Trustmi named Nacha partner as fraud rules tighten

Trustmi has been named a Nacha Preferred Partner as Nacha introduces new fraud risk management rules for ACH payments.

The move comes as businesses face tighter requirements to monitor payment fraud before transactions are submitted. The new framework also introduces the term "False Pretences" for fraud that appears legitimate within normal business processes, including business email compromise, vendor impersonation and payment redirection.

That marks a shift from traditional payment checks, which often focus on validating account details or screening for unauthorised access. Under the updated rules, organisations are being pushed to identify fraud that originates within approved workflows and seemingly legitimate requests.

Trustmi says its platform is designed to detect those patterns by analysing activity across email, enterprise resource planning systems, vendor records, invoices and payment platforms. It says this helps identify anomalies that may not be visible within a single system.

The Nacha Preferred Partner programme recognises companies within Nacha's network for products and services linked to the payments system. For Trustmi, the designation connects its offering to a growing concern among finance teams that payment fraud is becoming harder to distinguish from routine activity.

Jane Larimer, President and Chief Executive Officer of Nacha, commented on the appointment.

"Nacha continues to be focused on solutions for credit-push fraud," said Jane Larimer, President and Chief Executive Officer, Nacha. "We are pleased to welcome Trustmi as a Nacha Preferred Partner."

Fraud shift

Trustmi argues that the latest fraud trends are less about breaching technical barriers and more about manipulating trusted business relationships and internal processes. In practice, that can involve changes to supplier bank details, altered invoice instructions or payment requests that appear to come from known contacts.

These cases have become a bigger operational issue for businesses because the transactions may still satisfy existing controls. That has increased pressure on treasury and finance teams to show they have stronger monitoring in place across the payment lifecycle.

Trustmi says businesses are now expected to establish continuous, risk-based fraud monitoring, detect unusual behaviour, validate payments before ACH submission and maintain audit trails for compliance. Those requirements are likely to increase scrutiny from banks and auditors when companies process large volumes of supplier and contractor payments.

One Trustmi customer described that pressure in sectors with broad vendor networks and frequent payment changes.

"At JLJ, we manage a large and constantly changing network of subcontractors and vendors across every project. Banking details change, new relationships get onboarded, and payments move fast. That's exactly the environment where payment fraud thrives, and exactly why we turned to Trustmi. It gives us confidence that every ACH payment we send is legitimate, and that we can demonstrate to our bank that we have the controls Nacha now requires," said Cindy Manos, Chief Financial Officer, JLJ & Associates.

Compliance pressure

The updated Nacha rules come at a time when many companies are reassessing how they manage payment risk beyond cyber security tools and bank account checks. The focus is shifting towards the intent behind a payment request, not just the validity of the data used to make it.

Shai Gabay, Co-Founder and Chief Executive Officer of Trustmi, said the formal recognition of "False Pretences" changes the control model businesses need to apply.

"Most fraud today doesn't break into systems - it works through them," said Shai Gabay, Co-Founder and Chief Executive Officer, Trustmi. "What Nacha has done with 'False Pretences' is formally recognize that the biggest risk isn't unauthorized access - it's authorized-looking payments. That changes how organizations need to think about control. It's no longer enough to validate data - you have to validate intent. For the first time, there's a mandate that matches the threat."

Trustmi says it protects more than USD $240 billion in payments annually and has helped prevent more than USD $1 billion in fraud, along with USD $5 billion in payment errors. Founded in 2021 and headquartered in New York, the company is backed by investors including Cyberstarts and Insight Partners.

The Nacha designation gives Trustmi added visibility as businesses look for ways to meet stricter fraud monitoring standards in ACH payment operations.