Account validation is the process of verifying the ownership and validity of a bank account. It is done for regulatory compliance with Nacha, as well as to the KYC and AML laws.
In 2021, ACH debits were one of the payment methods most impacted by payments fraud activity with 37% of financial professionals reporting it.
With scams on the rise, account validation is more than ever a necessary process for protecting your business. It helps ensure the money you send arrives in the right account of the right person or business.
In brief, account verification results in increased security throughout your payment chain and P2P process, and lessens the risk of fraud.
Keep reading to find out exactly: what is account validation? What are the risks of not using it? What are the best practices for account validation? How can automated platforms like Trustpair help with efficient account validation?
Trustpair is a platform that helps companies secure their payment chain. Account validation is at the heart of what we do. Our combined AI and access to databases internationally allow us to check in real-time your third parties’ accounts and raise the alert in case of fraud attempts. Do you want to learn more? Contact one of our experts!
What is account validation?
Account validation is the process used to validate that the account you send funds to (or receive money from) is the one you think it is.
It verifies both the validity and ownership of bank accounts by:
- Checking the business or person’s information is valid (it really exists).
- Checking the bank account associated with this business or person is real.
- Checking that both set of information match.
In the US, it’s the Nacha authority that oversees account validation processes and sets up the rules for the ACH (Automated Clearing House) network.
Nacha account validation rule from 2021 requires “merchants and billers that use WEB Debits (any ACH debit payment that takes place online) to validate the consumer’s account information before accepting the first payment made.”
Account validation should happen on at least two occasions:
- At the first use of the bank account, before a payment is made to a supplier or a debit is authorized on a customer’s account – that’s your merchant or customer onboarding.
- If and when the bank account information changes throughout your relationship with the third party.
But if you truly want a secure payment chain, you actually need to do it continuously. Including ongoing account validation in your security controls leads to a better fraud response.
It’s nearly impossible to do so manually, but an automated anti-fraud solution like Trustpair can help make the process not only possible, but efficient. Account validation checks are run automatically and systematically in the background, only raising the alert in case of suspicious activity.
The risks of not validating accounts in business
While everyone would agree that account validation is the sensible thing to do on paper, in reality, it requires adjusting internal processes and can be fastidious.
But companies that are tempted to skip account validation would risk much. What happens when you skip account validation?
Non-compliance (to US laws).
The first drawback to not validating your accounts is that it may put your business in an illegal situation. The new Nacha account validation requirement has been enforced since 2022; not respecting it puts you at risk of a corporate fine in case of an audit.
Depending on your company and its industry, you might also be infringing the KYC (Know Your Customer) and AML (Anti-Money Laundering) regulations.
The SOX law that targets publicly-traded companies also requires financial transparency and internal control, both of which are helped with account validation.
Increased risks of errors
Not validating your third parties’ accounts leaves room for mistakes. Anyone from your third party’s team or yours could enter the wrong bank data and transfer funds somewhere else – or not at all, which could damage your supplier relationship.
In the UK, a man sent the wrong bank code to his lawyer, and his $200.000 inheritance went to another person. It took him months to get it back, and even though it’s a happy ending in this case, it does make you realize how a simple mistake can have such dire consequences.
In most cases with wire transfers, it’s nearly impossible to get the funds back once they’ve been sent. That’s especially true in case of direct debit or transfers in the SEPA zone. Which is why wire transfer scams are on the rise.
Increased risks of frauds
Foregoing account validation exposes your business to unnecessary – but very real – fraud risks. Indeed, scammers impersonating others (spoofing) are on the rise.
They routinely send false invoices to corporations or even hack into a supplier’s network to change their bank account details on the legitimate invoice sent. Based on our recent study, in 2022, 55% of frauds were perpetrated through changes in supplier credentials.
Scammers also commit phishing or spear-phishing attacks, targeting individuals within the company and luring them into revealing sensitive information. Once they get their hands on their passwords, it’s easy to access your company’s network and change data here and there. Which is why you should always use multi-factor authentication.
CEO fraud is also a common trick used, where someone impersonates your CEO, CFO, or another executive from your organization and sends an email asking for a money transfer to be done to a specific account.
When it comes to fraud, identity theft is surprisingly common and effective. And without account validation, you open the door for ill-intentioned people to commit fraud.
Download our latest report about B2B Payment Fraud in the US for more trends and insights!
Strategies & best practices for effective account validation
Comply with regulations.
Regulatory authorities are here for a reason. Nacha account validation requirements ensure that you have the correct bank details to charge your clients for example. They also provide resources and documentation for doing account validation the correct way.
The same goes for the KYC (Know Your Customer) and AML (Anti-Money Laundering) frameworks, which apply to certain high-risk industries like insurance.
Regulatory compliance makes sure standards are met across industries.
