You might be aware of the new Security requirements for Bank Account Numbers which applies to ACH Originators and Third-Parties with more than 2 million ACH payments annually and becomes effective on 30-Jun-2022.
NACHA, the governing body for ACH transactions in the United States, is rolling out updated security requirements which are actually best practice whether you meet the transaction level targets or not.
Read on for how you handle the requirements on your Microsoft Dynamics GP system.
In simple terms, the requirement is to ensure that Bank Account Numbers are non human readable when the data is “at rest”. Meaning it needs to be obscured in the SQL tables if your company generates more than 2 million ACH transactions each year.
The Rules are neutral as to the methods/technologies that may be used to render data unreadable while stored at rest electronically. Encryption, truncation, tokenization, destruction, or having the financial institution store, host, or tokenize the account numbers, are among options for Originators and Third-Parties to consider.
The following article has the details:
Back in 2012, I developed a method of obscuring Credit Card Numbers in the customer data. Based on this concept, I have created a sample project which I am providing free of charge to any Microsoft Dynamics GP customer to install on their GP Power Tools – Developer Tools module (Build 28 or later).
Use this sample from the GP Power Tools Samples page, if you need to meet the NACHA requirements or you would like to follow best practice and obscure your Bank Account Numbers in your data.
For details on the sample code, please see the articles below:
- #GPPT Obscuring Bank Account Numbers in Microsoft Dynamics GP
- #GPPT Protecting Mission Critical Custom Code
If you don’t have GP Power Tools yet, why not install it and activate the free 30-day trial period to see everything it can do.
More information on the GP Power Tools Portal: http://winthropdc.com/GPPT
05-Aug-2022: Added article about protecting Missing Critical Custom Code.
This article was originally posted on http://www.winthropdc.com/blog.
2 thoughts on “#MSDynGP New NACHA Data Security Requirements coming up on 30-Jun-2022”