Cash Management Training Plus

If you don’t see an answer to your question, contact us online or call:

Business Solutions Support
844.238.3838

Monday – Friday 8 a.m. — 5 p.m.
Saturday 8 a.m. — Noon


Cash Management Security Training

Users conducting online transactions such as wire and ACH transfers are required to complete security awareness training at least once each year.

Cash Management Security Training Login

(Don’t forget to complete the acknowledgment form!)

Log In Instructions

New Users
User Name: Your email address on file with Bank Midwest.First-time
Password: Security1!

Returning Users
User Name: Your email address on file with Bank Midwest.
Password:  Use the password you created for the training site previously.

If you’ve forgotten your password, click the ‘Forgot Password?’ link to reset your password.

  • Click Open Curriculum link in the Action column (far right) to open the training materials.
  • Start the training by selecting the Launch button next to Bank Midwest eCommercial SAT Course 2021.

Training Components

1. Watch the 25 minute slideshow,
2. Take the quiz.
3. Review and mark the acknowledgment form complete.

Security Questions

  • Trusteer Rapport Protection Ending After Dec. 31, 2021

    Our digital banking upgrade which happened July 2021 included security improvements – user verification codes, added account and security alerts, business dual control features, activity monitoring, and more.

    Given these increased protections, after December 31, 2021, Bank Midwest will no longer offer Trusteer Rapport™ protection via browser extensions.

    Please contact us if you have any questions.

  • One-Time Verification Codes

    One-time verification codes offer an added layer of protection.

    When logging in from a new device or every time you move money from your accounts via ACH or Wire, you’ll be prompted to enter a one-time verification code.

    Choose how to you wish to receive this one-time code which can be delivered by email, voice or text.  Physical tokens will also be an added option after July 27.

    Bank Midwest requires one-time passcode tokens for all business Cash Management users. Two types of tokens are available are:

    • Physical security token device (about the size of a key ring).
    • Virtual token generated through a mobile app.

     

    REGISTER YOUR VIRTUAL TOKEN

    • The first time accessing Online Banking, enroll to establish your user ID and password.
    • Then, call Business Support at 844.238.3838.
    • Log in to Online Banking and add your token device. After the password is entered, you’ll see a Security Settings screen where you can Add New Device by clicking the button. Enter the token description (i.e. John’s mobile token) and enter the Serial Number found on the back of the physical token or in the virtual app.

    Don’t hesitate to call our Business Support team at 844.238.3838 if you have any questions about using security tokens.

     

ACH Standard Entry Class Codes

  • SEC Quick Guide

    Consumer Transactions

    Commercial Transactions

    PPD

    PPD: Prearranged Payment & Deposit

    CCD and CTX

    CCD: Corporate Credit or Debit
    CTX: Corporate Trade Exchange

    Unauthorized Returns Window

    60 calendar days

    Unauthorized Returns Window

    24 hours (2 banking days)

  • Why is it important to use the correct SEC code?

    Using the correct SEC Code ensures that your company complies with the ACH rules established by NACHA, the electronic payments association. You can also limit your exposure for unauthorized returns by using the proper SEC Code.

  • Consumer Transactions -- PPD code details

    Use PPD for deposits and/or withdrawals to or from consumer accounts such as direct deposit of payroll, pension, dividends, or payment of utility bills, mortgages, rent, membership dues, loans and other recurring payments.

    PPD Prearranged Payment and Deposit Entry
    Definition An entry initiated by an Organization to a Consumer Account of a Receiver based on a standing or Single Entry authorization from a Receiver
    Type of Entry Single OR Recurring EntryCredit OR Debit Entry
    Authorization Requirements Authorizations must be readily identifiable as an authorization and:

    • Have clear and readily understandable terms
    • Provide that the Receiver may revoke the authorization only be notifying the Originator in the time and manner stated in the authorization

    Credit entries to Consumer accounts:

    • Authorization is not required to be in writing

    Debit entries to Consumer accounts:

    • Authorization must be in writing and signed or similarly authenticated

    Similarly authenticated:

    • The standard permits signed, written authorizations to be provided electronically
    • To satisfy requirements of Reg E and NACHA Operating Rules, the authentication process must evidence both the consumer’s identity and the assent to the authorization

    Electronic authorizations:

    • Must be visually displayed in a manner than enables consumer to read the communication
    • Writing and signature requirements are satisfied by compliance with the E-sign Act
    • Electronic signatures include, but are not limited to digital signatures and security codes
    Special Rules Notice of change in dollar amount:

    • If the amount of a debit Entry to a Consumer account differs from the amount of the immediately preceding debit Entry relating to the same authorization, or differs from a preauthorized amount, an Originator must send the Receiver written notification of the amount of the Entry
    • The Originator must send this notice at least 10 calendar days prior to the date on which the entry is scheduled to be initiated

    Notice of change in scheduled debiting date:

