

National Check Payments Certification. Fraud, Risk, and Risk Mitigation Part II. Copyright 2015 by the Electronic Check Clearing House Organization

National Check Payments Certification. Fraud, Risk, and Risk Mitigation Part II. Copyright 2015 by the Electronic Check Clearing House Organization NCP 2016 Exam Cycle Core Training Series Session 11 National Check Payments Certification Fraud, Risk, and Risk Mitigation Part II Copyright 2015 by the Electronic Check Clearing House Organization NOTICES

More information

Any business relationship between a bank and another entity, by contract or otherwise

Any business relationship between a bank and another entity, by contract or otherwise An Overview for Bank Directors Managing the Third Party Relationship Patrick Neuman Boardman & Clark LLP Madison, Wisconsin Any business relationship between a bank and another entity, by contract or otherwise

More information

Managing your community bank s ACH and demand draft risk By George F. Thomas

Managing your community bank s ACH and demand draft risk By George F. Thomas Payment Protocols Managing your community bank s ACH and demand draft risk By George F. Thomas Would anyone in their right mind attempt to drive a car blindfolded? Well, the answer would be an emphatic

More information

BANKOH BUSINESS CONNECTIONS WIRE TRANSFER GUIDE

BANKOH BUSINESS CONNECTIONS WIRE TRANSFER GUIDE BANKOH BUSINESS CONNECTIONS WIRE TRANSFER GUIDE Revision 2/2013 1 of 35 Contents GENERAL INFORMATION... 3 Wire Transfers... 3 Types of Wires... 3 Wire Templates... 3 Bankoh Business Connections Wire Cut-off

More information

INFORMATION TECHNOLOGY OFFICER S QUESTIONNAIRE. Instructions for Completing the Information Technology Examination Officer s Questionnaire

INFORMATION TECHNOLOGY OFFICER S QUESTIONNAIRE. Instructions for Completing the Information Technology Examination Officer s Questionnaire Institution Charter Date of Exam Prepared By INFORMATION TECHLOGY OFFICER S QUESTIONNAIRE Instructions for Completing the Information Technology Examination Officer s Questionnaire The Information Technology

More information

The Emergence of the ISO in Community Banking Patrick H. Whelan CISA IT Security & Compliance Consultant

The Emergence of the ISO in Community Banking Patrick H. Whelan CISA IT Security & Compliance Consultant THE MARKET LEADER IN IT, SECURITY AND COMPLIANCE SERVICES FOR COMMUNITY FINANCIAL INSTITUTIONS The Emergence of the ISO in Community Banking Patrick H. Whelan CISA IT Security & Compliance Consultant Agenda

More information

ACH Origination File System Changes

ACH Origination File System Changes ACH Origination File System Changes Details Topic 1- Reducing the Unauthorized Return Rate Threshold The Rule will reduce the current return rate threshold for unauthorized debit Entries (Return Reason

More information

Third Party Relationships

Third Party Relationships 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 A B D INTRODUCTION AND PURPOSE Background Yes/No Comments 1. Does the credit union maintain a list of the third party

More information

TO: Chief Executive Officers of National Banks, Federal Branches and Data-Processing Centers, Department and Division Heads, and Examining Personnel

TO: Chief Executive Officers of National Banks, Federal Branches and Data-Processing Centers, Department and Division Heads, and Examining Personnel AL 2000 12 O OCC ADVISORY LETTER Comptroller of the Currency Administrator of National Banks Subject: Risk Management of Outsourcing Technology Services TO: Chief Executive Officers of National Banks,

More information

Vendor Management: An Enterprise-wide Focus. Susan Orr, CISA CISM CRISC CRP Susan Orr Consulting, Ltd.

Vendor Management: An Enterprise-wide Focus. Susan Orr, CISA CISM CRISC CRP Susan Orr Consulting, Ltd. Vendor Management: An Enterprise-wide Focus Susan Orr, CISA CISM CRISC CRP Susan Orr Consulting, Ltd. Why Focus on Vendor Management Increased financial regulatory scrutiny GLBA and Identity Theft Red

More information

2015 NACHA Rules, Same Day ACH and Regulation E Changes

2015 NACHA Rules, Same Day ACH and Regulation E Changes 2015 NACHA Rules, Same Day ACH and Regulation E Changes Recently Approved Amendments to Improve Quality and Reduce Risk in the ACH Network 2015 NYBA Technology, Compliance & Risk Management Forum DISCLAIMER

More information

Table of Contents... 1. Chapter 1 Introduction... 5. 1.1 Goals & Objectives... 5 1.2 Required Review... 5 1.3 Applicability...

