Operating Rules Flashcards
What entries do the NACHA rules apply to?
All entries transmitted through ACH Operators, unless exceptions are listed.
Can another association’s rules override NACHA rules?
Yes, if both banks agreed to be bound by those rules.
When do NACHA rules apply to U.S. government entries?
Only if the government agrees in writing under 31 C.F.R. Part 210.
Which rules take precedence — general or specific?
Specific rules override general rules.
Who can be an ODFI or RDFI?
Only a Participating DFI.
What must a Participating DFI do annually?
Conduct or have conducted an audit of its compliance with NACHA Rules.
Who must also do annual audits?
Third-Party Senders and Service Providers.
Can a DFI refuse to process a transaction?
Yes, if it believes doing so would violate U.S. law.
Who must conduct an annual NACHA rules compliance audit?
Participating DFIs, Third-Party Senders, and Third-Party Service Providers.
By when must the NACHA compliance audit be completed each year?
By December 31.
What is the purpose of the annual audit under NACHA rules?
To ensure compliance with NACHA Operating Rules.
Does the NACHA audit cover all company audits and regulations?
No, it focuses only on NACHA rules compliance.
What is the focus of the required annual audit under NACHA rules?
Compliance with all NACHA Operating Rules.
Does the NACHA compliance audit cover internal policies and regulatory requirements?
No, it only covers NACHA rules.
Is the audit limited to just some NACHA rules?
No, it must cover compliance with all NACHA rules.
What ACH tasks must a Third-Party Service Provider audit?
Only the ACH processing it performs for a Participating DFI or a Third-Party Sender.
What must a Third-Party Sender audit?
Its performance of ODFI responsibilities under NACHA rules.
Do audit requirements for ODFIs and RDFIs apply to third parties?
Yes, if the third parties are acting in those roles.
Who must direct the NACHA compliance audit?
An audit committee, audit manager, senior-level officer, or independent auditor.
Can a junior employee lead the NACHA compliance audit?
No, it must be someone qualified and authorized.
Who does this audit leadership requirement apply to?
Participating DFIs, Third-Party Service Providers, and Third-Party Senders.
Who can direct a NACHA compliance audit?
An external auditor or senior officer
Which of the following is not an acceptable person to lead a NACHA audit?
Intern
A NACHA audit must be led by someone with proper authority or expertise.
True
How long must audit documentation be retained under NACHA rules?
Six years from the date of the audit.
Who is required to keep proof of audit completion?
Participating DFIs, Third-Party Service Providers, and Third-Party Senders.
What kind of proof must be retained?
Documentation showing the audit was completed in compliance with NACHA Rules.
How long must NACHA audit records be retained?
6 years
What must a Participating DFI do after completing a NACHA audit?
Keep documentation for 6 years
Only ODFIs must retain audit records under NACHA rules.
False – It also applies to RDFIs, Third-Party Service Providers, and Third-Party Senders.
How many banking days does a Participating DFI have to respond to NACHA’s audit request?
10 banking days.
What must the Participating DFI provide to NACHA upon request?
Proof of audit completion for itself and any specified Third-Party Service Providers or Senders.
Who may NACHA request audit documentation for?
The Participating DFI, Third-Party Service Providers, and Third-Party Senders.
How soon must a Participating DFI provide audit proof after NACHA requests it?
10 banking days
Who may NACHA request audit documentation for?
Any combination of DFIs, Third-Party Senders, or Service Providers
NACHA can request proof of audit from Third-Party Service Providers directly.
False – They request it through the Participating DFI.
A Participating DFI has 10 banking days to respond to a NACHA audit documentation request.
True
What happens if a Participating DFI fails to provide required audit proof?
It may be considered a Class 2 Rules Violation.
Which NACHA appendix defines Class 2 violations?
Appendix Nine, Subpart 9.4.7.4.
Who must the DFI provide audit proof for?
Itself, and any relevant Third-Party Service Providers or Third-Party Senders.
