Operations Bulletin #3-2025: Automating the Request for Proof of Audit

For over a decade, Nacha has been contacting financial institutions to request proof of an ACH Rules compliance audit of the institution and, if applicable, its Third-Party Senders, in accordance with Article One, Subsection 1.2.2 (Audits of Rules Compliance). The rule requiring FIs and Third-Party Senders to perform an annual audit has long served as a critical tool for assuring compliance with the Nacha Operating Rules, thereby contributing to operational soundness.

Until now, requesting proof of audit has been a manual process, which has limited the number of participants contacted. Beginning in October 2025, automation of this process through Nacha’s Risk Management Portal will enable Nacha to contact more FIs. Use of the Portal to facilitate the delivery of proof-of-audit requests and attestations will provide greater security for the information being exchanged. By contacting more FIs each quarter, and by using a secure channel for requests and responses, the process is becoming more efficient, inclusive, and accountable. 

Click Read More below to see the complete Operations Bulletin from Nacha.

Need outside help conducting your annual audit? Reach out to ePayAdvisors to get your 2026 engagement on the books now!

Tackling your audit yourself this year? Don't miss our Third Quarter Self-Audit Sale ending September 30 for discounts on compliance publications and resources!