Table of Contents... 1. Chapter 1 Introduction... 5. 1.1 Goals & Objectives... 5 1.2 Required Review... 5 1.3 Applicability... ... 1 Chapter 1 Introduction... 5 1.1 Goals & Objectives... 5 1.2 Required Review... 5 1.3 Applicability... 5 Chapter 2 Company Culture... 6 Chapter 3 Risk Management Governance... 7 3.1 Board of Directors...

More information

Vendor Management Compliance Top 10 Things Regulators Expect

Vendor Management Compliance Top 10 Things Regulators Expect Vendor Management Compliance Top 10 Things Regulators Expect Peter Davey, AAP VP & Director, Enterprise Payments, CapitalOne Pamela T. Rodriguez, AAP, CIA, CISA EVP, Risk Management & Education, EastPay

More information

International ACH Transactions (IAT): What is it & How Does It Affect Your Organization?

International ACH Transactions (IAT): What is it & How Does It Affect Your Organization? International ACH Transactions (IAT): What is it & How Does It Affect Your Organization? Priscilla C. Holland, AAP, CCM NACHA, The Electronic Payments Association January 27, 2009 Agenda What is IAT? Reasons

More information

Vendor Management. Outsourcing Technology Services

Vendor Management. Outsourcing Technology Services Vendor Management Outsourcing Technology Services Objectives Board and Senior Management Responsibilities Risk Management Program Risk Assessment Service Provider Selection Contracts Ongoing Monitoring

More information

OCC 98-3 OCC BULLETIN

OCC 98-3 OCC BULLETIN To: Chief Executive Officers and Chief Information Officers of all National Banks, General Managers of Federal Branches and Agencies, Deputy Comptrollers, Department and Division Heads, and Examining Personnel

More information

WEB ACH Primer. Receiver The person (for WEB transactions this must be a human being) who owns the bank account being debited.

WEB ACH Primer. Receiver The person (for WEB transactions this must be a human being) who owns the bank account being debited. The WEB ACH transaction type was introduced in March 2001. It is defined as a debit entry to a consumer bank account, for which the authorization was obtained from the Receiver (the consumer who owns the

More information

Service Agreement. UltraBranch Business Edition. alaskausa.org AKUSA 02952 R 05/15

Service Agreement. UltraBranch Business Edition. alaskausa.org AKUSA 02952 R 05/15 Service Agreement UltraBranch Business Edition Your savings federally insured to at least $250,000 and backed by the full faith and credit of the United States Government. National Credit Union Administration,

More information

Q2: What return codes are included in the Unauthorized Return Rate Threshold?

Q2: What return codes are included in the Unauthorized Return Rate Threshold? Unauthorized Return Rate Threshold Q1: What is the new Unauthorized Return Rate Threshold? This rule reduces the return rate threshold for unauthorized debit entries from 1.0 percent to 0.5 percent. All

More information

Attachment E. BUSINESS DAY - A calendar day other than a Saturday, Sunday, or Federal holiday.

Attachment E. BUSINESS DAY - A calendar day other than a Saturday, Sunday, or Federal holiday. GLOSSARY OF TERMS: ACH - The Automated Clearing House network. ACH OPERATOR - The central clearing facility that receives entries from ODFIs, edits and processes based on requirements of the Rules, distributes

More information

Outsourced Third Party Relationship Management/ Vendor Management. TTS Webinar July 15, 2015 Susan Orr CISA, CISM, CRISC, CRP

Outsourced Third Party Relationship Management/ Vendor Management. TTS Webinar July 15, 2015 Susan Orr CISA, CISM, CRISC, CRP Outsourced Third Party Relationship Management/ Vendor Management TTS Webinar July 15, 2015 Susan Orr CISA, CISM, CRISC, CRP 1 Risk Management Guidance 2 3 Appendix J: 4 - Key Elements Third Party Management

More information

Payment Processor Relationships Revised Guidance

Payment Processor Relationships Revised Guidance Federal Deposit Insurance Corporation 550 17th Street NW, Washington, D.C. 20429-9990 Payment Processor Relationships Revised Guidance Financial Institution Letter FIL-3-2012 January 31, 2012 Summary:

More information

- 0 - Terms and Conditions for BUSINESS INTERNET BANKING SERVICES

- 0 - Terms and Conditions for BUSINESS INTERNET BANKING SERVICES - 0 - Terms and Conditions for BUSINESS INTERNET BANKING SERVICES TABLE OF CONTENTS I. INTRODUCTION... 2 II. BUSINESS INTERNET BANKING SERVICES.. 2 A. Automated Clearing House (Ach)... 2 1. Compliance

