One reason why ACH is tricky with consumer accounts is that there are LOOOONG reversal windows (~30 days) whereas the business transfers ("Corporate Credit and Debit") are final in 24-48 hours.
That means for consumer accounts there's a ton more risk of things going sideways well after the money has moved on.
(Source: possibly outdated circa 2011 NACHA rules and transaction types)
Is pull a totally different process? I’ve noticed for pull you have to authenticate the account (usually) with the “verify the two small deposits” dance while push will sometimes let you skip that.
In fact, I just called Citi earlier today because I’d closed a CC with them and had a credit. The CS rep asked for my routing and acct number and without even verifying it with me immediately said “you’ll see the credit in a couple days.” I asked her to verify the account number and she said “I’m sorry but the number is no longer visible to me but rest assured I sent it to the correct account.” So if those funds went somewhere else I suppose I’ll never see them?
I was also able to establish the ability to wire from my discount broker today to another checking account I have without performing any verification of the destination beyond providing the routing/acct number.
I have a feeling I actually don’t want to know how this all works...
If you don’t get the money you’ll call up Citibank again to complain and they’ll take the hit to their operational losses budget [0], which happens infrequently as a percentage of transactions but quite frequently over the totality of the system. That’s what the budget is for.
[0] Contingent on the transaction going through and not being reversible, which can happen for many reasons (staleness by the time you report it, disinclination of someone who enjoys Monopoly to repay Bank Error In Your Favor, CS staff not having a button that reverses the transaction, Citi’s ops team [1] considering it beneath their notice, etc.)
[1] I oddly enough know the name of their SVP in charge of this team because Citi escheated a check due to me to the state of Illinois back in 200X. Illinois told me they had insufficient information to determine that I’m the same Patrick McKenzie so they want said SVP to file a report on my behalf. I assess 80%+ likelihood that they’ll comply. This is boring inside baseball mostly meant to underline the fact that BigBank actually does have people with names and addresses who deal individually with transactions according to some fairly involved business processes.
> If you don’t get the money you’ll call up Citibank again to complain
I hope not. You can't imagine how annoying it is to get them on the phone. Well actually, you of all people probably know exactly how annoying it is. But I'll recap it anyway. First, when you login to the web site to access your closed account to check the statement, the 1-800 number displayed is for card activation only. Go to main web site, dig up correct number. None of the usual tricks (wait in silence, try 0, try 9, ask for an operator, ask for customer service) will bypass they infernal voice response system. Even "close account" is automated now. I guess they don't care about retention.
While I'm griping, the account has been closed for more than 90 days. Are they required at any point to send me a check?
Are they required at any point to send me a check?
They're required to do what they promised to do in your Deposit Account Agreement and/or are required to do by state law. In some states if you take no action to recover it they will be required to "escheat" the money to the safekeeping of the state treasurer to await your eventual claim for it.
Tbh there isn't much security in SEPA either. The only reason SEPA Debit Fraud is rare is because A) it requires you having a bank account with a verified address and business registration and B) the bank is liable if the vendor goes fraudstering. The bank gets the money from the fraudster or they loose it.
You can also easily block or reverse transfers either in general or for specific merchants including down to blocking only weekly payments under 50€ from vendor X if you want to be really specific.
It is an existence proof that the security is good enough to get the job done and keep losses to an acceptable level. If it was truly "woeful" enough to actually matter then an alternative with better security would have displaced it by now.
This is overly simplistic and assumes an open market witn no barrier to entry for competitors, which is not the case.
It’s like saying the people of North Korea believe their government is good enough to get the job done, otherwise KJU would have been displaced by now.
