Upload
truongcong
View
218
Download
0
Embed Size (px)
Citation preview
ACH Origination:Effective Due Diligence & Onboarding
Melissa Giddens, CTP, AAP, NCP
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Agenda
» KYC: Know Your Customer» CYA: Cover Your Assets» Best Practices in Policies» Risk» Due Diligence» Credit / Prefunding» Onboarding (Sales / Workflow)» Client Support» Operational Considerations» Case Studies
2
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Know the Business
3
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Review ACH Policies» Define who you will bank?» Determine Risk Tolerance Levels for:
• Low Risk Originators• High Risk Originators• Prohibited Originators
» What types of SEC Codes will you allow?• PPD• CCD• WEB• TEL• Check Conversion
4
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Low Risk
» Payroll for most businesses• Not payroll companies
» B2B Payments• Manufacturing• Engineering
» Direct Payments• Property Management (HOA/Apartments)• Insurance• Most lending (Auto, Mortgage, Credit Card)
o Not Payday Lenders
5
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
High Risk
» Examples:• Credit Repair• Mail Order (telemarketing)• Payday Lending• Foreign Businesses (import / export)• Pawn Brokers• Precious Metal Dealers• Third Party Senders
6
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Prohibited
» Examples:*• Digital Content• Online Tobacco / Liquor Sales• Tax Shelters• Potentially Illegal Businesses
o Online Gamingo Marijuana Sales
• Any person or business under investigation• Any business where FI lacks expertise
o Understand the business and how it works!
7
*Examples used are for some FIs. Your FI may have a different risk tolerance.
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Originator Due DiligenceLet’s do some Research
8
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Originator Watch List (OWL)
» Identifies Originators and Third-Party Senders that meet certain risk criteria, but does not introduce or imply any prohibition.
» ODFIs are encouraged to consider this information as a part of their broader underwriting and risk management process.
» https://www.nacha.org/originator-watch-list
9
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Terminated Originator Database (TOD)
» Hosted by FIS» Voluntary reporting» NACHA Policy Statement» The Board of Directors encourages ODFIs to use a Terminated
Originator Database in the following ways:• ODFIs that have terminated an Originator or Third-Party Sender for cause
should populate the database with information from their experiences.• ODFIs should access the database prior to onboarding new Originators and
Third-Party Senders to learn about other ODFIs’ experiences with this company.• ODFIs should periodically check the database for their current Originators and
Third-Party Senders as these entities might be originating through multiple ODFIs and termination by other ODFI may be indicative of issues worthy of further review.
» https://www.nacha.org/Terminated_Originator_Database
10
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
The Basics
» General Customer Information• How long in business?• Could the business be impacted by the economy?• Other economic factors which could affect the company?Examples:
11
Business Line RiskAgriculture DroughtPrecious Metals FluctuationInvestment Firms Market Crash / Buyers Remorse
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Business Reports
» In addition to regular credit reports . . . » Better Business Bureau
• Negative reports / complaints?• http://www.bbb.org/
» Dun & Bradstreet• Paying bills on time?• http://www.dnb.com/
» Social Media – The New Tattle-Tale! • Angie’s List • Facebook • Yelp
12
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Reviewing Marketing Collateral
» Check the website• Does it advertise the products they claim to be selling?• Is there misleading advertising?• Are there ads for other businesses on the site?
13
At BB Industries, we sell medical supplies.
www.bbindustries.comGRILLS! GRILLS! GRILLS
Easy Financing! Bad Credit Ok!What they tell you What you find out
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Review Previous Statements
» Analysis statement available?• Total Origination• Total Returns
o Returns by type (if available)• Do Balances support Cash Flow?• Times NSF• Times / Duration Overdrawn• Are volumes consistent with type of business?
14
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Authorization Process
» Obtain copy of most current authorization» Request a sampling of existing authorizations» Determine how these are obtained
• PPD – Need signatures• WEB – Review website process• TEL – Do they have recordings?
» How are they storing authorizations?• What is the retention period?
o Must be 2 years following last settlemento 7 years for RCK
15
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Behind Closed Doors
» Onsite Inspection• Are terminals in a secure area?• Is sensitive data locked-up?• Do they conduct employee background checks?• Any AAPs?
o Who is the ACH expert?• Are data-breach procedures in place?
16
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Originator Self Management
» ACH Software Platforms & Processes• What software is being used?• Ability to monitor returns• Internal Risk Program• Annual Self Audits• Originating through another FI?
17
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Credit vs. Prefunding
18
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Credit Underwriting
» Based on ability to pay» Generally an unsecured line of credit» Established exposure limits over multiple settlement
dates» Risk of credit deterioration
• Regular monitoring required• Business Reports
» Some originators may not qualify» Funding / Settlement takes place on Settlement Date of
entries
19
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Credit Underwriting Policies
» Establish a policy for determining the total exposure limit:• Ex. Credit exposure is 110% of maximum file needs. • Ex. Debit exposure is 150% of maximum file needs.
o Weekly payroll origination: $100,000 maximum file X 110% = $110,000 total exposure
» Determine how to handle over-the-limit submissions• Who can approve and up to what amount?
» Ensure your credit team understands ACH risk • Include ACH language in your credit policy
20
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Credit Underwriting Policies
» What financials will you require for approval?• 3 years of audited financial statements• Personal guarantee• How will you handle start-ups?
