• Home
  • NEW Nacha Operating Rules Changes for 2024, 2025 and 2026 PLUS Ops Bulletin #1-2025

NEW Nacha Operating Rules Changes for 2024, 2025 and 2026 PLUS Ops Bulletin #1-2025

Each participant in the ACH Network is required to follow the Nacha Operating Rules and be compliant with the Rules expanding the use of Return Reason Code R17 (10-01-2024) and Return Reason Code R06 (04-01-2025) to help with potential ACH transactions that could be initiated in instances of fraud. Another way to combat fraud is allowing additional “funds availability exceptions” and adding time guidelines for the RDFI when it comes to the WSUD and returning unauthorized transactions timely. Effective March 20, 2026 – Phase 1 for Risk Management (part of a larger package) to help reduce the incidence of successful fraud attempts and improve recovery of funds:Fraud Monitoring by Originators, Third-Party Service Providers/Third Party Senders, and ODFIs; andACH Credit Monitoring by RDFIsEffective March 20, 2026 – Standardization of Company Entry Descriptions (also part of Risk Management):Standardizing the use of Company Entry Description can help participants in the ACH Network to identify, monitor, and count the volume of payments for specific purposes; (thus helping to manage ACH Risk)The two new defined Company Entry Descriptions PAYROLL and PURCHASE (all UPPER Case)PLUS -- Effective on June 19/22, 2026 – Phase 2 for Risk Management is a continued part of a larger Risk Management package (Rules Changes) to help reduce the incidence of successful fraud attempts and improve the recovery of funds. Included in this portion of the Risk Management Rule amendments are:Fraud Monitoring by Originators, Third-Party Service Providers/Third Party Senders and ODFIs (for all non-Consumer Originators, TPSPs, and TPSs that did not fall under the requirement threshold for Phase 1); andACH Credit Monitoring by RDFIs (for all RDFIs that did not meet the threshold requirement for Phase 1).Areas Covered Effective on Oct 1, 2024 and April 1, 2025, are Rules changes as part of a larger Risk Management package intended to reduce the incidence of successful fraud attempts and improve the recovery of funds after frauds have occurred. Included in this portion of the Risk Management Rule amendments are:Codifying Expanded Use of Return Reason Code R17Expanded Use of ODFI Request for Return/R06 (April 1, 2025)Additional Funds Availability ExceptionsTiming of Written Statement of Unauthorized Debit, andRDFI Must Promptly Return Unauthorized Debit Fraud Monitoring – for ODFI, Originators, TPSP, and TPS PLUS Credit Monitoring – for RDFI (Phase 1) Describe which participant is affected and what parts of the Rule applies to whom and outlining the threshold limits for each.Define what’s changing with “commercially reasonable fraud detection system.”Provide details on the next level description of requirements – i.e., “reasonably intended to identify…” (including the requirements that apply “to the extent relevant to the role the entity plays.”)Outline how the Rule allows an ODFI to expressly consider steps other participants in origination are taking to monitor for fraudList other parts of the Rule relating to monitoring.Identify the requirement of an “at least annual” review of processes and procedures.Standardization of Company Entry DescriptionsDescribe “when” to use the NEW “PAYROLL” and “PURCHASE” as the NEW Company Entry DescriptionsIdentify the IMPACTS and BENEFITS to the participants involved in this change to formatting.Fraud Monitoring – by Originators, TPSP and TPS PLUS Credit Monitoring – for RDFI (Phase 2)Define which participants are affected and what parts of the Rule applies to whom (the parties who didn’t meet the first threshold)Examples used throughout the presentation will help identify the “meaning” of these new Nacha Operating Rule amendments.Who Should Attend Financial Institution Professionals (New/Current Ops Staff)Third-Party ProcessorsOriginating CompaniesBanking Operations Managers and StaffCompliance and Risk ProfessionalsTreasury Management ProfessionalsAspiring and Current AAPs (Accredited ACH Professionals)Banking Managers/ SupervisorsAudit and Compliance Personnel / Risk ManagersWhy Should You Attend To remain in compliance with the Rules, participants in the ACH network need to ensure they are up to date on recent changes and newly approved amendments to the Rules. Beginning with discussion on the 2024 Rules changes on expansion of Return Reason Code R17, allowing additional exceptions for funds availability and improving the unauthorized Return process for the RDFI, then moving on to the Rule Amendment carried over from 2024 into 2025 on expanding the use of Return Reason Code R06 and creating a communication avenue between the ODFI and RDFI to help improve our ACH risk program. The Risk Management topics will improve recovery of funds in fraud situations (after the Fraud has occurred), there are two phases – Phase 1 outlines everything as part of the Risk management package including the threshold for the first group of participants that need to comply. Phase 2 outlines the participants that did not meet the first threshold, and their obligation to meet these Risk Management Rule amendments. These are a NEED to KNOW! Your ACH Risk process is changing for BOTH the ODFI and RDFI! Register Today to ensure YOUR compliance with the NEWEST Rues in 2024 and 2025, PLUS the UPCOMING 2026 updates to the Nacha Operating Rules!!Topic BackgroundEffective Oct 1, 2024 – Amendments to the Rules included Risk Management Topics, such as "Expanded use of Return Reason Code R17”; “funds availability exceptions" and "Unauthorized Return changes for the RDFI with timing of the WSUD and returning unauthorized transactions".Effective April 1, 2025 – An Amendment carried over from 2024 includes the “Expanded use of Return Reason Code R06” Effective March 20, 2026, two Rule amendments (Fraud Monitoring – Phase 1) – monitoring for Faud (as part of a larger Risk Management package) intended to reduce the incidence of successful fraud attempts and improve the recovery of funds after frauds have occurred. Plus, two additional Rule amendments on standardizing Company Entry Descriptions (also part of Risk Management, relating to Fraud) become effective on March 20, 2026.Effective June 19/22, 2026, two more Rule amendments (Fraud Monitoring Phase 2), also related to monitoring for fraud become effective on June 19/22, 2026, (as part of a larger Risk Management package) intended again to help reduce the incidence of successful fraud attempts and improve the recovery of funds after frauds have occurred. A NEW “Operations Bulletin” issued by Nacha on June 3, 2025, where Nacha is encouraging the use of Same Day processing windows for Returns, will be discussed during this session!

