ACH/RDC Risk Assessments
ACH Risk Assessments
If your organization is involved in ACH, an assessment of risk on all ACH receipt and origination activities is a requirement of the Nacha Operating Rules. You are also required to implement an ACH Risk Management Program on the basis of such an assessment, complying with the requirements of your regulators with respect to each. UMACHA has developed a comprehensive tool to help build your risk assessment. You can use the tool internally or UMACHA can come to your institution and complete the assessment.
UMACHA's Remote or On-Site ACH Risk Assessment Services
Let the professionals at UMACHA assist your organization's ACH risk assessment function and risk management program. We have the tools and expertise to ensure your assessment is complete and potential risks are identified, along with recommendations for controls to add to reduce risk.
For questions about the ACH risk assessment process, to request a quote for a remote or on-site ACH risk assessment, or to schedule a different UMACHA compliance service, please complete the Compliance Services Request Form and one of our Associate Directors of Compliance Services will reach out to your soon.
ACH Risk Assessments Not Performed By UMACHA
To assist your internal auditor with completing a thorough review of your risks and controls, or to help your staff implement an ACH risk management program, UMACHA offers consulting services and provides a number of educational webinars and workshops each year.
NOTE: Members can save on the ACH Audit Guide and ACH Risk Assessment Guide by purchasing both from our Publication Bundles area in the Online Store.
RDC Risk Assessments
The FFIEC released guidance for financial institutions regarding risk management of Remote Deposit Capture (RDC) in 2009 and the IT Examination Handbook was updated in 2010 to include additional risk management best practices regarding RDC, found in the Retail Payment System Handbook section. RDC is a Deposit Transaction Delivery System which allows a financial institution to receive digital information from deposit documents captured at remote locations. These locations could be one or many branches of your financial institution (Branch Capture), ATMs, domestic and foreign correspondents, commercial customers (Corporate or Merchant Capture), small businesses, and/or consumers. Within the past year, our resources and services have also been revised to include important considerations for mobile RDC programs as well.
If you are the person responsible for your financial institution's RDC program, then you need to know what examiners and regulators will be looking for. UMACHA is here to help! We have also developed a number of tools to identify areas of risk and we can help your institution determine the best ways to manage those risks, including an Image and RDC Guide containing sample agreements, policies and approval forms, along with our RDC Risk Assessment Guide.
If you would like to have UMACHA complete an RDC risk assessment service for your organization, please complete the Compliance Services Request Form and one of our Associate Directors of Compliance Services will reach out to your soon.
UMACHA also offers additional compliance services, including:
- ACH audits
- Third-Party ACH audit & risk assessments
- Wire transfer risk assessment & audit of internal controls