    • If the Originator changes the scheduled date on or after the entries are scheduled to be initiated to a Receiver’s account, the Originator must send the Receiver written notification of the new date.
    • If the Originator must send this notice at least 7 calendar days before the first entry is scheduled to be debited to the Receiver’s account
    Addenda Records Addenda Records are OPTIONAL for PPD entries:

    • Maximum number of Addenda records is one
    • Used by Originator to supply additional information about the entry detail record
    • Must contain payment-related information only — any other use is prohibited
    • ANSI ASC X12 data segments or NACHA endorsed banking conventions (i.e. tax payment/child support)
    Retention
    • Originator must retain the original or a copy of each authorization (signed, written or similarly authenticated) of a Receiver for 2 years from the termination or revocation of the authorization
    • Upon receipt of an RDFI’s written request — ODFI must provide a copy at no charge within 10 banking days
    Exception Return Reason Codes
    • R07 Authorization Revoked
      60 calendar days
      Need Written Statement of Unauthorized Debit
    • R08 Payment Stopped
      24 hours
    • R10 Customer Advises Not Authorized
      60 calendar days
      Need Written Statement of Unauthorized Debit

    ACH-Debit_generic-form
    ACH-Credit_generic-form

     

  • Commercial Transactions -- CCD and CTX code details

     

    CCD
    CTX
    Corporate Credit or Debit
    Corporate Trade Exchange
    Definition CCD: An entry initiated by an Organization to or from the account of that Organization or another Organization

    CTX: An entry originated by an Organization to ro from the account of that Organization or another Organization and accompanied by one or more Addenda Records

    Type of Entry Single OR Recurring EntryCredit OR Debit Entry

    May be non-monetary

    Agreements
    • The Receiver has an agreement with the Originator under which the Receiver has agreed to be bound by the ACH Rules.
    • This agreement is sometimes referred to as a Trading Partner Agreement. Both parties, Originator and Receiver, should retain a copy of this Agreement.
    • An ODFI may request a copy of this agreement from the Originator.
    Special Rules
    • CCD and CTX entries are contractually bound between two entities for transfer of funds to or from an account that is not primarily used for personal, family or household purposes.
    • Return timeframes for unauthorized CCD and CTX entries are different than unauthorized consumer entry returns.
    • Return timeframe for ALL CCD and CTX entries is 24-hours: Each Return Entry must be made available to the ODFI no later than the opening of business on the second banking day following the Settlement Date of the original entry.
    • Exceptions to return timeframe for CCD and CTX entries: RDFI contacts ODFI, requests and receives Explicit Permission BEFORE returning outside the 24 hour return timeframe (see Return Reason Codes below).
    Addenda Records Addenda Records are OPTIONAL for CCD entries:

    • Maximum number of Addenda records is one

    Addenda Records are OPTIONAL for CTX entries:

    • Maximum number of Addenda records is up to 9,999

    Addenda Records for both CCD and CTX:

    • Used by Originator to supply additional information about the entry detail record. Commonly used for invoice information from company to company.
    • Must contain payment-related information only — any other use is prohibited.
    • ONLY — ANSI ASC X12 data segments or NACHA endorsed banking conventions (i.e. tax payment/child support).

    Upon request of the Receiver, an RDFI MUST provide to its Receiver all Payment Related Information contained within the Addenda record(s). Payment-related information MUST be provided within 2 banking days.

    Specific Return Reason Codes
    • R08 Payment Stopped24 hours
    • R29 Corporate Customer Advises Not Authorized24 hoursNo Written Statement of Unauthorized Debit needed
    • R31  Permissible Return Entry (CCD & CTX only)No time limit — determined by the ODFI and RDFIRDFI MUST request and receive explicit permission from ODFI BEFORE returning
    Exception Return Reason Codes
    • R05 Unauthorized Debit to Consumer Account using Corporate SEC Code60 calendar daysNeed Written Statement of Unauthorized Debit from receiver/account holder of consumer accountNOTE: Consumer Account as defined by Regulation E.

    Abbreviations:

    RDFI: Receiving Depository Financial Institution
    ODFI: Originating Depository Financial Institution

  • When should I use PPD vs. CCD vs. CTX?

    PPD – Use PPD for deposits and/or withdrawals to or from consumer accounts such as direct deposit of payroll, pension, dividends, or payment of utility bills, mortgages, rent, membership dues, loans and other recurring payments.

    CCD – Use this code for deposits and withdrawals to corporate accounts such as consolidating and sweeping funds between your business accounts, or to make or collect payments to or from other corporate entities.

    CTX – Use this code to make or collect payments to or from other corporate entities when you want to include more than one Addenda Record.  An Addenda Record is used to supply payment-related information to the receiving company; i.e. invoice information.

  • What are the unauthorized return time limits?

    PPD transactions have a longer window for unauthorized returns than CCD and CTX transactions.

    • CCD and CTX transactions have an unauthorized return time frame of 24 hours. There is one exception; the Receiver may receive permission from the Originator to return an unauthorized transaction.
    • PPD transactions have an extended unauthorized return time frame of 60 calendar days.