Each participant in the ACH Network is required to follow the Nacha Operating Rules and be compliant with the Rules expanding the use of Return Reason Code R17 (10-01-2024) and Return Reason Code R06 (04-01-2025) to help with potential ACH transactions that could be initiated in instances of fraud.  Another way to combat fraud is allowing additional “funds availability exceptions” and adding time guidelines for the RDFI when it comes to the WSUD and returning unauthorized transactions timely. 

Effective March 20, 2026 – Phase 1 for Risk Management (part of a larger package) to help reduce the incidence of successful fraud attempts and improve recovery of funds:

  • Fraud Monitoring by Originators, Third-Party Service Providers/Third Party Senders, and ODFIs; and
  • ACH Credit Monitoring by RDFIs

Effective March 20, 2026 – Standardization of Company Entry Descriptions (also part of Risk Management):

  • Standardizing the use of Company Entry Description can help participants in the ACH Network to identify, monitor, and count the volume of payments for specific purposes; (thus helping to manage ACH Risk)
  • The two new defined Company Entry Descriptions PAYROLL and PURCHASE (all UPPER Case)

PLUS -- Effective on June 19/22, 2026 – Phase 2 for Risk Management is a continued part of a larger Risk Management package (Rules Changes) to help reduce the incidence of successful fraud attempts and improve the recovery of funds. 

Included in this portion of the Risk Management Rule amendments are:

  • Fraud Monitoring by Originators, Third-Party Service Providers/Third Party Senders and ODFIs (for all non-Consumer Originators, TPSPs, and TPSs that did not fall under the requirement threshold for Phase 1); and
  • ACH Credit Monitoring by RDFIs (for all RDFIs that did not meet the threshold requirement for Phase 1).

