Articles & E-Books


Why you should be prepared for NACHA’s “Meaningful Modernization”

Apr 21, 2021

Obtaining authorization for ACH payments and improving the consumer’s experience should be easier after September 17, 2021. 

The National Automated Clearing House Association (NACHA) approved five amendments to ACH rules that should reduce some of the barriers to using ACH and ease the authorization process for different channels and new technologies.

As a company or financial institution involved with ACH payments, changing your authorization process may benefit your customers and allow the use of more advanced technologies.

Below are some key concepts regarding the rule changes and items to consider.

What is a standing authorization?

NACHA has defined a “standing authorization” as an advance authorization by a consumer of future debits at various intervals. A few existing payment concepts will help to clarify the standing authorization.

Currently, ACH debits can be a single or a recurring payment. Single payments are a one-time payment and can be between parties with no prior relationship, such as when a product or service is purchased from a merchant. A single payment could also be when there is a relationship but the payment is not recurring. An example would be authorizing the payment of your credit card with a phone call for this month’s bill. 

Recurring payments are at a regular frequency and for the same or a similar dollar amount and do not require further action by the consumer, such as a monthly mortgage payment or gas bill.

A standing authorization will allow a consumer to authorize payments, but future debits will be initiated with further action from the consumer and can be initiated at different intervals. In contrast, recurring entries do not require further action and are at a regular interval.

NACHA will be allowing standing authorizations to be obtained in writing or orally, and individual future payments will be defined as “subsequent entries.” Subsequent entries may be initiated in any manner (via an internet/wireless network or phone call) as long as the method of initiating a future entry is disclosed in the standing authorization.

This will provide flexibility on the use of the standard entry class (SEC) code (Telephone-Initiated Entry - TEL or Internet Initiated/Mobile Entry - WEB) for future entries. The authorization requirements for TEL and WEB would not need to be met for future entries.

Now is a good time to take a look at your authorization processes, methods and form content to make any needed modifications and revisions to use the new standing authorization option. 

What is an oral authorization?

Under current rules, an oral authorization would be made with a phone call. After September 17, the change to the rules will now define and allow a verbal authorization to be obtained by methods other than a phone call. 

Communication has changed rapidly in the past year, and many of us are no longer using phone calls but rather communicating through an internet session and use of vendor software. NACHA is making this oral authorization change to better align with evolving technology. A business will be allowed to obtain a valid authorization verbally through any channel, which could be over the phone or other type of voice-related technology. The oral authorization requirements defined in the rules will need to be met for any channel used to obtain the authorization.

Oral authorizations obtained through an internet session will use the WEB SEC code and comply with any risk and security requirements of WEB entries.

Do your authorizations require revisions?

Clarity, flexibility and consistency are key components of the other authorization issues that are part of meaningful modernization. NACHA has reorganized general authorization rules to include standing authorizations and the broader definition of an oral authorization, as well as provided clear definitions for recurring and subsequent entries. 

Authorizations for consumer credit entries and nonconsumer entries can be made by any method allowed by law or regulation. Consumer debit entry authorizations must be in writing and signed or similarly authenticated. To provide for greater consistency, all authorizations must be “readily identifiable” and include “clear and readily understandable terms,” and consumer debit authorizations will be required to include minimum data elements.

Take a look at your existing authorizations to ensure they meet the readily identifiable and clear and readily understandable terms standards, and modify consumer debit authorizations to include the following:

  • Language regarding whether the authorization is for a single entry, multiple entries or recurring entries
  • The amount of the entry(ies) or a reference to the method of determining the amount of the entry(ies)
  • The timing (including the start date), number and/or frequency of the entries
  • The receiver’s name or identity
  • The account to be debited
  • The date of the receiver’s authorization
  • Language for how to revoke the authorization directly with the originator (including the time and manner in which the receiver’s communication with the originator must occur). For a single entry scheduled in advance, the right of the receiver to revoke the authorization must afford the originator a reasonable opportunity to act on the revocation prior to initiating the entry.

Do you need to provide proof of authorization?

Current rules require originators to retain proof of authorization. When a receiving depository financial institution (RDFI) requests a copy of the authorization, the originating depository financial institution (ODFI) must provide the copy within 10 banking days. 

Searching for and providing the authorization can be time consuming, and, depending on the amount of the related entry, it may be more cost effective to accept the return. As an alternative, an ODFI will be allowed to accept the return of the entry rather than providing proof of authorization. The RDFI will have 10 banking days to return the entry when the ODFI makes this choice. If the RDFI still needs proof of authorization for litigation or other reasons, they can make a second request, and the ODFI will need to provide the proof.

ODFIs should consider this option to help reduce costs and time for searching for authorizations.

Can a written statement of unauthorized debit (WSUD) be obtained electronically or orally?

While existing rules do allow for electronic records and signatures, they do not specifically state WSUDs can be obtained electronically. Many RDFIs are obtaining WSUDs on paper and requiring the account holder to wet sign the document. 

To clarify, NACHA has made rule changes to allow WSUDs to be obtained electronically or orally. With many financial institutions’ lobbies still closed and banking activities moving to the virtual environment, this change was needed to ease unauthorized return processing. 

This means a RDFI can accept an unauthorized entry claim orally, complete the WSUD electronically and have the account holder sign electronically. RDFIs will still need to be able to provide a copy of the WSUD when requested.

Wipfli can help

These rule changes should make it easier to use new technologies and methods for obtaining authorizations and WSUDs. 

To make these changes even easier for your company or financial institution, contact Wipfli’s team of ACH professionals to learn more on how to comply with these rule amendments.

Sign up to receive additional ACH and financial institutions information in your inbox, or continue reading on:

The final countdown: Third same-day ACH processing window is open
Faster is Better: What you need to know about Same Day ACH


Teresa M. Francis, CIA, AAP
Senior Manager, Internal Audit
View Profile
Deepening connections
See how we drove our clients' success — and our — in FY22.
Learn more