Skip to main content
Skip table of contents

ACH Authorization Requirements (NACHA)

Within are applicable excerpts from the NACHA guidelines. You can find resource links to purchase the full list of NACHA requirements and regulations at NACHA.org.

Rights and Responsibilities of ODFIs, Their Originators, and Third-Party Senders

Originator Must Obtain Authorization from Receiver

An Originator must obtain authorization from the Receiver to originate one or more Entries to the Receiver’s account, except for credit Entries for which the Originator and Receiver are both natural Persons.

An authorization must comply with applicable Legal Requirements, be readily identifiable as an authorization, and have clear and readily understandable terms. A purported authorization for an Entry that is not clear and readily understandable as to its terms, or that is otherwise invalid under applicable Legal Requirements, does not satisfy the requirements of this section.

 Originator will always be the merchant from ACH perspective. Payrix is the third party service provider who provide payment services to merchants.

Debit Entries to Consumer Accounts

The Originator of a debit Entry to a Consumer Account of the Receiver must obtain a written authorization that is signed or similarly authenticated by the Receiver, except as otherwise expressly permitted by these Rules.

In addition to the general requirements for an authorization, an authorization for a debit Entry to Consumer Account of the Receiver must, at a minimum, include:

  1. Language regarding whether the authorization obtained from the Receiver is for a Single Entry, Recurring Entries, or one or more Subsequent Entries initiated under the terms of a Standing Authorization;

  2. The amount of the Entry/Entries or a reference to the method of determining the amount of the Entry/Entries;

  3. The timing (including the start date), number, and/or frequency of the Entries;

  4. The Receiver’s name or identity;

  5. The account to be debited;

  6. The date of the Receiver’s authorization; and

  7. Language that instructs the Receiver how to revoke the authorization directly with the Originator (including the time and manner in which the Receiver’s communication with the Originator must occur). For a Single Entry scheduled in advance, the right of the Receiver to revoke the authorization must afford the Originator a reasonable opportunity to act on the revocation prior to initiating the Entry.

With respect to a Standing Authorization, these minimum standards for a consumer debit authorization may be met through a combination of the Standing Authorization and the Receiver’s affirmative action to initiate a Subsequent Entry.

Where these Rules provide that authorization for an Entry may be obtained by notice to the Receiver, the Receiver’s authorization may also be obtained by a signed, written authorization that meets the requirements of this subsection.

Originating PPD Entries

Prior to originating a PPD debit Entry to a consumer account, an Originator must:

  • Provide the Receiver with a written authorization that is readily identifiable as an ACH debit authorization and contains clear and readily understandable terms that meet the minimum authorization requirements.

  • Obtain the Receiver’s agreement to the terms of the authorization via his signature or electronic signature equivalent (i.e., the authorization must be similarly authenticated).

When originating a PPD Entry for a Return Fee Entry to a consumer account, an Originator must:

  • Obtain the Receiver’s authorization for a Return Fee Entry originated using the PPD Standard Entry Class Code by either (1) obtaining the Receiver’s written authorization, or (2) providing the Receiver with the required notice.

When originating a PPD credit Entry to a consumer account, an Originator must:

  • Obtain an authorization from the Receiver that is readily identifiable as an authorization and has clear and readily understandable terms. Authorization for a PPD credit entry is not required to be in writing.

For detailed information on Return Fee Entries and authorization requirements, within the Special Topics section of these Guidelines.

Originating CCD Entries

Prior to originating a CCD Entry to a non-consumer account, an Originator must:

  • Obtain the corporate Receiver’s authorization to originate entries to the Receiver’s account that meets the minimum authorization requirements and

  • Obtain the corporate Receiver’s agreement to be bound by the NACHA Operating Rules.

Originating TEL Entries

TEL entries are single-entry debits, and as a result, require a separate and distinct oral authorization to be obtained from the consumer for each intended TEL entry being initiated to the consumer’s account.

Before originating a TEL Entry to a consumer account, an Originator must:

  • Obtain explicit oral authorization from the consumer via the telephone, before initiating each debit entry.

  • Clearly state during the telephone call that the consumer is granting authorization for an ACH debit.

  • Clearly communicate the following points during the authorization process:

    • The debit entry intended date on or after which the consumer’s account will be debited;

    • The amount of the debit entry;

    • Consumer’s name;

    • A reachable telephone number during normal business hours for customer inquiries;

    • Date of the consumer’s oral authorization; and

    • An Originator acknowledgment that the consumer’s approval will be used to originate an ACH debit.

In addition, to adherence to regulations, the Originator must either record the consumer's oral authorization or furnish a written notice confirming the terms before the intended settlement date of the TEL entry. This information, including the specified details, must be retained for 2 years from the authorization date.

While Voice Response Units (VRUs) can be employed to assist consumers during the call, it’s crucial to note that key-entry responses do not qualify as oral authorization for TEL entries. Originators must ensure that the actual authorization and disclosure of the specific information are provided verbally.

Originating WEB Entries

Prior to originating a debit WEB/Mobile Entry to a consumer account, an Originator must:

  • Obtain written authorization from the Receiver that meet the minimum authorization requirements (1) via the Internet or a wireless network, except for an oral authorization via a telephone call ; or (2) in any manner permissible under the Rules, if the Receiver’s instruction for the initiation of the debit entry is designed by the Originator to be communicated, other than orally via a telephone call , via a wireless network.

  • Use a fraudulent transaction detection system to screen each debit WEB entry that, at a minimum, validates the account to be debited for the first use of the account number, and for any subsequent change to the account number.

  • Verify the Receiver’s identity.

  • Verify that the routing number is valid.

  • Conduct annually an audit of data security practices for Receivers’ financial information.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close