ACHA _ The Electronic Payments Association is getting tough on risk. It is floating a proposal to increase the cost to banks for transactions that pose the most risk for the network: those that are returned unauthorized and therefore considered fraudulent.

And NACHA wants the authority to suspend from the automated clearing house (ACH) network banks and/or third-party clients considered to be chronic offenders of its operating rules.

NACHA admits that fraud wasn't a huge problem for the ACH, historically. But as more consumer-oriented applications have been introduced - such as one enabling consumers to initiate ACH payments through Internet storefronts or over the telephone - unauthorized debit transactions have been on the rise.

NACHA claims the bulk of the problem transactions are entering the network from a relatively small group of financial institutions that aren't big players in the ACH. More than 10,000 financial institutions today originate payments through the ACH.

Yet, during a recent six-month period, just 16 banks were the origination points for 500-plus returns each month, according to NACHA. Nine of those banks were not among the top 25 originators on the network, NACHA wrote in a document laying out its latest rules proposals, "meaning their volume of returns is disproportionate to their origination activity."

The problem NACHA faces is that, unlike other payment systems, it doesn't have much enforcement muscle to put behind its rules. It can only take action against banks that violate ACH rules when it receives formal complaints from other involved parties.

Also, monetary fines are relatively modest and do not effectively deter violators. Even more troubling to some ACH mavens is the fact that NACHA doesn't have the authority to remove from the network organizations that persistently defy the rules.

The new proposal would strengthen NACHA's hand by establishing new procedures for staff to initiate rules violations procedures and financial institutions to respond to complaints about excessive returns.

The proposal also would create a new, escalating system of fines. And it calls for providing NACHA the authority to suspend financial institutions or third-party transaction originators found to be guilty of significant or chronic cases of unauthorized ACH activity.

Some companies using the ACH have expressed concerns about the proposals. "We're very concerned that this is an attempt by NACHA to effectively push third-party senders or processors out of the network and out of the business," one company complained in a recent e-mail to The Green Sheet.

As far as I can tell, nothing of the sort is on NACHA's agenda. A more accurate description might be that NACHA wants to place the ACH on a more equal footing vis-™-vis other payment solutions (like credit cards) in the battle against payments fraud.

As overseer of the ACH, it is NACHA's duty to erect obstacles to fraud, just as Visa U.S.A., MasterCard Worldwide and other card brands are responsible for protecting their brands.

Here's how Two Sparrows Consulting described the situation in a 2005 study commissioned by NACHA:

Other payment systems have more extensive categories of potential penalties and rules violations ... based on volume-related activities such as exception threshold level violations that automatically result in fines and penalties. ... [They also] have the ability to force a member to cease using [the] system should a violation or series of violations represent a persistent problem or grievous harm to the system.

(Two Sparrows is a management consulting firm led by Paul Tomasofsky, a longtime veteran of retail payment systems, including executive stints at Visa and NYCE Payments Network LLC, an ATM/POS debit network now owned by Metavante Corp.)

Changing with the market dynamics

When the ACH was created back in the 1970s, the primary objective was to move recurring payments (like paychecks and insurance premiums) to an electronic mechanism. These weren't particularly risky transactions since the originating companies typically had well-entrenched relationships with their banks.

Direct deposit and direct debit payment origination were services offered through banks' cash management sales departments.

As the ACH grew and the universe of payments cleared through this payment system expanded, corresponding risk parameters also changed.

Two types of transactions that weren't even conceived of when the ACH was created - Internet- and telephone-initiated transactions (WEB and TEL transactions in ACH speak) - accounted for better than 14% of transactions cleared through the network during the fourth quarter of 2006.

Based on preliminary data the ACH was used last year to clear about 2 billion payments that originated through telemarketers and Internet sites.

The card companies consider payments initiated through these channels prone to fraud and apply higher interchange rates as a result. And, when situations dictate, the card companies can cut off a merchant or processor responsible for excessive chargebacks.

NACHA is asking for similar authority. And it is seeking public comments by April 23 on a comprehensive set of proposals for enforcing network rules. The request for comment announcement can be found at www.nacha.org.

"The Network Enforcement rule proposal is intended to create economic incentives to encourage financial institutions that originate ACH payments that create the greatest risk and highest costs to [receiving institutions] to modify their behavior," NACHA wrote in an executive summary of the proposal.

Provisions of the proposal would require:

• Detailed reports from banks that exceed predefined thresholds for an acceptable number of ACH transactions returned as unauthorized

• Detailed plans for reducing return rates for unauthorized transactions involving originators/third parties that have been identified by NACHA as problem spots, within 30 days of a request from NACHA.

Failure to comply would be considered "willful disregard" for NACHA's rules.

NACHA also wants to raise the ceiling on fines for financial institutions that disregard the rules - to upwards of $100,000 per month per originator for three months and $500,000 a month thereafter.

Today the maximum fine NACHA can levy for violations of its rules is $10,000 per month per originator.

Patti Murphy is Senior Editor of The Green Sheet and President of The Takoma Group. E-mail her at patti@greensheet.com.