ACH Fraud Detection and Prevention  - Notebooks, barcode scanner, and tablet on a table

ACH Fraud detection and prevention

Sunday, January 19, 2014

Security professionals have recently found that ACH scammers tend to target small to mid-sized companies due to the lack of investment in cybersecurity and other fraud prevention measures. ACH fraud, though rare, is a topic that your business should be aware of so that crucial bank account information, customer data, and payment information can be protected. This article will define ACH and ACH fraud and the best steps businesses can take to prevent ACH fraud at your company.

What is ACH? 

Automated Clearing House (ACH) is a vast electronic network that enables various financial transactions to take place. ACH transactions can include direct deposit, payroll processing, transfers to and from bank accounts and other financial institutions, or electronic funds transfer between business accounts. ACH debit payments or ACH transfers may occur when consumers pay bills, such as their mortgage payment, phone charges, or utilities for their home. Similarly, ACH payments may include credit card payments for approved vendors. 

When electronic payments are initiated, they go through the ACH Network, which authorizes electronic fund transfers. The ACH Network processes account information (such as checking account data, account numbers, or routing numbers) to complete transactions for businesses, consumers, and all levels of government.

What is ACH fraud and how does it take place? 

Despite processing a large number of payments (24 million transactions in 2019), ACH fraud and ACH scams are relatively rare among a vast majority of payments. A study found that for every $10,000 that is processed, only 8 cents is captured by fraudsters. While this is low on a larger level, it is still critical for businesses to be aware of ACH fraud so that business owners can be on the lookout for any levels of risk or occurrence, particularly if your company is liable for the occurrence of ACH payment fraud. 

ACH fraud involves the intentional deception of a consumer or business to access or acquire funds. In the context of ACH, ACH fraud consists of the theft of funds occurring through the ACH payment network. Data and sensitive financial information can be accessed through the ACH Network through cyberattacks, email hacking, phishing, or impersonation (representing the account holder when they are not present). Fraudsters can access critical information through these scams, which enables theft of funds or identity theft for future scams. 

How do you prevent ACH fraud? 

Businesses can take several measures to detect and prevent ACH fraud from taking place at their business. Prevention tactics include both process-oriented strategies as well as technological safety tools. The most important prevention strategies for avoiding ACH fraud are outlined below. 

  • ACH freeze and fraud filter options. Consider adding an ACH freeze option for when unauthorized charges or withdrawals are initiated on your business account. ACH freeze solutions can be helpful with check fraud since the processing of this payment method can take 3-5 business days. Moreover, your financial institution may offer ACH fraud filter options so that only authorized vendors or approved parties can initiate payments from your account. 
  • ACH blocks. Implement ACH blocks so that for every transfer or transaction initiated, authorization or validation from the account owner will be required. This will help prevent fraudulent transactions with a regular check on all funds leaving the business account. 
  • One-time authorization. For one-time business transactions, you can grant certain companies, individuals, or parties one-time authorization for a payment request. In consideration of your employees, limit who may have access to the ACH system so that data accessibility is minimized. One-time authorizations may be most useful in preventing wire fraud so that only approved originators can make wire transfer requests. 
  • Never click suspicious links received via email. Links in emails can direct consumers or businesses towards malware that can infiltrate security systems on a device, releasing sensitive information to the fraudster. These types of emails are considered business email compromises (BEC). Additionally, all financial data and sensitive personal information should always be transmitted in a secure setting and, at minimum, on an encrypted and secure network.
  • Extra security on networks. Use strong passwords on your business accounts and change them frequently. For client login systems, use multi-factor authentication (MFA) for an extra layer of security for client account information. Fraudulent activity can be prevented when networks operate on the most secure platforms possible. 
  • NACHA Guidelines. Abide by the National Automated Clearing House Association (NACHA) Operating Rules to gain additional tips on fraud protection for your business, especially when it comes to online banking and an increased reliance on e-commerce activity. 

What is a fraud prevention system and how can it help?

A fraud prevention system at your company is designed to protect your assets and implement strategies to reduce any gaps or risks for scams that can threaten fund security. A fraud prevention system includes the strategies listed above with an ongoing effort to ensure protection at each point of business operations. 

The best fraud prevention system involves  coordinating your strategy with your financial institution or bank, and using ACH blocks, ACH freeze, or ACH fraud filter options. The benefits of implementing a fraud prevention system at your business include:

  • Standardizing expectations and protocols to occur during financial transactions, which minimizes errors and increases data protection. 
  • Minimizing losses through the prevention of unauthorized transactions. 
  • Having the peace of mind that your cash flows are protected, and your financial institution can support you to protect all assets. 
  • Saving the time and money that is lost when fraud and scams occur. 
  • Possible implementation of the Risk Verification Database (RVD) that will help evaluate the likelihood of specific transactions to process without return. 

Are you ready to incorporate a fraud prevention system at your business?

Heartland helps nearly 1,000,000 entrepreneurs make and move money, manage employees and engage customers with human-centered technology solutions that allow them to rise above the daily grind and lead their businesses into a brighter future. Learn more at