Nacha, the electronic payments association, is developing a database of abusive automated clearing house originators and is sharing it with member banks, though concerns about risks — to members' reputations and their bottom lines — are making banks cautious about sharing too much about their dealings with third parties.
The evolving list brings to the ACH environment an approach that has been used in the checking world for years to fight fraud.
A rule that took effect in March allows the Herndon, Va., clearing house group to require special reports from institutions that it believes are allowing practices that create risk management problems for others on the ACH network. Elliott C. McEntee, the group's president and chief executive, said it wants to continue to tighten the monitoring of potentially fraudulent transactions under its Network Enforcement Rule, which its voting membership approved in October.
"The ultimate objective is to have a common database to go to for both check and ACH transactions," Mr. McEntee said in an interview. "But we're still in the early stage of discussions there."
Tighter fraud control is becoming more important as the ACH system opens up to more one-time transactions, such as those using the e-commerce service Secure Vault that Nacha is now testing, he said.
Nacha's "Project Owl," an originator watch list, began a test in December with the association's members, Mr. McEntee said. (Nacha has 24 financial institutions that are direct members of the association, along with the nation's 19 regional payment associations.)
That list is likely to be made available to all financial institutions by the end of the summer, he said. "We hope that before a financial institution takes on a company to originate for the first time, they will go to that list to see whether the company is on it."
If a prospect's name appeared on the list, it would be up to the originating depository financial institution to take appropriate action, Mr. McEntee said. "We're not telling the ODFI what to do" if that happens, "but we're encouraging them to check the list."
Roy DeCicco, a Nacha board member and a senior vice president at JPMorgan Chase & Co., said the watch list will grow as Nacha builds up its database.
"We are going slowly, but we are creating that list. That is a step we are willing to take," Mr. DeCicco said during a panel discussion this month sponsored by the Society for Worldwide Interbank Financial Telecommunication.
There have been discussions about even more disclosure, but the bankers are cautious, he said.
"The path gets a little cold when you talk about developing a list of customers we've terminated for cause," Mr. DeCicco said. "Banks are concerned about putting that kind of negative information in a public arena, where it can be challenged later."
Leonard J. Heckwolf, a Nacha board member and the innovation and development executive at Bank of America Corp.'s global treasury services unit, said on the Swift panel that banks could be more efficient, but their payment systems operate as separate silos.
"As an industry, we still think each silo is special," he said.
Mr. McEntee said the next phase of the Network Enforcement Rule will take effect this quarter, so that a telephone number or obscure corporate name will no longer be adequate for identifying the company debiting an account.
"In June the originating bank will be warranting to us that the name of the ACH originator has been accurately displayed in the ACH record, so the consumer can recognize it," he said.
Nacha has already begun exercising some of its authority under the rule, which also authorized sharply higher fines against financial institutions that allow questionable use of the ACH network, and Mr. McEntee said it has withstood its first court challenge.
A pair of Nevada companies, Capital Credit Alliance and Consumer Credit Services Inc., filed a lawsuit against Nacha late last year after it levied a $45,000 fine against their originating depository financial institution. Under their indemnification agreements, the institution passed that charge along to the third-party service provider that worked with the companies, which then charged them.
The companies sued in state court to prevent the group from enforcing the rule, because under Nacha's escalating penalties, the fine could grow to $200,000 in the second month and to $1 million in three months. At Nacha's request, the case was removed to federal court, and in January, Judge Kent J. Dawson of the U.S. District Court for Nevada rejected their request a temporary restraining order.
"Even a cursory review of the transcripts and authorization forms submitted by plaintiffs demonstrates that plaintiffs' method of attaining customer authorization for debit transactions is deceptive and in violation of Nacha operating rules," Judge Dawson wrote.
The two firms withdrew their suit in March. An attorney for the firms would not discuss the case.
In the longer term, Nacha would like to combine its database on ACH originators with the shared checking account databases managed by Early Warning Services LLC of Scottsdale, Ariz., which is owned by five big banking companies and First Data Corp. Early Warning Services, which has long maintained information on account openings and closings and bounced checks from reports from a group of large banks, opened its files more broadly to the industry in 2004 and says it processed 3.4 billion inquries last year.
