News media erupted this September with stories of innocent employees who not only had their payroll reversed but had also suffered from an additional reversal. Upon further investigation, MyPayrollHR (a Third-Party Sender) was linked to the processing of these payments and subsequent reversals. A few weeks later, another Third-Party Sender, Cachet, found itself in the spotlight for not processing files created on behalf of its clients. MyPayrollHR and Cachet had worked together with some processing of transactions and the failure of one led to issues with the other. In light of these recent events with Third-Party Senders who had Third-Party Senders as clients, also referred to as “nested” Third-Party Senders, it is a good time to look at relationships to see what you really have in your portfolio.
As the industry continues to push to make payments faster and all electronic, many businesses have outsourced accounting services because they do not have the manpower or experience to streamline processes to pay accounts payables, collect receivables and process payroll. One of the ways a business might do this is through services provided by another company… a service provider. While there is not a one-size-fits-all approach to offering these services, many times the service provider is granted access to the business’ online banking/cash management services to create transactions. However, other times the service provider uses its own platform and financial institution to process these transactions, which make the service provider a Third-Party Sender. And, to make things more complicated… that Third-Party Sender may use another service provider to get the transactions into the ACH network, which then leads us to a Third-Party Sender with a Third-Party Sender as a client.
Is your financial institution involved in any of these relationships?
The first question to ask is… do we have any Third-Party Senders? A Third-Party Sender is defined in the 2019 ACH Rules on page OR70 as “a type of Third-Party Service Provider that acts as an intermediary in transmitting entries between an Originator and an ODFI, including direct access, and acts on behalf of an Originator or another Third-Party Sender." There is a tool available in the Knowledge Community to help you identify these relationships.
How do you know when Third-party Senders have Third-Party Senders as clients? You ask! As part of your due diligence on any Origination agreement, your institution should understand the company’s business, who they are serving and in what capacity they are serving. As the ODFI, you are ultimately responsible for every transaction your clients transmit through the ACH Network whether they are an Originator, a Third-Party Sender or a Third-Party Sender with Third-Party Senders as clients. For the Originators and nested Third-Party Senders, the ability to have vendor management in place is key knowing who your clients are.
Any relationship has its risks, it is up to your financial institution to understand how the different parties fit together, keep track of who is responsible for what and know the financial standings of your clients. Your reputation depends on it!
|