Risk & Compliance
Risk & Compliance Services
Have you scheduled your required annual audit and risk assessments?
Today’s regulatory requirements and escalated fraud make your payments audits and risk assessments more important than ever before. It is important to have your payments audits and risk assessments performed on an annual basis.
You can build a risk management package to match your needs with our Risk & Compliance services. For a proposal or to move forward with scheduling, please complete our online Compliance Services Request Form and a PaymentsFirst team member will contact you.
For more information, please call PaymentsFirst at 1-866-993-3753 or send an email to riskandcompliance@paymentsfirst.org.
Nacha requires all participating Depository Financial Institutions to conduct an Annual ACH Audit to be performed by December 31 of each year. Who better to conduct your institution’s annual ACH audit than your resource for electronic payment information and training? A PaymentsFirst ACH expert can conduct your annual ACH audit and examine each facet of your ACH operations. The audit includes a review of compliance with the Nacha Operating Rules, a review of online banking products using ACH, areas of compliance, and a review of procedures related to receiving Federal Government payments. PaymentsFirst is a licensed Direct Member of Nacha and our team of consultants is ACH experts.
The PaymentsFirst ACH Audit service includes:
- Prior to and onsite checklists
- Client questionnaire
- Review of sound business practices and internal controls
- Review of agreements
- Exit interview
- Written report including findings and/or recommendations
- Audit certification form
- Access to an auditor for questions
Each financial institution, is required to perform a risk assessment of their ACH activities and implement a risk management program in accordance with the requirements of their regulators. Additionally, participants are further impacted by the requirement to conduct additional risk management practices prior to originating ACH entries and by the requirement to cover specific topics in all new or renewed Originator and Third-Party Sender Agreements. A financial institution must understand and identify the complexity and nature of their ACH services to effectively perform the risk assessment. A PaymentsFirst ACH expert can evaluate the complexity of services offered, discuss inherent risk, and assess the institution’s residual risk based on implemented controls. The PaymentsFirst ACH Risk Assessment is a thorough assessment of ACH activities and the institution’s overall risk management program. The written report evaluates inherent risk and provides recommendations and risk ratings of the institution’s residual risk.
The PaymentsFirst ACH Risk Assessment service includes:
- Prior to and onsite checklists
- Client questionnaire
- Review of agreements
- Exit interview
- Written report including findings and/or recommendations
- Risk Assessment Certification form
- Access to auditor for questions
PaymentsFirst’s RDC Risk Assessment and Audit of Internal Controls reviews the financial institution’s compliance with FFIEC Guidance. The various methods for using RDC within the financial institution are covered including mobile RDC, branch/teller capture, and merchant capture. Allow one of PaymentsFirst’s payments experts to analyze your institution’s RDC compliance, internal controls, and risk management process.
The PaymentsFirst RDC Risk Assessment and Audit of Internal Controls service includes:
- Prior to and onsite checklists
- Client questionnaire
- Review of sound business practices and internal controls
- Review of agreements
- Exit interview
- Written report including findings and/or recommendations
- Risk Assessment Certification form
- Access to auditor for questions
Wire Transfers are becoming more of a focus for regulatory agencies during yearly exams. Wire transfers are attractive to business customers and consumers because they allow funds to settle same day, additionally, wire transfers are irrevocable; both attributes make wire transfers a signification risk. Let one our payments experts complete an assessment of your institution’s wire transfer program to ensure your program is following regulatory guidelines. The service includes review of compliance with FFIEC Guidance. All methods in which the financial institution receives wire requests are considered during the review.
The PaymentsFirst Wire Risk Assessment and Audit of Internal Controls service includes:
- Prior to and onsite checklists
- Client questionnaire
- Review of sound business practices and internal controls
- Review of agreements
- Exit interview
- Written report including findings and/or recommendations
- Risk Assessment Certification form
- Access to auditor for questions
The Clearing House requires all RTP Participants to complete an annual audit to verify compliance with the RTP Participation and Operating Rules, as required by RTP Operating Rule IX.A.2. Who better to conduct your institution’s RTP audit than your resource for electronic payments information and training? A PaymentsFirst payments expert can conduct your RTP audit and examine each facet of your RTP operations. The audit includes a review of compliance with the RTP Participation and Operating Rules, review of online banking products using RTP, areas of compliance, and review of procedures related to processing RTP payments. PaymentsFirst is a licensed Direct Member of Nacha and our team of consultants are payments experts.
The PaymentsFirst RTP Audit service includes:
- Service checklists
- Client questionnaire
- Review of sound business practices and internal controls
- Review of agreements
- Opening and Exit interviews
- Written report including findings and/or recommendations
- Certification of Audit Form
- Access to auditor for questions
The RTP Risk Assessment is designed to assist the financial institution’s board of directors and senior management by identifying potential areas that require stronger internal controls, increased focus, or pose an unmitigated risk. The scope of the assessment includes a review of the financial institution’s RTP operations, policies, procedures, processes, and established risk controls.
