eCheck Authorization Process: Virtual Terminal Transactions

Last post, we discussed eCheck transactions submitted through a webpage or mobile form, or WEB transactions. This post will focus on transactions initiated by you, the Originator.  Have you ever received a request from a patron asking you to initiate an automatic debit from their bank account on their behalf? For many of you, this is a typical occurrence. What you may not know is there is a specific authorization process for these types of transactions and you must be able to furnish proof this process was completed according to the timeframe requirements.

As you may recall, transactions entered through your webpage are WEB transactions and must be initiated by the accountholder themselves (to read more about WEB transactions, click here). When an accountholder requests that a transaction be made on their behalf, it is paramount that these are entered through your virtual terminal since the transaction is not being initiated by the accountholder directly. These transactions are known as either Prearranged Payment and Deposit Entry (PPD) or Corporate Cash Disbursement (CCD) depending on whether the accountholder is an individual or another business.

Authorization Process

A signed authorization is obtained to initiate a debit to an accountholder’s bank account for a specified amount of money (one-time or recurring). If the initial contact between you and the accountholder is verbal, you must first provide them with the written authorization form and have them sign and return it before processing the transaction. The written authorization should be identifiable as an ACH authorization and should inform the receiver as to how they can receive a refund or revoke their authorization.

A signed check does not meet this requirement as a signed check should never be submitted through the ACH system unless it is through a conversion program which is not currently offered through CashLINQ.  

Proof of Authorization

In case of an accountholder dispute, you (the originator) are required to provide proof of authorization to the RDFI (the accountholder’s bank) upon request. Proof of authorization is the signed ACH authorization obtained during the authorizaitn process. You are required to retain and, if requested, provide this signed documentation for two years after the transaction has terminated or otherwise been revoked.

Processing transactions on behalf of your constituents is a common practice. In fact, offering this service can help your organization’s bottom line by avoiding abandoned transactions from individuals having difficulties with your technology. Just be mindful of taking the necessary steps to ensure you are obtaining proper authorization and retain those records for two years after the transaction has ceased processing, or otherwise been cancelled. For more information, see the ACH Rules and Regulations or purchase your copy of this year’s NACHA Rule book.