Web security audit

WEB Payments Security Review

The Nacha ACH rules require all "Originators" of WEB transactions to complete a once-per-year review of their data security procedures.  We sincerely appreciate you taking the time out to complete the following questionnaire.

The Nacha audit provisions do not prescribe a specific methodology to be used for the completion of an audit but identify key rule provisions that should be examined during the audit process. With that in mind, we've tried to make this as painless as possible.

Company name
This question is required
Account ID
This question is required
Website
This question is required

New rule!
Prior to debiting a customer for the first time, do you use a commercially reasonable method (Straddle wallets, Plaid, MX, etc) to determine that the account number to be used for a WEB debit entry is for a valid account?
This rule recently went into effect, more details here
Yes
No
Please choose an answer
This rule recently went into effect, more details here

A security compliance certification covers almost all of this questionnaire
Does your company have any compliance certifications supporting the in-scope product/service?
think SOC2 Type II, ISO 27001/2, PCI-DSS, HIPPA, FedRAMP, etc
Yes
No
Please choose an answer
think SOC2 Type II, ISO 27001/2, PCI-DSS, HIPPA, FedRAMP, etc
Submit