How Positive Pay Works to Prevent Check and ACH Fraud

Positive Pay is a fraud prevention service offered by banks to help businesses protect their accounts from unauthorized transactions. This system works by comparing payment information provided by a company against what is presented for payment, ensuring that only legitimate transactions are processed. It safeguards against both check and Automated Clearing House (ACH) fraud.

Understanding Check Positive Pay

Check Positive Pay addresses the risk of fraudulent, altered, or duplicate checks being cashed against a business’s account. It prevents financial losses by tackling issues such as forged signatures, changes to check amounts or payees, and the unauthorized creation of checks. A business using Check Positive Pay communicates its legitimate check issuance data to its bank, creating a secure record. When a check is presented for payment, the bank verifies its details against this information, ensuring a match between company records and the check to identify and stop suspicious items.

The Check Positive Pay Process

The process begins when a company issues checks for payments, such as to vendors or employees. The company records key details for each check, including the check number, the payee’s name, the exact amount, and the issue date. This detailed record-keeping forms the foundation of the fraud prevention system.

Following check issuance, the company creates a digital “issue file” or “positive pay file” containing these recorded details. This file is transmitted to their bank, typically on a daily basis. The bank utilizes this file as a reference point for all checks presented for payment against the company’s account.

When a check is presented to the bank for payment, the bank’s automated Positive Pay system compares the details on the physical check—the check number, the dollar amount, and sometimes the payee’s name—against the data submitted in the company’s issue file. This comparison is a rapid, automated verification step.

If the details on the presented check match the information in the company’s issue file, the bank recognizes it as an authorized payment. The bank proceeds to process the payment, allowing the funds to be disbursed. This ensures that legitimate transactions clear without delay, while also maintaining control over outgoing funds.

Managing Discrepancies

When a check presented for payment does not align with the data in the company’s issue file, the bank flags it as an “exception.” This discrepancy could arise from an incorrect amount, a mismatched check number, a voided check, or a missing record in the issue file.

Upon flagging an exception, the bank notifies the company, often through an online portal or email alert. The company then has a limited window to review the flagged item. This review involves assessing the discrepancy and determining if the check is legitimate but contains a data entry error, or if it is indeed fraudulent.

Based on their review, the company makes a decision: either to “pay” the check if it’s legitimate (e.g., a data entry mistake) or to “return” it if it’s fraudulent. The bank then acts upon the company’s instruction, either processing the payment or sending the check back unpaid. This decision-making process prevents unauthorized disbursements.

Positive Pay for ACH Transactions

Positive Pay also extends to Automated Clearing House (ACH) transactions, though its mechanism differs from that for checks. Instead of matching individual physical items, ACH Positive Pay focuses on pre-authorizing or blocking electronic debits and credits. This service prevents unauthorized electronic withdrawals from a business’s account.

Companies provide their bank with a list of authorized ACH debits or credits, which might include details like originator IDs, maximum transaction amounts, or payment frequencies for recurring transactions. The bank then either blocks all incoming ACH transactions not on this authorized list or applies filters based on the company’s predefined criteria.

Similar to check Positive Pay, any ACH transaction that falls outside the established parameters or does not match an authorized entry is flagged as an exception. The bank notifies the company of these suspicious electronic transactions. The company then reviews the flagged items and makes a decision to either approve or block the payment, providing security for electronic funds.