What kind of NACHA violation can result from failing to provide audit proof?
Class 2
Under which appendix is the Class 2 violation described?
Appendix Nine
What is the time limit for an RDFI to bring a claim against an ODFI for a Consumer Account Entry?
2 years after the Settlement Date.
What is the time limit for Non-Consumer Account Entries?
1 year after the Settlement Date.
What is the exception to the 2-year limit for Consumer Accounts?
Debit Entries that settle within 95 calendar days of the first unauthorized Entry.
Which rules must the exception claim be based on?
Subsection 2.4.1.1 (Authorization Warranty) and 2.4.5.1 (Indemnity for Breach of Warranty).
How long does an RDFI have to file a claim for an unauthorized Entry to a Consumer Account?
2 years
An RDFI can still file a claim beyond 2 years if:
The Entry settled within 95 days of the first unauthorized debit.
What is the claim based on when invoking the 95-day exception?
Warranty breach and indemnity
RDFIs always have unlimited time to bring claims for unauthorized Entries.
False
The 95-day exception applies only to Consumer Account debit Entries.
True
Non-Consumer Account claims must be filed within 1 year.
True
What contact details must a Participating DFI register with NACHA?
Either named contacts (name, title, email, phone) or general department contact info.
How many contacts must be registered for each required area if using named contacts?
At least one primary and one secondary contact.
How soon must a DFI update contact info after a change?
Within 45 days.
How often must DFIs verify their registered contact info?
At least annually.
Who can access the contact info registered with NACHA?
Registered DFIs, ACH Operators, and Associations.
What is the contact info used for?
ACH operations, fraud, and risk management only.
How often must registered contact info be verified?
Annually
Who can use the registered contact information?
DFIs, ACH Operators, and Associations
DFIs must update contact info within 30 days of a change.
False – it’s 45 days.
Contact info must be monitored during business hours.
True
What two types of Network Administration Fees must DFIs pay?
An annual fee and a per-Entry fee.
Do fees apply to Entries exchanged outside of ACH Operators?
Yes
Who determines the Network Administration Fees?
NACHA’s Board of Directors.
Where are Network Administration Fee amounts published?
In the Schedule of Fees section of the NACHA Rules.
What are the two types of Network Administration Fees?
Annual and per-Entry fees
Who sets the fee amounts for Network Administration Fees?
NACHA’s Board of Directors
Do DFIs pay fees for Entries not processed by an ACH Operator?
Yes, if exchanged with another non-affiliated DFI
Per-Entry fees apply only when Entries are processed through ACH Operators.
False
The fee schedule is published as part of the NACHA Rules.
True
Who pays the Same Day Entry Fee?
The ODFI.
Who receives the Same Day Entry Fee?
The RDFI.
When is the Same Day Entry Fee applied?
For each Same Day Entry sent by or through the ODFI.
Who determines the amount of the Same Day Entry Fee?
NACHA staff, following Appendix Ten.
How is the fee distributed?
Through a system managed by NACHA.
What law governs credit Entries under NACHA Rules by default?
The laws of the State of New York.
What UCC article applies to credit Entries in this section?
Article 4A.
Can another state’s law apply instead of New York?
Yes, if there’s a separate agreement between the parties.
What happens if no agreement specifies another state’s law?
New York law governs the rules and obligations.
Which state’s law applies by default to NACHA credit Entries governed by UCC Article 4A?
New York
When can another state’s law apply instead of New York’s?
If agreed upon by the involved parties
Credit Entries under NACHA Rules are always governed by New York law.
False – They can be governed by another state’s law if agreed upon.
Article 4A of the UCC deals with credit Entries.
True
Who are the intended third-party beneficiaries under the NACHA Rules?
Participating DFIs, ACH Operators, and NACHA (including its board, committees, and panels).
Can an Originator or Receiver enforce NACHA Rules as a third-party beneficiary?
No
What type of rights are not granted to Originators or Receivers under these Rules?
