July 2015 Issue Posted July 20, 2015
Recently the Members of NACHA approved ACH rule changes that will result in ODFIs having the option of providing same-day clearing and settlement for ACH services starting in September 2016. ODFI’s that originate same-day ACH entries will be charged a fee of $.052 for each entry. For many ODFI’s that will use same-day services, the $.052 fee will represent a significant increase in the cost of originating an ACH entry.
ODFIs will face other cost increases as a result of other changes to the ACH Rules and requirements of the federal bank regulatory agencies. The cost increases fall into three categories.
1. ACH Network Fees
2. New Return Entry Monitoring Requirements
3. Regulatory Monitoring and Compliance Requirements.
At the last few conferences including NACHA 2015, Elliott and I have been on panels and have made presentations about risk management in a same-day ACH environment and the need for banks to adopt a deliberate pricing model to cover the costs of the resulting changes (See Elliott’s article in this issue). The onetime cost of implementing this program is estimated at 118M dollars with recurring annual costs of 49M dollars.
The questions from the audience we heard were about the value of this program. Consider NACHA’s prediction that by 2027 roughly 1.4 billion transactions will be same day ACH. This seems like a small number compared to the 23 billion transactions reported for 2014.Read More
Every credit and debit card has a three- or four-digit printed security code for added protection from criminals charging without card present charges. But when criminals have stolen card account numbers – they work on tricking card holders into revealing the codes.
Here’s how the scam works: The consumer may not know their card has been compromised and receives a phone call from someone who claims to work at the card issuer’s fraud-prevention department.Read More
The Consumer Financial Protection Bureau, one of the five regulatory agencies in the Federal Financial Institutions Examination Council, has released consumer protection recommendations - including security steps - that banking institutions should consider as they develop solutions for faster payment systems.
One security expert questions if the CFPB’s recommendations will have much impact, while another says this could be a first step toward more regulations for banks and credit unions. And a third contends that some of the recommendations, if mandated, would do more harm than good, because they could establish contradictory regulatory examination requirements for banking institutions.
The vast majority of people say they want financial institutions, payment systems and online stores to ensure that hackers can’t get into their bank accounts, and when hackers do get in, 40% expect financial institutions to reimburse them without question, according to new research from the Woburn, Mass.-based IT firm Kaspersky Lab and marketing research company B2B International.
The study, published this month, was done via an online survey of 11,135 people in 23 countries from May to June 2014. It found, among other things, that online threats to personal finances are common – 43% of the respondents reported encountering them in the previous year, and about one in every 20 respondents had some money stolen from them.
The upgraded operating system will allow users to switch seamlessly between personal computers, tablets, smartphones and other gadgets. Windows 10 is intended to give apps a similar feel on all devices and comes with a new Web browser integrated with Cortana, the company’s voice-activated answer to Apple’s Siri.
Microsoft Corp. say Monday that Windows 10 will be available as a free upgrade for a limited time for anyone whose devices use Windows 8/8.1 or 7, which are previous versions of the software.
With Microsoft ceasing support for Windows Server 2003 as of July 14, security experts are warning organizations to migrate to a new operating system as quickly as possible and, in the meantime, lock down any servers that continue to use the aging operating system.
Beginning in August, Microsoft will begin releasing Windows updates that attackers can potentially reverse-engineer to design exploits that will compromise every Windows Server 2003 system that remains in use.
“After July 14, Microsoft will no longer issue security updates for any version of Windows Server 2003,” according to a Microsoft announcement. “If you are still running Windows Server 2003 in your data center, you need to take steps now to plan and execute a migration strategy to protect your infrastructure.”
The company recommends current users upgrade to Windows Server 2012 R2, as well as Microsoft Azure and Office 365 where applicable.