What is an Automated Clearing House (ACH)?
Automated Clearing House (ACH) is a system for digital money transfers from a sender bank to a receiver, established in the middle of the 1970s in the US. is used for electronic funds transfer (EFT) and is regulated by Nacha. It represents more than 10,000 financial institutions, and by enabling more than 29 billion electronic financial transactions, ACH transactions represented over $72.6 trillion in 2021. It mediates transfers of businesses, states, and individuals and includes payment services such as tax payments and returns, direct deposits like payroll, and consumer bills. It allows easier, cheaper, and more efficient transfers. With recent developments, the ACH system was improved to provide the completion of the truncations on the same day. Besides, many loan services in the ACH take only two days.
On the other hand, internal systems of financial service institutions may cause some difficulties for individuals. For example, banks may have limitations on the amount of money to transfer in a transaction or charge fees for each transaction. Also, it only works for transactions within the US and cannot mediate international activities.
What is ACH Fraud?
In general, the network provides a safe and efficient transaction field. However, fraudsters may use this system for illegal financial activities. According to surveys, ACH fraud is using the system to steal funds, money laundering, or any other kind of illicit network use. During 2021, ACH fraud increased to 37% for debits and 24% for credits. It has been mentioned as one of the most susceptible types, alongside checks that increased 66% in 2021. This can be happened by different methods. These are cited as the most common scenarios that resulted in ACH fraud in the survey:
- Companies are shifting checks to digital, and with that shift, organizations may also need to make sure the policies and procedures for identifying ACH debits promptly remain in place.
- Conducting daily reconciliations rather than monthly
- Utilization of ACH debit filters/debit blocks
- Updating company IDs for filters on a timely basis
- Holding an independent review of the processes done by internal audit
On the other hand, the survey states that the number of companies that experienced fraud attacks in 2021 was less than that in 2020. Actually, this percentage has had a declining trend since 2018. As you can analyze in the table below, the ratio decreased from 82% to 71% in four years, in contrast to the rise between 2013 and 2018.
The size of the company is an important feature that affects the vulnerability and openness against fraud of an organization. According to the survey, smaller companies are attempted less than larger ones in terms of revenue.
After the Covid-19 pandemic, remote work became the new normal of many institutions to protect social distancing among employees. However, it is an object of curiosity how it influences companies' fraud ratios and susceptibility. C-levels and managers mostly believe that remote working has a negative impact on the issue, whereas the employees disagree with them. The point here everyone should keep in mind is that there has been a general increase in fraudsters' activities since the pandemic began. Because of the rise in digital payment systems and online operations, companies have become more open to these kinds of attacks.
Who is at risk?
The key is the cyber security system of the organizations. Although larger companies experience more attacks, small or middle size entities (SMEs) are affected more if they get one. This is because corporate firms can invest more in cyber security with their larger budgets and protect companies effectively against fraudsters, whereas SMEs generally have no comprehensive security programs.
On the individual scale, there are some indicators to determine the risk level, such as age, income level, the usage rate of online channels, or financial activity volume like getting a bank loan or number of money transfers. Older people are more vulnerable to fraud attacks even though they use online channels at a minimum level. Since they have less familiarity with the systems or have limited usage experience of digital channels, the possibility of a successful fraud attempt increases. In addition, people who need urgent money are among the most targeted group for attacks. Hackers and impostors follow financial activities like loan applications to catch them.
How to prevent ACH Fraud?
ACH Fraud can result in a lot of financial damage and in the end, loss of reputation and customers. Also, the companies are obliged to cope with heavy legislative processes. Therefore, preventing these kinds of threats is easier before they become real problems.
Awareness is the first step to decrease ACH fraud and financial damage. After that being ready and taking precautions can protect companies.
These are some suggestions to prevent ACH fraud:
- Educate your staff about ACH fraud, its detection, possible methods, and how to prevent it
- Educate your customer; small marketing activities can be effective
- Alert related employees and customers immediately if there is a suspicious activity detection
- Invest more in cyber security system
- Have a robust KYC procedure and verify the given information
- Have multi-factor digital identity authentication
- Implement Know Your Vendor procedures
- Use an up-to-date security system
Nevertheless, high-risk customers must always be under close surveillance to decrease the risks. Therefore, detection and regular screening of them are among the crucial steps. Also, abnormal activities can be examined as suspicious ones. This highlights the importance of transaction monitoring.
Sanction Scanner Solutions Against ACH Fraud
Sanction Scanner is an AI-first software provider that offers solutions to combat financial crime, terrorist financing, and fraud globally. AML screening tool is a beneficial option to reduce the risk of ACH fraud mediating by your company. The product screens customers' personal identity information in sanction lists, watchlists, and PEP data. The lists include more than 3000 data sources to catch people you want to avoid doing business with. Additionally, you can detect abnormal activities of your customers or fraudsters that use your customers' accounts or information.