More information

Validating Third Party Software Erica M. Torres, CRCM

Validating Third Party Software Erica M. Torres, CRCM Validating Third Party Software Erica M. Torres, CRCM Michigan Bankers Association Risk Management & Compliance Institute September 29, 2014 MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT

More information

International ACH Transactions (IAT) Frequently Asked Questions Corporate Customers

International ACH Transactions (IAT) Frequently Asked Questions Corporate Customers Frequently Asked Questions Corporate Customers IAT changes were made for regulatory compliance The first step is to understand and recognize OFAC requirements - corporates must comply with OFAC requirements

More information

VENDOR RISK MANAGEMENT UPDATE- ARE YOU AT RISK? Larry L. Llirán, CISA, CISM December 10, 2015 ISACA Puerto Rico Symposium

VENDOR RISK MANAGEMENT UPDATE- ARE YOU AT RISK? Larry L. Llirán, CISA, CISM December 10, 2015 ISACA Puerto Rico Symposium 1 VENDOR RISK MANAGEMENT UPDATE- ARE YOU AT RISK? Larry L. Llirán, CISA, CISM December 10, 2015 ISACA Puerto Rico Symposium 2 Agenda Introduction Vendor Management what is? Available Guidance Vendor Management

More information

echeck.net Developer Guide

echeck.net Developer Guide echeck.net Developer Guide Advanced Integration Method (AIM) Transactions Authorize.Net Developer Support http://developer.authorize.net Authorize.Net LLC 082007 Ver.1.0 Authorize.Net LLC ( Authorize.Net

More information

Assessment and Compliance with Federal Financial Institutions Examination Council (FFIEC) Requirements

Assessment and Compliance with Federal Financial Institutions Examination Council (FFIEC) Requirements isl Assessment and Compliance with Federal Financial Institutions Examination Council (FFIEC) Requirements DataGuardZ White Paper Forti5 BNP Paribas [Pick the date] What is the history behind FFIEC compliance?

More information

White Paper on Financial Institution Vendor Management

White Paper on Financial Institution Vendor Management White Paper on Financial Institution Vendor Management Virtually every organization in the modern economy relies to some extent on third-party vendors that facilitate business operations in a wide variety

More information

Money One Federal Credit Union Pocket 2 Pocket Service E-SIGNATURE AND ELECTRONIC DISCLOSURES AGREEMENT

Money One Federal Credit Union Pocket 2 Pocket Service E-SIGNATURE AND ELECTRONIC DISCLOSURES AGREEMENT Money One Federal Credit Union Pocket 2 Pocket Service E-SIGNATURE AND ELECTRONIC DISCLOSURES AGREEMENT You are signing up to use the Pocket 2 Pocket service powered by Acculynk that allows you to send

More information

Managing TPPPs and TPSs in the Current Regulatory Environment

Managing TPPPs and TPSs in the Current Regulatory Environment November 2015 Managing TPPPs and TPSs in the Current Regulatory Environment Prepared by: Jodie Ruby, Director Audience: This document is intended for managers, directors and executives who deal with business

More information

M&T ACH Services ACH RETURNS MANUAL

M&T ACH Services ACH RETURNS MANUAL M&T ACH Services ACH RETURNS MANUAL M&T ACH SERVICES Welcome to M&T Bank Services and the latest update to our ACH Returns Manual. This ACH Returns Manual is your resource for frequently asked information

More information

Vendor Management Best Practices

Vendor Management Best Practices 23 rd Annual and One Day Seminar Vendor Management Best Practices Catherine Bruder CPA, CITP, CISA, CISM, CTGA Michigan Texas Florida Insight. Oversight. Foresight. SM Doeren Mayhew Bruder 1 $100 billion

More information

Evaluating Payment Systems Service Providers. 2011 OSCUI Workshops

Evaluating Payment Systems Service Providers. 2011 OSCUI Workshops Evaluating Payment Systems Service Providers 2011 OSCUI Workshops Goal To provide credit unions with sound guidance regarding potential changes to payment service providers including the due diligence

More information

Remote Deposit Capture Customer Due Diligence FFIEC Tier II Exam Considerations Plus Mobile Capture! March 5, 2014. Topics of Discussion

Remote Deposit Capture Customer Due Diligence FFIEC Tier II Exam Considerations Plus Mobile Capture! March 5, 2014. Topics of Discussion Remote Deposit Capture Customer Due Diligence FFIEC Tier II Exam Considerations Plus Mobile Capture! March 5, 2014 Carolyn C. Dowdy, Speaker Bank Project Solutions does not guaranty by implementing criteria

