Business Solutions Center
Security Center


Home Resources Security Center ACH Fraud Protection

ACH Fraud Protection

ACH Fraud Protection

Fraud can strike any business, and the results can be disastrous in terms of monies lost. Fraud committed against company bank accounts most often occurs by writing unauthorized checks, through wire fraud, or through ACH fraud. Fortunately, when it comes to ACH fraud, there are simple steps you can take to protect your business.

What is ACH Fraud?

Before we jump into those steps, let’s cover some foundational information. First, ACH stands for Automated Clearing House, a nationwide electronic funds-transfer system that provides for fund-transfers between banks and other financial institutions. The Federal Reserve and Electronic Payments Network serve as overseers for the ACH network. The ACH network has made transferring funds between financial institutions and their customers easy and rapid; sadly, the system has also made it possible for companies to fall victim to ACH fraud.

ACH fraud occurs when an account is accessed for unauthorized ACH payments or withdrawals. While a variety of tools are available, a criminal can commit ACH fraud by having access to just two pieces of information: your business checking account number and your bank routing number.

With that information in hand, a criminal can use those numbers to make a payment for goods or services, either by phone or online. The most common ACH fraud attempts are misrepresentation of a business and unauthorized use of business bank accounts. By the time you realize what has happened, the criminals have often disappeared - leaving you to clean up the financial mess.

Preventing ACH Fraud

Fortunately, guarding against ACH fraud is easy. Here are three simple methods:

  • ACH blocks. The simplest and arguably best way to prevent ACH fraud is to place a block on all your accounts. The block will not automatically reject transactions; in each case you will be required to review and approve the transaction before it can be completed. In short, an ACH block eliminates the possibility of automatic or non-reviewed transactions.
  • Authorized-user list. If you have transactions that will occur on a regular basis with a finite list of other parties, you can create an authorized-user list. You can also specify dollar amounts or limits, date ranges, and recurring or one-time use. If a request is received from a company not on the list (or falling outside the other parameters you set) the transaction is rejected or placed on hold for you to review.
  • One-time authorization. A one-time authorization is just that: you authorize a single transaction by providing the company identification information and amount of that transaction. The bank verifies the transaction with the information you provide and processes that transaction but no others.

Setting up an effective ACH fraud prevention system with your bank provides a number of benefits:

  • Errors are minimized since fraud-control tools identify transactions that do not meet your pre-established criteria and also identify misrouted transactions or incorrect dollar amounts.
  • Losses are minimized since you can prevent unauthorized transactions before they take place.
  • Cash flow is improved while security risks decrease.
  • Preventing losses saves time and effort associated with recovering those funds.

In short, you can enjoy the benefits of ACH transactions while keeping your company safe from fraud.

Additional Fraud Prevention Measures

But don't stop there. You can also set up internal controls to prevent fraudulent behavior by your employees. For example, one effective way to control the transfer of funds is to create a "dual control" system: one employee initiates a payment or debit transaction, and another approves the release or acceptance of that transaction. That way, no one person is in control of the overall process. (Putting a system of checks and balances in place makes sense for any financial function.)

Additionally, you should make sure that the computers used to store or access financial information - including ACH transactions - are free from viruses and malware. Use strong passwords, change passwords often, and limit the use of your ACH system to those individuals who need to use the system. One of the best ways to prevent internal fraud is to limit the number of employees who are in a position to commit fraud.

The information included on this website is designed for informational purposes only. It is not legal, tax, financial, or any other sort of advice; nor is it a substitute for such advice. The information on this site may not apply to your specific situation. We have tried to make sure the information is accurate, but it could be outdated or even inaccurate, in parts. It is the reader's responsibility to comply with any applicable local, state, or federal regulations, and to make their own decisions about how to operate their business. Nationwide Mutual Insurance Company, its affiliates, and their employees make no warranties about the information, no guarantee of results, and assume no liability in connection with the information provided.