Abiding by them means protecting your business from a potential security breach, money laundering, or terrorism funding. It also protects your consumers’ data, which in turn leads to a more trusting relationship between you.
Standardize your processes
Standardizing your account validation is important for consistency across your company. Account validation is a business process like any other – it needs to be streamlined in order to be efficient.
The way you go about this exactly depends on your organization.
Have a look at where you’re at now, and think about how you could make your actual process more effective. You might need to:
- Involve more people in it, or less.
- Simplify it, or make it more complex to suit your current business needs.
- Officialize one process for the whole company.
- Communicate more regularly on what’s expected.
One thing is sure, however: you need to systematically check the financial information of your third parties – especially for oversea suppliers!
It’s also important that account validation is part of your regular internal controls, and as such are communicated consistently in your company. It all leads to increased cybersecurity, as well as leaves an audit trail in case of external control.
Do your due diligence.
Account validation is about more than meeting the standards of regulatory bodies. At its heart, it’s about ensuring that your company isn’t sending funds to scammers, hackers, terrorists, or any malicious person. It’s an essential addition to your current anti-fraud measures.
Strong account validation needs to be an integral part of your customer due diligence process. This means going beyond standard background checks and incorporating robust business process controls.
Enhanced due diligence is possible thanks to Trustpair, who carries out systematic and automated checks. Our vendor data management system means you can trust that your account validation covers all the authentication details that you might otherwise miss with manual verification.
Automated account validation: the most effective way to do it
Automating your account validation is your next step – and the best one! – towards a more secure and efficient process.
Anti-fraud software increases your efficiency.
Instead of having to manually check each of your third parties’ information – which is error-prone and time-consuming – you can use an automated solution to simplify your process. Where manual checks can take up to 30 minutes for ONE supplier, with an anti-fraud software like Trustpair, it takes about 2 minutes – and the process is more thorough.
And with suppliers scattered around the globe and an increasing number of them, it’s close to impossible to actually check all your merchant information manually.
At Trustpair, account validation is at the core of what we do. Our solution does automatic, systematic, and real-time checks of every third party you add. We also block any transfer of funds to suspicious beneficiaries whose account-number or financial information hasn’t been thourougly screened.
More than doing consistency checks over your data, Trustpair carries out a true risk assessment by checking data systematically over databases internationally and our own internal ones. Our software works with Artificial Intelligence, leading to better data validation, fraud detection, and overall risk management.
Most software also uses machine learning to flag any suspicious activity. Trustpair goes through various layers of checks and gives a status based on each payment and merchant.
Automating your account validation increases overall security
Using an automated solution for your account validation proactively eliminates fraud.
How? It checks every payment before it is executed, so any payment sent to a supplier that hasn’t been checked doesn’t go through.
Interestingly, our latest study shows that 74% of companies check supplier credentials during onboarding but this drops to 20% when it comes to checking information before a campaign payment, or before placing an order. With software like Trustpair, it happens automatically and in real-time.
When it comes to identity verification, automated software usually offers multi-factor authentication for an added layer of security. It means you need a minimum of a password and a one-time password sent through a device or a biometric authentication (like facial recognition or a fingerprint) before logging in.
Get complete control over your P2P process with fraud detection software.
Fraud detection software gives you a complete overview over your payment process – which is key for effective risk monitoring. Most platforms integrate with other systems like your payment processor and ERPs like SAP or Oracle to guarantee a complete fraud protection.
It also makes your data protection easier to navigate with a user-friendly interface. Trustpair for instance offers a dashboard with your risk metrics.
Your merchant onboarding as well as your customer onboarding have just become more secure! Every financial data addition or change goes through our rigorous check. If there is any fraud attempt, it’s detected early on, and you can address it directly from your dashboard.
Using a solution like Trustpair means having a complete overview of your procure-to-pay process while improving your efficiency.
Trustpair is the leading anti-fraud platform for large corporations. Get in touch today to learn more about simplifying your account validation process!
- Account validation is the process of verifying the ownership and validity of bank accounts.
- It’s crucial to verify information like bank account numbers, SWIFT codes, etc. Without thourough screening, you might send money to unauthorized beneficiaries or fraudsters.
- It should happen when third-party information is added or modified, for instance when you have a new client or onboard a new supplier – but also throughout the whole supplier lifecycle.
- You need to validate your accounts to be compliant with Nacha rules, as well as the KYC (Know Your Customer) and ALM (Anti-Money Laundering) frameworks.
- Not carrying out data validation leads to an increased risk of error and fraud. It also puts you at risk of a fine from regulatory bodies.
- Some of the best practices include: standardizing your process, doing your due diligence, and ensuring compliance.
- The best and most efficient way to do account validation is by using software like Trustpair. It enhances your risk mitigation as well as improves your merchant onboarding.-
- Trustpair is the leading anti-fraud platform. We work with large corporations to prevent fraud attempts.