More information

International ACH IAT and the Corporate Practitioner

International ACH IAT and the Corporate Practitioner International ACH IAT and the Corporate Practitioner Priscilla C. Holland, AAP, CCM NACHA, The Electronic Payments Association Mark K. Webster, CPA, CCM, Partner Treasury Alliance Group LLC You might need

More information

Asset Management. Comptroller s Handbook. Comptroller of the Currency Administrator of National Banks

Asset Management. Comptroller s Handbook. Comptroller of the Currency Administrator of National Banks AM- Comptroller of the Currency Administrator of National Banks Comptroller s Handbook 20 AM Asset Management Asset Management UOperations and Controls Table of Contents Asset Management Operations and

More information

Federal Reserve Banks Operating Circular No. 4 AUTOMATED CLEARING HOUSE ITEMS

Federal Reserve Banks Operating Circular No. 4 AUTOMATED CLEARING HOUSE ITEMS Federal Reserve Banks AUTOMATED CLEARING HOUSE ITEMS Effective November 4, 2013 FEDERAL RESERVE BANKS OPERATING CIRCULAR NO. 4 Effective November 4, 2013 AUTOMATED CLEARING HOUSE ITEMS (Click CTRL + section

More information

Service. ACH Processing Services Outsourced ACH Solutions Tailored to Your Requirements and Budget

Service. ACH Processing Services Outsourced ACH Solutions Tailored to Your Requirements and Budget Service ACH Processing Services Outsourced ACH Solutions Tailored to Your Requirements and Budget originating and receiving ACH electronic funds transfers with speed and efficiency. A comprehensive range

More information

one admin. one tool. Providing instant access to hundreds of industry leading verification tools.

one admin. one tool. Providing instant access to hundreds of industry leading verification tools. 2 7 12 14 11 15 8 16 10 41 40 42 19 49 45 44 50 48 47 51 46 52 53 55 54 56 57 67 68 1 5 39 43 58 71 81 82 69 70 88 25 29 23 26 22 3 21 28 4 6 32 30 38 33 31 37 34 35 36 63 59 64 60 62 61 65 72 73 66 74

More information

SERVICE RULES. Deposit Plus User Agreement. ACH Origination Services Agreement. ACH Positive Pay Services Agreement

SERVICE RULES. Deposit Plus User Agreement. ACH Origination Services Agreement. ACH Positive Pay Services Agreement SERVICE RULES Deposit Plus User Agreement ACH Origination Services Agreement ACH Positive Pay Services Agreement ACH Block and Filter Services Agreement Positive Pay Services Agreement Wire Transfer Services

More information

Information Security Handbook

Information Security Handbook Information Security Handbook Adopted 6/4/14 Page 0 Page 1 1. Introduction... 5 1.1. Executive Summary... 5 1.2. Governance... 5 1.3. Scope and Application... 5 1.4. Biennial Review... 5 2. Definitions...

More information

Enterprise Risk Management Process Improvement. Secure Banking Solutions, LLC

Enterprise Risk Management Process Improvement. Secure Banking Solutions, LLC Enterprise Risk Management Process Improvement 2 Contact Information Contact Information Chad Knutson Senior Information Security Consultant CISSP, CISA, CRISC Phone: 605-480-3366 chad.knutson@protectmybank.com

More information

GUIDANCE FOR MANAGING THIRD-PARTY RISK

GUIDANCE FOR MANAGING THIRD-PARTY RISK GUIDANCE FOR MANAGING THIRD-PARTY RISK Introduction An institution s board of directors and senior management are ultimately responsible for managing activities conducted through third-party relationships,

More information

International ACH Transactions (IAT) Frequently Asked Questions Corporate Customers. Contents

International ACH Transactions (IAT) Frequently Asked Questions Corporate Customers. Contents International ACH Transactions (IAT) Frequently Asked Questions Corporate Customers IAT changes were made for regulatory compliance The first step is to understand and recognize OFAC requirements - corporates

More information

NACHA Return Codes. The available and/or cash reserve balance is not sufficient to cover the dollar value of the debit entry.

