By Melody Lashmar - The Invention of Lying is a great flick if you haven't seen it. I think it captures the reality of today’s payment landscape. Those that make the rules, do so in the perceived environment of the consumer being truthful.
This mindset is apparent when examining the rules and regulations for the ACH network. The rules are very clear with nearly everything they define. However, there is one element of a transaction for which there is no accountability. This oversight would be the person who enters the transaction information into the website.
At first glance you would not notice this oversight because the rules are very clear that a payment transaction has the following parties: a Receiver (consumer), an Originator (merchant), an ODFI (the merchant’s bank), an operator (Federal Reserve), an RDFI (the receiver’s bank) and a Receiver (the bank account holder). Can you see it now? I'll give you a hint… Receiver is there twice. Yes, the Receiver is both the consumer and the account holder. This initially seems reasonable. In what society would someone who does not have signing authority on an account use that account information online? It just wouldn't happen in this day and age, would it? Nah, I don't think so… well, perhaps once in a while but not at any rate that would really be worth considering for further examination, right? WRONG! This is a known issue that just keeps getting ignored and as a result, keeps getting worse.
What's worse is that whenever you write a check instead of initiating an ACH payment, you provide all the information necessary to get that transaction through the ACH network. That check contains, your name as it appears on the account, your address, your bank account number and your bank's routing number. As a business you probably send out many checks a month. It would be wise to talk to your bank about ways to lock down your account from unauthorized debits. By using ACH payments, your account information is completely unknown to the people you are paying.