5 Things NOT to Miss When Setting Exposure Limits

Amy Donaghue

By: Jennifer Kline, AAP, APRP, NCP, Director, Audit Services

As Director, Audit Services, I’ve had the opportunity to observe many different processes at many different organizations. Steps taken to satisfy the ACH Rules’ requirement for ODFIs to periodically review Originator and Third-Party exposure limits is one process that I have found varies greatly from organization to organization.

Many times, when I’m conducting ACH audits and evaluating the exposure limit review process, the documentation provided to credit officers includes the Originator or Third-Party Sender’s demand deposit accounts (DDA) and loan account balances, and maybe some non-sufficient funds (NSF) data. Other times, the documentation will include what Standard Entry Class (SEC) codes are available to the client. While this information may provide insight into the overall client relationship and account utilization, more information is needed to understand your client’s specific ACH business needs and their current ACH activities. Providing more comprehensive information about the client’s specific ACH needs and activity during the exposure limit review process will result in more effective risk management and may even lead to an increase in revenue!

Here are some additional data points to provide to credit officers during the Originator and Third-Party Sender exposure limit review to strengthen the process.

  1. ACH File Totals: Data points like an average file total, the highest file total and the frequency of files sent in the past year will assist the credit officer reviewing exposure limits and give a better picture of the Originator or Third-Party Sender’s ACH activities for the annual review.
  2. Transaction Types: Instead of letting the credit officer know the Originator or Third-Party Sender sends PPD and CCD transactions, give more context to the information. For example, using laymen’s terms to describe the client’s current ACH activity (like Payroll, Utility Payments, Rent, Reimbursements, Vendor payments, etc.) provides more context to the credit officer than SEC codes and is more useful for him/her to understand the Originator or Third-Party Sender’s business needs. This information may also give the credit officer or account/treasury manager a chance to sell more ACH or Treasury Management services, potentially resulting in increased revenue.
  3. Return Activity: Let the credit officer doing the annual review know about the return activity of your Originators and Third-Party Senders. Debit Originators with subscription-type transactions will likely have NSF return activity or other returns. Since you are collecting and monitoring return rates on your Originators and Third-Party Senders, it can be easily shared forward to the reviewer. You could also provide the return activity of your credit Originators, however, unless those numbers are high, the credit return activity is not as significant from a risk management perspective as is debit returns.
  4. Financial Stability: As you would expect, an analysis of your client’s financial stability as evidenced by their most recent financial statements, tax returns, bank statements, Dun & Bradstreet ratings or other credit review services, etc. is a critical component of the exposure limit review process. Requiring at least the most recent two years for these documents is a best practice if you don’t already have this information at your fingertips.
  5. Website and Social Media: In today’s digital world, evaluating your client’s website and social media presence may also provide valuable insight into adjustments that should be made to their exposure limit during the annual review process.

Whatever process you use to conduct your periodic exposure limit review for your Originators and Third-Party Senders, ensure that it includes a comprehensive view of the client’s specific ACH business needs and existing ACH activity. By including the data points above, your exposure limit review process provides the credit officer with helpful information about the Originator’s needs and current activity. If you’d like additional tips and tricks related to effective exposure limit reviews, contact us at advisoryservices@epcor.org. We’d love to help you!

Our Audits Have Gone Remote!

With everything being turned upside down, don’t forget that you are still required to conduct a 2020 ACH audit. Push the easy button and book a remote audit service with us! Our audit services are available in a completely virtual and secure manner, so book your service today by emailing audit@epcor.org! Or, if you’re going the DIY route, utilize our ACH Audit Workbook!