NACHA Return Codes. The available and/or cash reserve balance is not sufficient to cover the dollar value of the debit entry. NACHA Return Codes R01 Insufficient Funds The available and/or cash reserve balance is not sufficient to cover the dollar value of the debit entry. R02 Account Closed A previously active account has been

More information

NCUA LETTER TO CREDIT UNIONS NATIONAL CREDIT UNION ADMINISTRATION 1775 Duke Street, Alexandria, VA 22314

NCUA LETTER TO CREDIT UNIONS NATIONAL CREDIT UNION ADMINISTRATION 1775 Duke Street, Alexandria, VA 22314 NCUA LETTER TO CREDIT UNIONS NATIONAL CREDIT UNION ADMINISTRATION 1775 Duke Street, Alexandria, VA 22314 DATE: APRIL 14, 1997 LETTER NO: 97-CU-5 TO: The Board of Directors of the Federal Insured Credit

More information

ALTA Title Insurance & Settlement Company Best Practices

ALTA Title Insurance & Settlement Company Best Practices ALTA Title Insurance & Settlement Company Best Practices N e w C a s t l e T i t l e 7 5 0 N o r t h 3 r d S t r e e t, S u i t e B ( 6 0 8 ) 7 8 3-9 2 6 5 ( 6 0 8 ) 7 8 3-9 2 6 6 5 / 2 2 / 2 0 1 5 0 5/22/15

More information

West African Institute for Financial and Economic Management (WAIFEM) Inherent Risk in Global Remittances. Presented by Mike Ogbalu III

West African Institute for Financial and Economic Management (WAIFEM) Inherent Risk in Global Remittances. Presented by Mike Ogbalu III West African Institute for Financial and Economic Management (WAIFEM) Inherent Risk in Global Remittances Presented by Mike Ogbalu III Fraud and losses due to fraud is an acceptable cost of doing business?

More information

Treasury Management Guide to ACH Origination Processing and Customer Service March 2012

Treasury Management Guide to ACH Origination Processing and Customer Service March 2012 Treasury Management Guide to ACH Origination Processing and Customer Service March 2012 This guide provides important information regarding ACH origination processing at PNC and addresses many frequently

More information

COMMERCIAL AND BUSINESS ONLINE BANKING AGREEMENT

COMMERCIAL AND BUSINESS ONLINE BANKING AGREEMENT COMMERCIAL AND BUSINESS ONLINE BANKING AGREEMENT This Commercial and Business Online Banking Agreement ( Agreement ) sets forth the terms and conditions of the Online Banking services (the Services ) offered

More information

Fraud Protection, You and Your Bank

Fraud Protection, You and Your Bank Fraud Protection, You and Your Bank Maximize your chances to minimize your losses Presentation for Missouri GFOA April 2011 By: Terry Endres, VP, Government Treasury Solutions Phone: 314-466-6774 Terry.m.endres@baml.com

More information

Payment Systems: Regulatory Interest in Payment Processors, Faster Payments, and Related Consumer Protections

Payment Systems: Regulatory Interest in Payment Processors, Faster Payments, and Related Consumer Protections July 2015 RPL15-04 Payment Systems: Regulatory Interest in Payment Processors, Faster Payments, and Related Consumer Protections Executive Summary The expansion of the Internet and the growth in electronic

More information

ACH POSITIVE PAY SERVICE AGREEMENT

ACH POSITIVE PAY SERVICE AGREEMENT ACH POSITIVE PAY SERVICE AGREEMENT This ACH Positive Pay Service Agreement ( Service Agreement ) is made this day of between: Alpine Bank ( Bank ) and (the Company ) and it governs Company s use of the

More information

Emerging ACH Issues. Florida Bankers Association 30 th Annual Consumer Compliance Seminar Orlando, Florida April 29- May 1, 2015

Emerging ACH Issues. Florida Bankers Association 30 th Annual Consumer Compliance Seminar Orlando, Florida April 29- May 1, 2015 1 Emerging ACH Issues Florida Bankers Association 30 th Annual Consumer Compliance Seminar Orlando, Florida April 29- May 1, 2015 Kristen J. Stogniew, Esquire, AAP, CFE, Shareholder kristen.stogniew@saltmarshcpa.com

More information

Unlawful Internet Gambling Enforcement Act of 2006 Overview

Unlawful Internet Gambling Enforcement Act of 2006 Overview Attachment A Unlawful Internet Gambling Enforcement Act of 2006 Overview This document provides an overview of the Unlawful Internet Gambling Enforcement Act of 2006 (UIGEA or Act), 31 USC 5361-5366, and

More information

echeck.net Operating Procedures and User Guide

echeck.net Operating Procedures and User Guide echeck.net Operating Procedures and User Guide Table of Contents Introduction... 4 What is echeck.net?... 4 Who can use echeck.net?... 4 Applying for echeck.net... 5 echeck.net Fees and Settings... 5 echeck.net

More information

echeck.net Developer Guide

echeck.net Developer Guide echeck.net Developer Guide Advanced Integration Method (AIM) Transactions March 2014 Authorize.Net Developer Support http://developer.authorize.net Authorize.Net LLC 082007 Ver.2.0 Authorize.Net LLC (

More information