Legal or equitable rights, remedies, or claims.
Which of the following is an intended third-party beneficiary under NACHA Rules?
A Participating DFI
What rights do Receivers have under Section 1.9?
None as third-party beneficiaries
NACHA’s Board and panels are included as intended beneficiaries.
True
Third-Party Service Providers can enforce the Rules as third-party beneficiaries.
False
What happens if a Participating DFI sues NACHA and loses or gets NACHA dismissed from the case?
The DFI must pay NACHA’s legal fees and costs.
What does Section 1.10 protect NACHA from?
Frivolous or baseless lawsuits filed by Participating DFIs.
Who is responsible for paying legal fees if NACHA wins a lawsuit brought by a DFI?
The Participating DFI that brought the lawsuit.
When must a Participating DFI pay NACHA’s legal fees?
If NACHA wins or is dismissed from the case
What is the purpose of Section 1.10?
To discourage unnecessary lawsuits against NACHA
NACHA must always pay its own legal costs, even if it wins a case.
False
A DFI that loses a case it brought against NACHA must cover NACHA’s attorney fees.
True
What triggers an Unauthorized Entry Fee?
A debit Entry returned for unauthorized reasons using specific Return Reason Codes.
Who pays the Unauthorized Entry Fee?
The ODFI pays it to the RDFI.
Does the Unauthorized Entry Fee apply to IAT debit Entries?
No.
How is the fee transferred?
Through a system managed by NACHA and ACH Operators using Fed accounts.
Name one Return Reason Code that results in an Unauthorized Entry Fee.
R05, R07, R10, R11, R29, or R51.
Who receives the Unauthorized Entry Fee?
RDFI
Which of the following Return Reason Codes qualifies for an Unauthorized Entry Fee?
R07 – Authorization revoked
How is the Unauthorized Entry Fee processed?
Settled through Fed accounts managed by NACHA and ACH Operators
Unauthorized Entry Fees apply to both domestic and international debit Entries.
False – IATs are excluded.
The ODFI is responsible for paying the Unauthorized Entry Fee.
True
Who determines the amount of the Unauthorized Entry Fee?
The staff of the National Association (NACHA).
How often is the Unauthorized Entry Fee amount reviewed?
Every 3 years.
What is one method used to determine the Unauthorized Entry Fee amount?
A survey of RDFIs to determine their incurred costs.
Why does NACHA survey RDFIs when setting the Unauthorized Entry Fee?
To ensure the fee reflects the actual costs RDFIs face.
Who is responsible for determining and reviewing the Unauthorized Entry Fee?
NACHA staff
How frequently is the Unauthorized Entry Fee reviewed?
Every 3 years
What is one factor used to determine the Unauthorized Entry Fee?
RDFI cost survey
The amount of the Unauthorized Entry Fee is based on a survey of RDFIs.
True
The Unauthorized Entry Fee is reviewed every 10 years.
False
How often is the Unauthorized Entry Fee reviewed?
Every 3 years.
What kind of institutions does NACHA survey to help set the Unauthorized Entry Fee?
A representative sample of RDFIs of different sizes.
Is the Unauthorized Entry Fee set above or below the average cost RDFIs incur?
Below the weighted average cost.
What is one goal of the Unauthorized Entry Fee?
To incentivize ODFIs to improve authorization practices.
What factor does NACHA consider when re-evaluating the fee?
The effect of the fee on Return rates.
What is the primary basis for determining the Unauthorized Entry Fee?
Survey of RDFIs
The Unauthorized Entry Fee must be set:
Below the weighted average RDFI cost
What is one goal of the Unauthorized Entry Fee?
Improve authorization/origination practices
NACHA sets the Unauthorized Entry Fee above RDFI costs to discourage ODFIs.
False
NACHA evaluates the fee’s impact on return rates.
True
The Unauthorized Entry Fee is reviewed every 5 years.
False – It’s every 3 years.
