ACH Data Security Requirements

by | Apr 16, 2021 | 1stMILE Middleware, ACH

It is now explicitly required that customer bank account numbers be protected by rendering them unreadable when stored electronically. This rule more closely aligns ACH security with PCI security standards for credit cards.

1st Mile has always treated ACH transaction data with the same stringent security practices as is used for credit cards. You can be assured that your customer’s bank account information is protected in compliance to current and upcoming NACHA requirements.

What you can do to protect your customer’s bank account information:

  • Identify your systems that store account numbers used for ACH payments. This may include customer authorizations as well as databases or systems platforms that support ACH entries.
  • If a customer’s account number is used for ACH payments (consumer or corporate), it is best not to store it physically or electronically.
  • If a customer’s account number must be stored, ensure that it is encrypted or otherwise rendered unreadable.

If there are any questions relating to ACH processing or compliance, please address them to [email protected].