Complete Story
07/03/2025
New Nacha Compliance Process: What Your Institution Needs to Do Now
Nacha is moving from a manual process to an automated system managed through the Risk Management Portal for verification of the annual ACH Compliance audit.
Here’s What You Need to Know:
- Attestation requests will now come from donotreply@nacha-rmp.nacha.org. If your institution is selected, the subject line of the email will read:
Subject: ACH Rules Compliance Audit Attestation
From: donotreply@nacha-rmp.nacha.org
- Each request will include a link to the Risk Management Portal, where administrators must attest to audit completion and provide the date it was conducted.
- Third-Party Sender attestations will also be included, with financial institutions required to submit one attestation per TSP requested.
- Some institutions may be selected for a manual review and will be asked to provide additional documentation (e.g., audit summary, certificate, or cover letter).
Take These Steps Now:
- Ensure donotreply@nacha-rmp.nacha.org is whitelisted to prevent delivery issues.
- Log in to the Risk Management Portal to review and update administrator contacts. Remember, financial institutions may list up to six administrators.
- Remove outdated users and add current staff.
When it comes to your ACH compliance, SFE remains a trusted and knowledgeable source. Reach out with any questions on Nacha’s new approach or if we can help with your annual audit.