Areas Covered 

Effective on Oct 1, 2024 and April 1, 2025, are Rules changes as part of a larger Risk Management package intended to reduce the incidence of successful fraud attempts and improve the recovery of funds after frauds have occurred. Included in this portion of the Risk Management Rule amendments are:

  • Codifying Expanded Use of Return Reason Code R17
  • Expanded Use of ODFI Request for Return/R06 (April 1, 2025)
  • Additional Funds Availability Exceptions
  • Timing of Written Statement of Unauthorized Debit, and

RDFI Must Promptly Return Unauthorized Debit Fraud Monitoring – for ODFI, Originators, TPSP, and TPS PLUS Credit Monitoring – for RDFI (Phase 1) 

  • Describe which participant is affected and what parts of the Rule applies to whom and outlining the threshold limits for each.
  • Define what’s changing with “commercially reasonable fraud detection system.”
  • Provide details on the next level description of requirements – i.e., “reasonably intended to identify…” (including the requirements that apply “to the extent relevant to the role the entity plays.”)
  • Outline how the Rule allows an ODFI to expressly consider steps other participants in origination are taking to monitor for fraud
  • List other parts of the Rule relating to monitoring.
  • Identify the requirement of an “at least annual” review of processes and procedures.

Standardization of Company Entry Descriptions

  • Describe “when” to use the NEW “PAYROLL” and “PURCHASE” as the NEW Company Entry Descriptions
  • Identify the IMPACTS and BENEFITS to the participants involved in this change to formatting.

Fraud Monitoring – by Originators, TPSP and TPS PLUS Credit Monitoring – for RDFI (Phase 2)

  • Define which participants are affected and what parts of the Rule applies to whom (the parties who didn’t meet the first threshold)

Examples used throughout the presentation will help identify the “meaning” of these new Nacha Operating Rule amendments.

Who Should Attend    

  • Financial Institution Professionals (New/Current Ops Staff)
  • Third-Party Processors
  • Originating Companies
  • Banking Operations Managers and Staff
  • Compliance and Risk Professionals
  • Treasury Management Professionals
  • Aspiring and Current AAPs (Accredited ACH Professionals)
  • Banking Managers/ Supervisors
  • Audit and Compliance Personnel / Risk Managers

Why Should You Attend 

To remain in compliance with the Rules, participants in the ACH network need to ensure they are up to date on recent changes and newly approved amendments to the Rules. 

Beginning with discussion on the 2024 Rules changes on expansion of Return Reason Code R17, allowing additional exceptions for funds availability and improving the unauthorized Return process for the RDFI, then moving on to the Rule Amendment carried over from 2024 into 2025 on expanding the use of Return Reason Code R06 and creating a communication avenue between the ODFI and RDFI to help improve our ACH risk program. The Risk Management topics will improve recovery of funds in fraud situations (after the Fraud has occurred), there are two phases – Phase 1 outlines everything as part of the Risk management package including the threshold for the first group of participants that need to comply.  Phase 2 outlines the participants that did not meet the first threshold, and their obligation to meet these Risk Management Rule amendments.  These are a NEED to KNOW!  Your ACH Risk process is changing for BOTH the ODFI and RDFI!  Register Today to ensure YOUR compliance with the NEWEST Rues in 2024 and 2025, PLUS the UPCOMING 2026 updates to the Nacha Operating Rules!!

Topic Background

Effective Oct 1, 2024 – Amendments to the Rules included Risk Management Topics, such as "Expanded use of Return Reason Code R17”; “funds availability exceptions" and "Unauthorized Return changes for the RDFI with timing of the WSUD and returning unauthorized transactions".

Effective April 1, 2025 – An Amendment carried over from 2024 includes the “Expanded use of Return Reason Code R06” 

Effective March 20, 2026, two Rule amendments (Fraud Monitoring – Phase 1) – monitoring for Faud (as part of a larger Risk Management package) intended to reduce the incidence of successful fraud attempts and improve the recovery of funds after frauds have occurred. 

Plus, two additional Rule amendments on standardizing Company Entry Descriptions (also part of Risk Management, relating to Fraud) become effective on March 20, 2026.

Effective June 19/22, 2026, two more Rule amendments (Fraud Monitoring Phase 2), also related to monitoring for fraud become effective on June 19/22, 2026, (as part of a larger Risk Management package) intended again to help reduce the incidence of successful fraud attempts and improve the recovery of funds after frauds have occurred. 

A NEW “Operations Bulletin” issued by Nacha on June 3, 2025, where Nacha is encouraging the use of Same Day processing windows for Returns, will be discussed during this session!