Proof Of Authorization and NACHA requirements
Before you debit your customer’s bank account through the ACH Network, you are required to obtain their authorization. Let’s learn exactly what an ACH authorization form is and what information should be included.
An ACH Proof Of Authorization (POA) is a legally required agreement between the payor and the payee that outlines the terms of the transaction. The Automated Clearing House (ACH) overseen by NACHA requires merchants to obtain proof of authorization when a transaction is done and kept for 2 years after the date of the last transaction.
What should a POA include?
General POA
1. Merchants name and contact information
2. Customers name and contact information
3. Payment details
Onetime payment, recurring, number of payment installments
4. Authorization Statement
5. Recourse statement
Returns or cancellations policy
6. Payor’s bank details
Customer's routing number, account number, and indication if this is a checking or savings account
7. Date of agreement and signature
POA BY ENTRY
ARC – ACCOUNTS RECEIVABLE TRUNCATED CHECK ENTRY
Prior to the check being sent, the merchant must provide a clear notice (ie: monthly statement or invoice) to the customer including language such as:
- “When you provide a check as payment, you authorize us either to use information from your check to make a one-time electronic fund transfer from your bank account or to process the payment as a check transaction.” -or-
- "When you provide a check as payment, you authorize us to use information from your check to make a one-time electronic fund transfer from your account. In certain circumstances, such as for technical or processing reasons, we may process your payment as a check transaction."
The check must:
- Contain a pre-printed serial number
- Be in the amount of $25,000.00 or less
- Match the face value of the check (added fees are not allowed for ARC transactions). If the merchant wishes to add a charge for any NSF or service fee, they must initiate a separate authorization under PPD, WEB, or TEL as appropriate.
- Be completed and signed by the customer/account holder
- Be received via US Mail or delivered to a drop-box where checks are received (UPS, FedEx, or another traceable means)
Merchants must retain a copy of the source document and a copy of the notice to the consumer that the check will be converted to an ACH entry.
POP – POINT-OF-PURCHASE ENTRY
Merchants must obtain written authorization (authorization form and check) and provide proper notice to the customer (ie: on monthly statement or invoice) including language such as:
- "When you provide a check as payment, you authorize us either to use information from your check to make a one-time electronic fund transfer from your account or to process the payment as a check transaction." -or-
- "When you provide a check as payment, you authorize us to use information from your check to make a one-time electronic fund transfer from your account. In certain circumstances, such as for technical or processing reasons, we may process your payment as a check transaction."
Merchants must provide a copy of the signed receipt including:
- merchant name
- telephone number
- date of the transaction
- amount
- check serial number
- merchant number
- terminal city and state
The transaction must be in the amount of $25,000.00 or less
PPD – PRE-ARRANGED PAYMENT OR DEPOSIT ENTRY
Merchants must provide a copy of the written authorization signed by the consumer which must have:
- Name and identifying information of the merchant
- Name and identifying information of the customer
- Customer’s assent to the authorization
- Customer’s routing #
- Customer’s account #
- Customer’s account type - checking or savings, business or personal
- Amount - this can refer to a separate contract, be a fixed amount, be a range of $___ to $___ if it varies month-to-month or has a ceiling (up to $___).
- The date on or after the transaction will post
- Clear & readily understandable terms
- Language providing that the customer may revoke the authorization only by notifying the merchant in the time and manner stated in the authorization
Note: PPD credits do not require a written authorization
CCD – CORPORATE DEBIT OR CREDIT ENTRY
Merchants must provide a copy of the signed written business contract.
- Merchants are strongly encouraged to follow as many of the PPD requirements as possible for their CCD payments.
- For payments initiated online using CCD, the POA requirement will be the same as that for WEB – internet authorization
- If a corporate customer submits authorization for debit with the order form but does not include a check, use CCD.
TEL – TELEPHONE INITIATED ENTRY
Merchants must provide a copy of verbal authorization (audio recording) with clear & readily understandable terms. If an audio recording was not made, the merchant must submit a copy of the follow-up letter mailed to the customer prior to the settlement of the transaction, which details the payment according to the phone conversation.
Single TEL entries must include:
- The date on or after which the ACH debit will occur
- Amount of the transaction
- Customer’s name
- Customer’s account # to be debited
- Customer’s telephone # for questions
- Date of the verbal authorization & a statement by the merchant that the authorization is obtained for a single-entry ACH debit
- The method by which the customer can revoke the authorization
Recurring TEL entries must include:
- Amount of the recurring transaction
- The timing (start date, end date, # of payments, frequency)
- Customer’s name
- Customer’s account # to be debited
- Customer’s telephone # for questions
- Date of the verbal authorization
- The method by which customer can revoke the authorization
WEB – INTERNET-INITIATED ENTRY
Merchants must provide a copy of internet authorization as seen by the authenticator, and along with authorization time & date stamp. With this, the authorization must:
- Have the customer’s identity and assent to the authorization
- Have clear & readily understandable terms
- Provide that the customer may revoke the authorization only by notifying the merchant in the time and manner stated in the authorization
- Have a signature (electronic) that is displayed in a manner that enables the customer to read the communication
- This includes but is not limited to digital signatures and security codes
Minimum POA Requirements (CC debits)
Please note that, while the format varies by software, merchants must be able to provide proof of authorization for credit card payments just as with any other payment. At a minimum, a copy of the receipt or internet authorization is required.