ACH Credit Monitoring Is Coming: What Banks & Credit Unions Must Do by June 2026

In 2026, NACHA will require risk-based monitoring for ACH credits to combat credit-push fraud. Large ACH processors must start March 20, 2026; everyone else by June 22, 2026. The rules emphasize risk-based processes, annual reviews, and does not require pre-posting monitoring. (Nacha)

Why this change matters

Fraud has shifted toward credit-push scams—criminals trick legitimate payers into sending funds to mule accounts (e.g., via BEC). NACHA’s new rules create a baseline of fraud monitoring across the network so both originators and receivers have a role in spotting suspicious activity and improving recovery outcomes. The rules also introduce and reference “False Pretenses” (payments induced by misrepresentation of identity/authority or ownership of the credited account), which squarely covers BEC, vendor and payroll impersonation. (Nacha)

Who is affected and when

• Phase 1 — March 20, 2026
  • Applies to all ODFIs and non-consumer Originators/TPS/TPSPs with ≥6M originated entries in 2023.
  • Applies to RDFIs with ≥10M received entries in 2023. (Nacha)
• Phase 2 — Practical date Monday, June 22, 2026 (effective date is Friday, June 19—a federal holiday)
  • Extends to all other Originators/TPS/TPSPs and all other RDFIs. Nacha explicitly notes the June 22, 2026, practical date. (Nacha)

What’s actually required

For RDFIs (incoming ACH credits)

Establish and implement risk-based processes and procedures reasonably intended to identify ACH credit entries initiated due to fraud (including “False Pretenses”). Review these processes at least annually. Nacha clarifies pre-posting monitoring is not required. (Nacha)

For ODFIs/Originators/TPS/TPSPs (outgoing)

Implement risk-based processes and procedures to identify entries suspected of being unauthorized or authorized under False Pretenses, with annual reviews. Pre-processing monitoring is not required by rule, though it offers the best chance to stop fraud. (Nacha)

What “risk-based credit monitoring” looks like (RDFI examples)

Your program can combine rules, analytics, and case workflows around signals such as:

• Velocity & anomalies: first-time credits from a new Originator, sudden step-ups in amount/frequency, off-cycle “PAYROLL” bursts, unusual flows to a newly opened account.
• Context mismatches: SEC code inconsistent with account type; unexpected Company Entry Descriptions relative to prior behavior.
• Account risk: account age, typical balances, historic inflows/outflows, prior fraud flags, segment risk.
  These examples mirror Nacha’s guidance and align with existing AML monitoring practices. (Nacha)

A note on “pre-posting”

Many institutions ask if they must monitor before posting credits. Answer: No. Nacha states pre-posting monitoring of credit entries is not required; programs can be post-posting while still being risk-based and effective. (Nacha)

How SimpliRisk can help

• Risk-based credit monitoring for unusual SEC codes, high volume or unusual cycle payroll, high dollar, high volume, unexpected jump in amounts.
• Alerts workflows to review monitoring events.
• Case investigations to dive deeper into unusual activity, leverage our Peer Fraud Network tools to evaluate the risk against other known fraud.