Is ACH Safe? Are ACH Payments Safe Compared to other Methods?
ACH payments are a safe way to pay vendor invoices and employee payroll. According to data from NACHA fewer than 0.03% of ACH transactions are returned as unauthorized. ACH remains the preferred payment method for accounts payable departments to pay their vendors. ACH payments grew to 26.8 billion transactions in 2020 (a 8.2% YOY increase) according to NACHA, the organization that oversees ACH activity. But how safe are ACH payments compared to other methods? Keep reading to find out.
With only one third of a percent of all payments being return, ACH provides a high level of safety by any standard despite rising concerns over cyber security. Of course, that doesn't mean zero risk. While ACH payments tend to be very safe for the payer, the vendor is the one who is often sharing their sensitive info. The good news is, there are a few steps you can take to assure your vendors that their banking info is protected. Making your ACH payments safe is not only good for vendor relations, it protects you against liability for fraud. Here are some tips to ensure your ACH payments are safe for you and your vendors.
3 Steps to Secure ACH Payments
ACH payments are safe for you but you can make them safer for your vendors. Here's how...
1. Remove Human Data Input
Bank account numbers and routing numbers can be used to access funds. Instead of emailing your vendors or collecting this info by phone, set up a secure portal where vendors can enter their banking information so your team never has to lay eyes on the data. This way, vendors aren't sending sensitive data over less secure platforms like email. Vendors should also be able to manage their info through this portal when (or if) they need to make updates.
2. Encrypted Storage
To make sure your ACH payments are secure, it is best to store data in encrypted servers that comply with highest industry standards of security (SSAE Type 16, SOC 2). Never store this data on local hard drives and it's best if you don't store it on your local servers either. Opting for secure 3rd party storage tends to be the most secure route.
3. Enable Secure File Transfer
Sending ACH files via SFTP will make sure your ACH payments are secure end-to-end. Enable audit traceability for all transactions, and again, remove human eyes from ever seeing banking info to ensure the file can't be edited en route to the bank.
Which is safer, ACH or Wire Transfer?
Not only are ACH payments more secure than wire transfers, they are also less expensive. In most B2B payments situations, ACH is the better option compared to Wire Transfer. The exception being that ACH is only available within the U.S., while Wire Transfers can cross international lines. Wire Transfers are also faster for rare occasions where funds have to be transferred immediately. But when security is the primary issue, ACH is safer. Learn more: Wire Transfer vs ACH Transfer »
Which is safer, ACH or Credit Card?
In general, there is a higher level of fraud protection for credit card transactions in the U.S. Another benefit is that a potential credit card fraud incident won't directly deplete your operating capital. However, when paying in bulk, it might not be in your company's best interest to process dozens, hundreds or even thousands of transactions on a credit card each month. What's more, credit card payments add an extra layer of accounting process as you will eventually be paying that credit card bill, presumably through check or some form of EFT such as ACH.
Which is safer, ACH or Check?
A check is safer for the vendor since it requires none of their banking info. However you are putting a hard copy of your bank account and routing numbers in the mail, which is not so secure. If you want to prevent check fraud when you do have to use checks, learn about positive pay.
ACH Payment Processing for Microsoft Dynamics GP
Fidesic AP is the go-to accounts payable automation solution for Dynamics GP and simplifies ACH with higher levels of security. Here's why Fidesic is different:
- Fidesic AP includes a vendor portal so you (the user of Fidesic) do not handle your vendors' bank account info directly. Your vendor enters their data into our portal so they don't have to email, or deliver their bank info by an insecure method.
- ACH banking info is stored in an 'encrypted at rest' location in our SSAE Type 16, SOC 2 compliant servers.
- We automatically deliver the ACH file directly to your bank over SFTP, which means it's encrypted end-to-end. There's no ability for anyone (whether accidentally or maliciously) to edit the info in the file before it is delivered to the bank.
- Vendors manage their ACH info, so your employees do not have direct access to sensitive info when vendors need to make changes.
- The Fidesic AP module sits directly inside GP. All you have to do is pick the invoices you'd like to pay out of GP, and we'll take care of fulfillment, whether that's via paper check or ACH. Every payment we send will give your vendors the option to opt in for ACH payments.