The PaymentsFirst RTP Risk Assessment service includes:
- Prior to and onsite checklists
- Client questionnaire
- Exit interview
- Written report including Sound Business Practice recommendations
- Risk Assessment Certification form
- Access to the auditor for questions
Please visit www.paymentsfirst.org or send an email to riskandcompliance@paymentsfirst.org today for a free proposal or to begin the scheduling process.
The PaymentsFirst Regulation E Compliance Review service includes:
- Prior to and onsite checklists
- Client questionnaire
- Exit interview
- Written report including findings and/or Sound Business Practice recommendations
- Review Certification form
- Access to the auditor
The Nacha Operating Rules require Third-Party Senders and Third-Party Service Provider, who performs ACH services on behalf of a financial institution, to conduct an annual audit of its ACH operations and related processes. Allow our team of payments experts to evaluate your existing program and audit based on requirements of the Nacha Operating Rules and Guidelines. PaymentsFirst is a licensed Direct Member of Nacha and our team of consultants are ACH experts.
The PaymentsFirst Third-Party Sender and Third-Party Service Provider services include:
- Prior to and onsite checklists
- Client questionnaire
- Review of sound business practices and internal controls
- Review of agreements
- Exit interview
- Written report including findings and/or recommendations
- Certification form
- Access to auditor for questions
PaymentsFirst offers Third-Party Sender and Third-Party Service Provider ACH risk assessments. It is a sound business practice for companies that perform ACH services on behalf of customers or on behalf of financial institutions to assess the risk of their ACH activities. The Nacha Operating Rules and Guidelines requires Third-Party Senders to perform a risk assessment of their ACH activities and implement a risk management program since when acting as a Third-Party Sender they assume many responsibilities of the ODFI. You should expect verification of compliance as part of your next ACH Audit and/or regulatory examination. The PaymentsFirst ACH Risk Assessment is a thorough assessment of ACH activities and your overall risk management program. The written report evaluates inherent risk and provides recommendations and risk ratings of your residual risk. PaymentsFirst is a licensed Direct Member of Nacha and our team of consultants are ACH experts.
The PaymentsFirst Third-Party Sender and Third-Party Service Provider services include:
- Prior to and onsite checklists
- Client questionnaire
- Review of sound business practices and internal controls
- Review of agreements
- Exit interview
- Written report including findings and/or recommendations
- Certification form
- Access to auditor for questions
The Nacha Operating Rules require Third-Party Senders and Third-Party Service Provider, who performs ACH services on behalf of a financial institution, to conduct an annual audit of its ACH operations and related processes. Allow our team of payments experts to evaluate your existing program and audit based on requirements of the Nacha Operating Rules and Guidelines. PaymentsFirst is a licensed Direct Member of Nacha and our team of consultants are ACH experts.
The PaymentsFirst Third-Party Sender and Third-Party Service Provider services include:
- Prior to and onsite checklists
- Client questionnaire
- Review of sound business practices and internal controls
- Review of agreements
- Exit Interview
- Written report including findings and/or recommendations
- Certification form
- Access to auditor for questions
PaymentsFirst offers Third-Party Sender and Third-Party Service Provider ACH risk assessments. It is a sound business practice for companies that perform ACH services on behalf of customers or on behalf of financial institutions to assess the risk of their ACH activities. The Nacha Operating Rules and Guidelines requires Third-Party Senders to perform a risk assessment of their ACH activities and implement a risk management program since when acting as a Third-Party Sender they assume many responsibilities of the ODFI. You should expect verification of compliance as part of your next ACH Audit and/or regulatory examination. The PaymentsFirst ACH Risk Assessment is a thorough assessment of ACH activities and your overall risk management program. The written report evaluates inherent risk and provides recommendations and risk ratings of your residual risk. PaymentsFirst is a licensed Direct Member of Nacha and our team of consultants are ACH experts.
The PaymentsFirst Third-Party Sender and Third-Party Service Provider services include:
- Prior to an onsite checklists
- Client questionnaire
- Review of sound business practices and internal controls
- Review of agreements
- Exit interview
- Written report including findings and/or recommendations
- Certification form
- Access to auditor for questions
New - E-Banking Risk Assessment
Accepting Dates in 2024
PaymentsFirst’s E-Banking Risk Assessment includes a review of the financial institution's e-banking products and services, operations, policies, procedures, processes, and established risk controls. The scope is limited to products and services offered through online banking that settle through or are initiated through the underlying payment systems. PaymentsFirst will review the products and services you offer, within the scope identified. Our focus on access channels will be limited to access using ACH, RDC, Wire transfer, and specific products/services offered through Online/Mobile Banking (P2P, A2A, Consumer Bill Pay, online account opening, mobile banking, and mobile deposit).
Contact Us to Schedule Risk and Compliance Services
Tip: Schedule early to ensure availability, efficient preparation time and to avoid additional charges.
Customized Consulting
PaymentsFirst offers customized consulting on emerging payments topics. Our experts will design a program that fits your specific needs. Contact us to find out about creating a highly customized and effective program. Topics might include, new product/ service launch, conversions, policy/procedure development, payments strategy, to name a few.