In this episode of Payments Pros, Carlin and Keith welcome back Jordan Bennett, Nacha’s senior director of network risk management, for a two-part series on the newly approved rules designed to combat credit push fraud. Credit push fraud has been on the rise, and Nacha released a risk management framework to increase awareness and mitigate such frauds.

The new rules, approved by Nacha’s members on March 18, aim to mitigate fraud incidents such as business email compromise and efforts to exploit credit push payments. Part one of this series explores the risk management package, discussing the comprehensive set of rules and multiple rule amendments effective from October of the current year.

Jordan highlights that the effective dates for some rules extend into 2026, providing ample time for preparation. The rules package was carefully crafted to reduce incidents of credit push frauds and provide financial institutions with useful tools.

In addition to the rules, Nacha is also focusing on education and has released risk management guidance. The guidance is designed to help financial institutions improve their risk controls.

The new rules include amendments for fraud monitoring by all parties in the ACH network, new rules around fund recovery tools, standardization of certain data fields, and changes to the Written Statement of Unauthorized Debit (WSUD) process. The rules are designed to increase awareness of fraud schemes, reduce successful fraud attempts, and improve recovery after frauds have occurred.

Part two of this series will focus on fraud monitoring and what ACH Network participants can start doing now to comply with the recently passed rules.

Transcript: Tackling Credit Push Fraud: Understanding Nacha’s Risk Management Package (PDF)