    As the Originator, if you are debiting a corporate customer’s account to collect payments, use the CCD or CTX SEC Code to limit your exposure to unauthorized returns.

    If you use the wrong SEC Code (i.e. PPD), you expose your company to a longer unauthorized return window.  Even though you are debiting a corporate account, the return time frames are based on the SEC Code used. So, the corporate customer would have 60 days to return an unauthorized transaction versus the 24-hour time limit for CCD or CTX transactions.

  • WEB Debits

    NACHA, the rule-making body for the ACH network, will implement a new rule on March 19, 2021 that mandates account validation for web-based payments.

    Businesses that accept payments via a web portal and process the transactions via ACH will be required to implement account validation as part of a commercially reasonable fraudulent transaction detection system.

    The new rule requires businesses to verify that the routing numbers and account numbers submitted for an ACH transaction are valid.

    The ACH rules do not define ‘validate’ but NACHA has provided clarification of the meaning of ‘validate’:

    At a minimum, the Originator must use a commercially reasonable means to determine that the account number to be used for the WEB debit is for a valid account – that is, that the account to be used is a legitimate, open account to which ACH entries may be posted at the [consumer’s bank].

    This rule is intended to help reduce fraud and reduce the number of returns for invalid account numbers entered by the customer.

    What does this mean for your business? If you accept ACH payments on your website and the customer manually enters their account and routing number you will need to have a method for verifying the account information before processing a payment.  If you rely on a software provider or shopping cart solution, the provider of that service must implement a solution to comply with the account validation rule.

    What are your options for validating an account?

    1. Manual check: Usually requires a conference call between you, the customer, and their bank
    2. Micro deposits:
      –You or your system would make one or two small deposits into the customer’s account.
      –The customer then confirms the amounts deposited. Since these microdeposits are sent via ACH it could take 2-3 days for the customer to confirm. Customers often fail to complete the verification process.
    3. Prenotes:
      –Similar to microdeposits, however prenotes do not require the customer’s verification.
      –You, the originator would send a $0 transaction via ACH.
      –Must wait 2 banking days before initiating a live transaction to allow for return of entry.
      –Seldom used because some 3rd party processors don’t support them.
    4. Bank network database – commercially available account validation database service
      –Compares account and routing number information entered by the customer to a database of previously validated accounts.
      –This method is virtually instant, but not all customer accounts will be in the database
    5. Instant account verification
      –Uses application program interfaces (APIs) and a secure digital connection to banks to retrieve the account and routing number from the customer’s online banking interface.
      –This method is virtually instant; however, it requires the customer to share their online banking login credentials which they may not be willing to do.

Wires

  • Incoming wires

    Set up wires for both domestic or international transfers using these wire instructions.

Same Day ACH

  • What is Same Day ACH?

    Having the flexibility to move funds faster is nice to have in your back pocket — just in case you need it. Access Same Day ACH through Cash Management with no additional fees.

    Initiate eligible ACH payments by 1:30 p.m. CT for same day processing. Recipients will receive funds by 5 p.m. that same day. NOTE:  Same Day ACH is not immediate.

  • Why would I use Same Day ACH?

    There are any number of reasons why you may need to move money faster including:

    • Missed payroll
    • Urgent payment requests
    • Time-sensitive fund transfers
  • What is the transaction limit?

    The limit for Same Day ACH transactions is $100,000 per transaction (this limit will not exceed or override your organization’s daily limit).

  • What is the cut-off time for same day processing?

    The Same Day ACH cutoff time is 1:30 p.m. CT. Make sure batches are scheduled and approved before this time in order to receive same day processing. NOTE: Same Day ACH is not immediate. Payees will receive funds by 5 p.m. that same day.

Correcting ACH Mistakes or Duplicates

  • What happens if I find an error or duplicate ACH file?

    Once an entry or file of entries has been transmitted in the ACH Network, it cannot be recalled; however, an erroneous or duplicate file can be reversed.  A reversal file should only reverse those batches that were duplicate or contained errors.

    It’s the responsibility of the company who originated a duplicate or erroneous file to reverse the file.

  • How long do I have to fix an ACH error?

    Once you find an error or duplicate, transmit the file to Bank Midwest within 24 hours. You only have 5 banking days after the Settlement Date to initiate a reversing file. If a duplicate or error is discovered past the 5 day post-settlement date, please contact Business Support, 844.238.3838, for assistance.

  • What do I do differently for file origination?

    You must enter the word, REVERSAL, in the field called “Batch Name.” If a reversal file is intended to reverse an erroneous file, initiate a corrected file as well. If the file is reversing a duplicate, no additional step is needed.

  • How does the receiver know there was an error?

    You, as an Originator, must make a reasonable attempt to notify the Receiver of, and the reason for, the reversing entry no later than the Settlement Date of the reversing entry. How you reach out to the receiver is up to you — phone, email, etc. Use your best judgment.

Send File

Additional Resources


Learn more
about ACH payments at NACHA’s site: nacha.org