For Third-Party Senders in the ACH network and the financial institutions who originate entries on their behalf, understanding and completing an ACH audit in accordance with the NACHA Operating Rules can be a challenge. At UMACHA we have the tools and expertise to help ensure you are compliant and to learn how to stay up-to-date on changes that may affect Third-Parties in the network.
For our Affiliate Members, we offer on-site audit services, similar to those that are available to our financial institution members. A UMACHA compliance staff member can come to your location and complete the ACH Audit for you, providing a comprehensive report of findings and recommendations afterwards for you and your management team. If you or your Third-Party Sender are not already members of UMACHA, visit our membershippage to learn more right now!
We have collected commonly asked questions from our members throughout the registration process to help you along the way.
Q: What databases are available in the Risk Management Portal? A: The following databases are all accessible through the Risk Management Portal: • The Third-Party Sender Registration Database • The Direct Access Registration Database • The Terminated Originator Database (TOD) • The Emergency Financial Institution Contact Database
Q: Do I need to register multiple times to access each database? A: No. Each financial institution must register only once in the Risk Management Portal. All databases are available from a single login within the Risk Management Portal.
Q: My financial institution has multiple Routing and Transit Numbers (RTNs). Which one do we register? Do we need to register every single RTN? A: Each financial institution will select their primary RTN at registration and this number will remain associated with the financial institution for all applications within the Risk Management Portal.
Q: My Third-Party Sender customer originates for many originators and a different Company ID is used for each. Which Company ID do I use? A: Only register the TPS Company ID of the Third-Party Sender and not the company names and IDs of every Originator. The NACHA Operating Rules do not require the Company ID for every Originator associated with the Third-Party Sender.
Q: How many individuals from my organization may access the Risk Management Portal? A: The Portal allows for one administrator from each organization and up to four additional users. The administrator will create an account within the Risk Management Portal and assign users access.
Q: My ODFI has already registered as not having a Direct Access relationship. Do we need to register again? A: Yes. Each ODFI must reregister their Direct Access status. Each ODFI will attest to its Third-Party Sender customer status and Direct Access customer status during the initial registration. The status of each registration can be changed at any time within the Risk Management Portal. Once registered, you can print proof of registration for your Risk/ACH audit.
Q: How can I find my ODFI’s registration confirmation? A: A registration confirmation is now available from the ODFI Management page in the portal. This one page printable document provides the date the financial institution registered, the current Direct Access Registration and Third-Party Sender Registration status, and the current number of registered Third-Party Sender customers and Direct Access relationships.
THIRD PARTY SENDER REGISTRATION
The Third-Party Sender Registration rule will require Originating Depository Financial Institutions (ODFIs) to identify and register their Third-Party Sender customers. The registration process will promote consistent customer due diligence among all ODFIs, and serve as a tool to support NACHA’s continuing efforts to maintain ACH Network quality.
Registrations can be completed through either an individual TPS upload or bulk TPS upload process. The individual upload process allows for quick registration, editing and deactivating of individual TPS relationships, while the bulk upload (available in XML, Excel, and CSV) allows for registering, editing, deactivating, and maintaining groups of TPS relationships.
The Third-Party Sender Registration Rule requires all ODFIs to either register their Third-Party Sender (TPS) relationships or state that they do not have any. Initial registrations are due by March 1, 2018.