» When will the approval expire?• Best Practice: Tie expiration to annual loan renewal
» How will you monitor?• Review origination history at annual loan renewal• Determine if existing limit is still suitable
» What about anomalies?• Annual bonuses
21
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Prefunding
» Credit Origination• Verifies available funds prior to transmitting file to ACH
Operator• Funds may be placed on hold or debited• Debit may take place on Presentment Date or on date file
is transmitted to ACH Operator• If debited, customer loses Earnings Credit• Consider transfer to bank-held (settlement) account
o What if funds are held & account is frozen by authorities after file is sent?
22
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Onboarding
23
All aboard!
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Workflow Process
24
Sales Implementation Training Customer Support
Ongoing Education & Maintenance
Establish your workflow process for onboarding a new originator:
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Sales Process
» Who can sell ACH services: • Treasury Sales Officers?• Treasury Assistants?• Branch Managers?
» How will internal team stay up-to-date on ACH rules?» Define a process for validating current origination
needs:• Does treasury sales officer sign off? Relationship
manager?• But… the customer is creditworthy!
25
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Case Study: Bank Prospect
» Originator: Retail Furniture Company• Sells furniture to consumers via in-house payment plans• Monthly payments for agreed upon period of time
» Gained authorization over the phone, but originated PPDs• No written or recorded authorization• No notification or confirmation to consumer• Used recurring TEL before it was allowed
» Resolution: Helped company become compliant before agreeing to transition their relationship• ACH Rules Book• Regional Payments Association
26
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Implementation
» What agreements will you require the client to sign?• Dedicated ACH Agreement or Treasury Management Master
Agreement• Should client sign-off on exposure limit or keep confidential?
» Determine system users, administrators, etc. • Dual approvals/administrators
o Define how to handle small businesses or one person shops
» Only setup SECs that customer actually uses» Develop check-back (call-back) procedures to ensure
accurate setup• Separation of duties
27
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Training
» Who will conduct client system training?• Dedicated treasury support team• In-person training
» Will you encourage prenotes?» Develop procedures for clients opting out of best
practices• Ex. During training, a client wants to opt out of dual
approval. Who can sign off on this?» Review how to view NOCs and Returns
• Explain how to action
28
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Customer Support
» Determine phone authentication procedures• Non-Public Personal Information
o Ex. Favorite restaurant or coloro Ex. First movie seen
» Who will client call with issues?• Dedicated support person• Branch Teller
» Customer communications:• System upgrades• New security parameters
29
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Education
» Will your FI provide a complimentary copy of the Corporate Rules book?• Purchase a hard copy book• Provide online access or CD• Another means?
» How will you ensure clients are aware of rules changes?• Ongoing training webinars• Lunch & Learns• Messaging through online banking
» Agreement language stating “originator agrees to follow ACH rules” is not good enough.
30
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Maintenance
» Perform annual treasury management relationship reviews:• Does client still need existing services?• Do they need additional services (e.g. adding WEB)?• Are they experiencing growth that could impact their
exposure limit?» Has there been company turnover?
• A need for supplemental training?• Is the former CFO still listed as an online administrator?
» ACH Audits• Determine how to ensure compliance on a periodic basis
31
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Case Study: Existing Customer – No ACH Origination
» Originator: Safety Equipment Company• Sells safety equipment nationally• Primarily B2B with limited P2P
» Relationship review uncovered 23 employees “begging” company for direct deposit• Thought it was cost prohibitive and too complex• Didn’t think accounting software could support paystubs
without a physical check» Resolution: Implementing ACH Origination (PPD) and ACH
Positive Pay
32
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Other Considerations
33
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Pricing
» How will you price your ACH offering?• Online Account Access Fees• One-time Setup Fees• ACH Monthly Fee• Per File Submitted Fee• Per Item Originated Fee• NOC or Return Fee• Suspended/Over-the-limit File Fee• Annual Audit Fee• Research Fee
34
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Processing
» How will you accept ACH files?• Creating templates through your online system• File Import• File Upload• Secure file transmission
o FTP » Will you have special security parameters in place for
files transmitted outside of your online system?• Ex. Can your FTP option support dual approval?
35
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Operational Considerations
» File Monitoring• Transaction amounts/volumes
» Out-of-Band Authentication• Phone/Fax• Cell Phone Callback
» File Scheduling• Ensures timely processing
o No missed payroll• Helps prevent Account Takeover
36
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Risk Monitoring
» Unauthorized Returns• NACHA 1% Rule• Deceptive Practices / Inferior Products
» Administrative Returns• Excessive No Account / Closed Account
o Could be phishing for account number• Disproportionate NSF/UCF
o Could be kiting
37
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Fraud Prevention
» Develop a call back procedure for verifying over-the-limit or atypical files• Don’t assume that the client originated the file
» Require waivers for clients opting out of best practices• Require dual approval• Require out-of-band authentication• Don’t let clients opt out of both
» Consider offering fraud prevention services:• ACH Debit Block• Filters• ACH Positive Pay
38
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Case Study: Existing Originator
» Originator: Local Manufacturing Company• Weekly payroll for 150 employees (PPD)• Bi-monthly vendor payments (CCD+)
» Submitted out-of-sequence file over their typical limits» Relationship Manager received notification
• “It’s a valued customer with a long-standing relationship. Approve the file.”
• Turned out to be fraud and the bank took a $300,000 loss» Resolution: Implemented call-back procedures to verify
over-the-limit files and setup file scheduling
39
© 2014 Western Payments Alliance. All rights reserved. No reproduction/distribution without prior written consent.
Questions?
40