Recurring Transactions

Q. Is an electronic signature an acceptable authorization for recurring payments? If so, how long must a merchant keep the electronic authorization record?

According to the NACHA Operating Rules, a digital signature is a valid signature authorization for recurring payments. The merchant accepting the digital signature must keep the electronic record of authorization for two years after the term of the authorization. As an example, if it is a one year agreement, the authorization record must be kept for two years after the end of the year of transactions authorized.

Q. Can a consumer authorize recurring ACH payments over the telephone?

No, not for recurring payments that are initiated over the telephone and then originated as ACH transactions. Recurring transactions that will be originated as paper drafts can be authorized over the phone, but not when originated as ACH.

Q. Should a pre-authorized recurring payment authorization for paper draft (debit) transactions be different from an authorization for recurring ACH debit transactions?

With the new NACHA Rules now in effect, the differences are nominal between a paper draft authorization and an ACH debit authorization. The most important thing to keep in mind when writing any type of transaction authorization is that the authorization should clearly state the terms of the transaction and be identifiable as an authorization for the transactions. For details, please refer to the chart in the answer to the FAQ “What are the key elements of a consumer debit transaction authorization?” (below)

Q. What are the key elements of a consumer debit transaction authorization?

All transaction authorizations should contain the following:

	Amount of the transaction
	Date the transactions are to occur
	Frequency of the transactions (weekly, monthly, quarterly, etc.)
	Term, number of payments or length of time for which the authorization is valid
	Telephone number that the consumer should call to revoke the authorization

See chart below:

	Face to Face Interaction	Interaction via the Internet	Interaction Over the Phone [1]
	Acceptable Authentication	Minimum Acceptable Authentication	Who Initiates Call?	Minimum Acceptable Authentication
Recurring
Existing Relationship [2] & No Relationship	Written Signature	Key enter 4-digit (min) code or digital signature [3]	Customer	Key enter 4-digit (min) code [1]
Existing Relationship [2] & No Relationship	Written Signature	Key enter 4-digit (min) code or digital signature [3]	Company	Written signature only
Non-Recurring
Existing Relationship [2]	Written Signature	Key enter 4-digit (min) code or digital signature [3]	Customer	Key Enter or verbally express the 4-digit (min) code [4] or, Send notice by mail [5]
Existing Relationship [2]	Written Signature	Key enter 4-digit (min) code or digital signature [3]	Company	Key Enter or verbally express the 4-digit (min) code [4] or, Send notice by mail [5]
No Relationship	Written Signature	Digital Signature with certificate [3]	Customer	Key Enter or verbally express the 4-digit (min) code [4] or, Send notice by mail [5]
No Relationship	Written Signature	Digital Signature with certificate [3]	Company	Written signature only

[1] When using the telephone to key enter or verbally express the 4-digit (minimum) code, this code must be on the written authorization that is in the consumer’s possession when this telephone conversation occurs.

[2] There is an existing relationship when there is an agreement in place between the company and the consumer, or when the consumer has purchased goods or services from the company in the past.

[3] Must be encrypted with a minimum of Secure Socket Layer (SSL) or equivalent technology

[4] In order to manage risk, the company should do an address match-up with an address on file (e.g., the address on a catalogue must be the same as the address to which the goods are shipped.)

[5] Send out a notice by mail in advance of the Settlement Date of the transaction.

* For additional assistance, please see the document entitled, “Authorization for Non-Recurring ACH Transactions.”

NOTE: Authorization for collection of a fee requires signature authorization or digital authorization such as a "mouse click" or verbal recording.

Q. Can you give me sample authorization language for pre-authorized recurring transactions?

"I, (CUSTOMER NAME) hereby authorize (MERCHANT NAME) to deduct (TRANSACTION AMOUNT) on the (DAY OF THE MONTH) beginning (START DATE) until (LAST PAYMENT DATE). Furthermore, I understand I should call (MERCHANT PHONE NUMBER) to cancel this authorization." Then, a signature and date line is to be added if a written signature is obtained or, an “I Agree” button should be used if the authorization is being made via the Internet. Additionally, for Internet transactions, a page should be presented to the customer that re-states entirely the purchase arrangement made by the customer. The customer can then print and retain the page as the copy.

Q. How should a copy of the authorization be provided?

For telephone transactions, a prior written notification (such as a postcard) could be sent to confirm the agreement and meet the requirement of providing a copy of the authorization. For authorizations authenticated by written signature, a paper copy of the signed authorization should be provided. For computer authorized transactions, a reply could be sent to the consumer's email address confirming the agreement. A page should be presented to the customer that re-states entirely the purchase arrangement made by the customer.

Q. What if the merchant bills variable amounts each month the way a utility company does? How would the authorization be written?

"I, (CUSTOMER NAME) hereby authorize (MERCHANT NAME) to deduct on the (DAY OF THE MONTH) beginning (START DATE) any amounts due for service not to exceed (MAXIMUM DOLLAR AMOUNT) per (WEEK, MONTH, QUARTER, ETC.). Furthermore, I understand I should call (MERCHANT PHONE NUMBER) to cancel this authorization." Then, a signature and date line is to be added.