Blog · Compliance
Nacha's False Pretenses rule: what outsourced bookkeeping firms need to know
Published June 10, 2026 · 6 min read
Most coverage of Nacha's 2026 rule changes focuses on Phase 2 fraud monitoring requirements. Fewer people are talking about the False Pretenses return code update from March 2026 — and for outsourced bookkeeping firms that originate ACH payments for clients, it is the more immediately consequential change.
What the False Pretenses rule actually says
Nacha's March 2026 rule update established False Pretenses as a formal return reason code for ACH transactions. The rule applies when a payment was authorized by a legitimate party — meaning the approval process ran correctly — but the authorization itself was obtained through misrepresentation.
In plain English: if a fraudster impersonated your vendor to trick your AP team into updating bank details, then an invoice was submitted and approved through your normal workflow, and the payment went to the fraudster's account — that payment can now be formally disputed and returned under a named code. The return creates a liability question: who bears the loss?
Why this matters for bookkeeping firms specifically
If your firm originates ACH payments for clients — even through QuickBooks Online — you are in the payment origination chain. When a False Pretenses return is filed, the Originating Depository Financial Institution (ODFI) and the Third-Party Sender (often the bookkeeping firm) are in the liability conversation. Having documented pre-payment verification is your best defense.
What counts as "False Pretenses" in AP workflows
The rule captures any scenario where the authorization was legitimate but the payment destination was not. For accounting firms managing AP, three attack patterns are most common:
Vendor Email Compromise (VEC)
A vendor's real email account is compromised. The attacker sends an invoice — from the real email, with the correct format and amount — but with updated bank details. Your team approves it. The authorization is legitimate. The payee is not.
Bank change request from a spoofed domain
An email arrives requesting a bank account update, sent from a domain one character off the real vendor (vendorcorp.co instead of vendorcorp.com). Staff updates QBO. The next invoice is approved and paid — to the wrong account.
Fake invoice for legitimate vendor
A fraudster fabricates an invoice using a real vendor's name and branding, submits it through normal channels, and it clears your approval process because the vendor is known and the amount is plausible. No goods or services were delivered.
In all three cases, the payment was authorized. It ran through your controls. The False Pretenses rule says that authorization under misrepresentation is still grounds for return — and someone in the chain bears that exposure.
How False Pretenses interacts with Nacha Phase 2
Nacha Phase 2, which went live June 22, 2026, requires all ACH Originators to maintain a documented, risk-based fraud monitoring program. False Pretenses and Phase 2 are not the same rule — but they interact directly.
Here is why: a False Pretenses return dispute will ask whether the originating party exercised reasonable care before sending the payment. A documented fraud monitoring program — specifically, evidence that you ran pre-payment verification and flagged anomalies before payment release — is the most concrete answer to that question.
A firm that processes ACH without a fraud monitoring program has two problems simultaneously: a Phase 2 compliance gap, and a weaker defense in any False Pretenses dispute. See the Nacha 2026 ACH fraud monitoring checklist for what the monitoring program requirement covers.
What bookkeeping firms should do now
The False Pretenses rule is already in effect. Phase 2 went live June 22. Both rules are active. Here is the practical response:
1. Confirm whether you are a Third-Party Sender
If your firm initiates ACH payments on behalf of clients — through QBO bill pay, Xero, or any payment processor — you are likely acting as a Third-Party Sender under Nacha rules. This puts you in scope for both Phase 2 monitoring requirements and False Pretenses liability.
2. Document your current fraud monitoring process
What do you currently do before an ACH payment releases? If the answer is "approve the invoice in QBO," that is not a fraud monitoring program. Document whatever review exists. Then identify the gaps.
3. Add pre-payment verification for bank changes and new vendors
At minimum: any vendor bank account change requires out-of-band confirmation before the payment releases. Any first payment to a new vendor requires heightened scrutiny. Log both. This is the core of a defensible fraud monitoring program.
4. Create an audit trail you can produce on demand
If a payment is disputed under False Pretenses, you will need to show what checks ran before it released. An audit trail — date, vendor, what was verified, who reviewed it, what the outcome was — is the evidence that demonstrates reasonable care.
For the full picture on what Third-Party Sender status means for your firm, see Nacha Third-Party Sender: what bookkeeping firms need to know.
FAQ
What is the Nacha False Pretenses rule?
Nacha's False Pretenses rule, effective with the March 2026 rule update, allows an ACH payment to be returned under a "False Pretenses" return reason code when a payment was authorized by a legitimate party but obtained through misrepresentation — for example, when a fraudster impersonated a vendor to trick an AP team into changing bank details before payment. This gives the Originating Depository Financial Institution (ODFI) grounds to return the payment and creates a clearer liability framework for who bears the loss.
Are outsourced bookkeeping firms affected by the False Pretenses rule?
Yes. Bookkeeping firms that originate ACH payments on behalf of clients — even through QuickBooks Online's bill pay — are acting as Third-Party Senders under Nacha's rules. When a payment is made through misrepresentation and returned under the False Pretenses code, the firm that originated the payment is in the liability chain. Having a documented fraud monitoring program — including pre-payment verification — demonstrates reasonable care and reduces exposure in a False Pretenses dispute.
What does "False Pretenses" mean in the context of vendor fraud?
In the context of accounts payable fraud, False Pretenses refers to any scenario where a payment was authorized based on a lie: a fraudster impersonating a vendor (VEC), a fake invoice for goods or services never delivered, or a fraudulent bank change request submitted from a compromised vendor email. The payment runs through normal approval channels. The payer believes they are paying a legitimate vendor. They are not.
How does pre-payment verification reduce False Pretenses liability?
Pre-payment verification creates documented evidence that your firm checked the payee's bank details against an independent, historical record before releasing the payment. If a payment is later disputed under a False Pretenses claim, documented verification shows you exercised reasonable care. Without that evidence, the liability question defaults to "did the firm have adequate controls?" — a harder case to make.
Is False Pretenses different from Nacha Phase 2 fraud monitoring?
They are related but distinct. Nacha Phase 2 (effective June 22, 2026) requires all ACH Originators to maintain a documented, risk-based fraud monitoring program. The False Pretenses return code (March 2026) creates a mechanism to dispute payments obtained through misrepresentation. Together, they create a compliance and liability environment where firms without documented fraud monitoring face both a compliance gap and a weaker defense in payment disputes.
Build the fraud monitoring program both rules require
Vantirs gives accounting firms a documented, automated fraud monitoring program — bank change detection, new vendor flagging, and anomaly alerts across every QBO and Xero client, with a full audit trail for each payment cycle.