Please enable JavaScript to view the comments powered by Disqus.

We use cookies on our website to give you the best online experience. Please know that if you continue to browse on our site, you agree to this use. You can always block or disable cookies using your browser settings. To find out more, please review our privacy policy.

COVID-19 RESOURCES AND INFORMATION: See the Atlanta Fed's list of publications, information, and resources; listen to our Pandemic Response webinar series.

About


Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.

Comment Standards:
Comments are moderated and will not appear until the moderator has approved them.

Please submit appropriate comments. Inappropriate comments include content that is abusive, harassing, or threatening; obscene, vulgar, or profane; an attack of a personal nature; or overtly political.

In addition, no off-topic remarks or spam is permitted.

February 19, 2019

Acute Audit Appendicitis

My son came home from school the other day and told me that his friend’s kidney had "popped." With great concern and further investigation, I found out that his friend had suffered from appendicitis but had since recovered. Luckily, fifth grade boys and most of the human race can get along fine without an appendix. And, as it turns out, there is another type of appendix people can live without: Appendix Eight—Audit Requirements—in the NACHA Operating Rules. NACHA members recently voted to cut this part out.

But wait—don’t celebrate too soon. The change doesn’t eliminate the requirement to conduct an annual ACH rules compliance audit. Rather, members voted to modify "the Rules to provide financial institutions [FI] and third-party service providers with greater flexibility in conducting annual Rules compliance audits." Specifically, the change—which was effective January 1, 2019—affected the following areas of the NACHA Operating Rules:

  • Article One, Subsection 1.2.2 (Audits of Rules Compliance): Consolidates the core audit requirements described within Appendix Eight under the general obligation of participating DFIs and third-party service providers/senders to conduct an audit.
  • Appendix Eight (Rule Compliance Audit Requirements): Eliminates the current language contained within Appendix Eight; combines relevant provisions with the general audit obligation required under Article One, Subsection 1.2.2.

FIs and ACH payment processors must still conduct, either internally or outsourced, an annual audit of their compliance with the ACH rules each year. They also must retain adequate proof of completion for no less than six years and may, during that term, need to provide proof to NACHA or a regulator. And they will have to adjust their audit methodologies to ensure that they comply with all relevant rules rather than just rely on the former Appendix Eight checklist.

The new audit process necessitates a risk-based approach, which is a strategy regulators have been encouraging in recent years. With so many emerging technologies, products, and services in the payments industry, FIs and ACH payment processors can no longer take a one-size-fits-all approach for compliance. They also no longer have a single access point to ACH—rather, they must consider many access points when auditing for Rules compliance.

These institutions may not have previously had to take into account other areas that touch payments. For example, the risk-based audit doesn’t explore just the deposit operations department; it analyzes how the whole enterprise interacts with ACH systems. Additionally, it may need to include loan operations, online account opening, person-to-person (P2P) products, investment management, and other new digital channels.

Life without Appendix Eight will be an adjustment, but its removal won’t be fatal. I think ACH participants will recover quickly and be even healthier—embracing the new risk-based compliance model will likely strengthen enterprise risk management and promote increased safety and stability in our payment systems.

Photo of Jessica Washington By Jessica Washington, AAP, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

 

March 5, 2018

Webinar to Explore Faster Settlement and Funds Availability

"I'd gladly pay you Tuesday for a hamburger today." Have you ever thought of this comical catchphrase, spoken by the character J. Wellington Wimpy in the long-running comic strip Popeye, when you hear conversations about faster payments? Hamburgers and jokes aside, there are important considerations for getting paid tomorrow for an agreement or exchange made today. That's why the main ingredient to faster payments is settlement.

Settlement provides the decisive transfer of funds between participants. In today's world, we want everything fast, especially money owed to us. A business that waits two to four days for an ACH transaction to process may be waiting too long. The ACH network has recently expedited settlement and now funds availability. Effective March 16, 2018, phase 3 of Same-Day ACH will roll out, making ACH funds availability faster than ever. However, there are still options and business cases that influence how services might be made available to participants. After all, a faster settlement is more than a credit risk discussion.

The Atlanta Fed's Retail Payments Risk Forum is hosting a Talk About Payments (TAP) webinar to discuss the new faster funds availability that Phase 3 of Same-Day ACH will usher in.

The TAP discussion will explore opportunities this faster payment option makes available, along with risk considerations. We encourage financial institutions, retailers, payments processors, law enforcement, academics, and other payments system stakeholders to participate. Participants will be able to submit questions during the webinar.

The TAP webinar—titled "A New Faster Payment Settlement"—will take place on Wednesday, March 14, from 1 to 2 p.m. (ET). Participation in the webinar is complimentary, but you must register in advance at the TAP webinar web page. After completing registration, you will receive a confirmation email with all the log-in and toll-free call-in information.

We hope you will join us for our next TAP webinar March 14.

Photo of Jessica Washington By Jessica Washington, AAP, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

August 14, 2017

Extra! Extra! Triennial Payments Data Available in Excel!

