The Micro-Entry Rule defines and standardizes practice and formatting of Micro-Entries, which are used by some ACH Originators as a method of account validation.

Phase 2 of this Rule will be effective March 17, 2023

Originators of Micro-Entries will be required to use commercially reasonable fraud detection, including the monitoring of Micro-Entry forward and return volumes

This Rule clarifies the roles and responsibilities of Third-Party Senders (TPS) in the ACH Network by addressing the existing practice of Nested Third-Party Sender relationships, and making explicit and clarifying the requirement that a TPS conduct a Risk Assessment.

The Rule is effective September 30, 2022, with a 6-month grace period for certain aspects of each topic.

This Rule defines and standardizes practices and formatting of Micro-Entries, which are used by some ACH Originators as a method of account validation. The term Micro-Entry is defined, and Originators are required to use the standard Company and Description and follow origination practices.

This rule supplements previous ACH Security Framework data protection requirements by explicitly requiring large, non-FI Originators, Third-Party Service Providers (TPSPs) and Third-Party Senders (TPSs) to protect deposit account information by rendering it unreadable when it is stored electronically.

Beginning June 30, 2022, this rule applies to those with ACH volume of 2 million transactions or greater annually.

This rule supplements previous ACH Security Framework data protection requirements by explicitly requiring large, non-FI Originators, Third-Party Service Providers (TPSPs) and Third-Party Senders (TPSs) to protect deposit account information by rendering it unreadable when it is stored electronically.

Implementation began with Phase 1 which applies to those with ACH volume of 6 million transactions or greater annually. Phase 2 applies to those with ACH volume of 2 million transactions or greater annually.