In countless old black-and-white movies, street newspaper vendors would shout out the latest sensational news from hot-off-the-press special editions. The Fed is no different in that we want to shout out that it is no longer necessary to mine the PDF-based Federal Reserve Payments Study report to extract the study's data. For the first time, we are offering our entire aggregated data set of estimated noncash payments in an Excel file. The report accompanying the data is here.

The data set is very rich and covers the following categories:

Accounts and cards
Private-label credit processors
Checks Person-to-person and money transfer
ACH Online bill pay
Non-prepaid debit Walk-in bill pay
General-purpose prepaid Private-label ACH debit
Private-label prepaid issuers & processors Online payment authentication
General-purpose credit Mobile wallet
Private-label credit merchant issuers  

Here is another table that is just one extract from the non-prepaid debit card portion of the extensive payments data available.

To get a taste of what this data can teach us, let's look closer at the cumulative volume distribution by payment dollar value threshold for non-prepaid debit cards (the data are shown above) along with general-purpose credit cards. The number and value of both types of payments grew substantially from 2012 to 2015, the last two survey periods. The chart compares these distributions, showing more vividly how this growth affected the relative proportions of payments of different dollar values.

Chart-two

For example, debit card payments below $25 accounted for 59.1 percent of all payments in 2012 versus 61.8 percent in 2015—evidence that debit card purchases are migrating to lower ticket amounts. The trend is even more dramatic over the same time span for general-purpose credit cards.

Because this is a distribution, increases in the relative number of small-value payments must be offset by decreases in the relative number of large-value payments. Unfortunately, our previous survey capped the payment threshold at $50 in 2012. Otherwise, we would see the dashed 2012 lines crossing over the solid 2015 lines at some payment value threshold above $50. In brief, the results suggest cash payments are continuing to migrate to debit cards, while credit cards may be garnering some share at the expense of both cash and debit cards.

The challenge is on for you data analysts out there. Please share your findings.

Photo of Steven Cordray  By Steven Cordray, payments risk expert in the Retail Payments Risk  Forum at the Atlanta Fed

August 7, 2017

Are Business Payments Directories Coming to the Fore?

Financial institutions (FIs), service providers, and particularly businesses have been dreaming of a ubiquitous payments directory for business-to-business (B2B) payments over the last five years or so. Payments directories give payers the ability to quickly look up accurate account and routing information to originate payments of all types to payees. Directories reduce friction and time needed to efficiently and accurately make payments and accelerate the transition away from checks.

That the dream is getting closer to reality became obvious to me in April, when I attended a NACHA Payments Conference that included the panel discussion "Can a B2B Directory Service Advance e-Payments?" Significantly, one of the panelists was the chair of the Business Payments Directory Association (BPDA), a nonprofit initiative to advance an open, nonproprietary B2B directory for small and large businesses. The independent BPDA has the support of the Business Payments Coalition comprising banks, industry associations, service providers, and businesses.

Businesses wanting to pay other businesses have a variety of payment instruments to choose from—check, ACH credit, wire, and card—with consequential differences among them such as costs, payment reconciliation, and funds availability. Though ACH has made significant inroads into B2B payments, particularly for large businesses, checks are still the fallback payment method when payers are not sure if the payee is willing to accept anything else. Checks are still widely accepted, and attaching associated remittance information with the check is straightforward. The ease of paying by check contrasts with the potential difficulty of determining whether the payee is willing to accept electronic payments and of getting accurate account and routing information.

Essentially, any B2B directory should contain all the information a payer needs to specify the payee’s payment account and route the payment electronically. Typically, directories by themselves do not clear and settle payments. The idea behind the BPDA initiative is that each payee in the directory is provided an electronic payment identity (EPI). That EPI uniquely identifies a payee and supports multiple payment accounts. It also specifies the payee’s preferred way to be paid, the type of remittance information needed, and preferred remittance delivery methods. A payee owns its EPI, which is portable across multiple subdirectory providers. As envisioned, a central node would link multiple subdirectories containing EPIs, each managed by a subdirectory provider that validates payee information so that it can be trusted. Subdirectory providers can include FIs, service providers, and payment networks. All of this is managed by the BPDA that sets rules, credentials subdirectory providers, payees and payers, and oversees the central node.

The image illustrates the process. Payers query the system to retrieve account and routing information from payees. They can then use this information to originate a payment through existing payment rails.

Chart-one

The BPDA lists several advantages of this approach, including these:

  • Payees can centrally communicate preferred payment methods and the information needed to effect payments by payers.
  • Payers can centrally retrieve accurate payee payment and remittance content and delivery preferences.
  • Friction for noncheck payments between payees and payers is reduced.
  • Minimizes misdirected payments.

One lingering concern about having a centralized directory is the risk that fraudsters could gain access to account numbers of large businesses for producing counterfeit checks or unauthorized transactions. In addition to the need for robust credentialing, one mitigant the system offers is that account information can be made private and restricted to specific payers.

It will be interesting to see how this nascent service shakes out given hurdles in governance framework, garnering industry support, developing a funding model, and, of course, getting businesses to enroll and participate. What are your views on the future of B2B directories?

Photo of Steven Cordray  By Steven Cordray, payments risk expert in the Retail Payments Risk  Forum at the Atlanta Fed