Payments Insider 4th Quarter 2025
The inside scoop on payments for businesses of all sizes.
by James Kallergis, AAP, APRP, Manager, Audit Services, EPCOR
If you’ve ever watched The Terminator, you know the fear—artificial intelligence (AI) taking over, humans sidelined. Using AI in business payments is a double-edged sword. It’s hard not to see the advantages: AI can spot fraud faster than any human, simplify operations and even improve customer experience. But there’s a catch—AI can also “hallucinate,” producing results that appear accurate but are actually incorrect. And during this busy season, when fraud risks often spike, “almost right” can still lead to big problems.
For businesses that originate ACH transactions, AI can be a powerful tool. It can help streamline processes like payment reconciliation, spot unusual activity before it becomes fraud and even improve vendor management by recognizing transaction patterns. AI-driven customer service tools can also instantly answer common payment questions, freeing your team to focus on higher-value tasks.
Without the correct data or context, AI can easily misidentify potential fraud, suggest inaccurate payment actions or generate flawed internal policies. Businesses should view AI as an assistant, not a replacement for human judgment. Staying informed about how AI tools operate and reviewing their output critically is key to avoiding costly mistakes.
AI isn’t just in your hands; it’s in the hands of criminals, too. Fraudsters are using tools like voice cloning to impersonate executives and trick staff into sending unauthorized payments. Synthetic identities can sneak through onboarding systems, and AIgenerated phishing messages look more convincing than ever.
But AI can also help defend against these threats. Behavioral analytics can flag unusual transactions or login activity, and voice biometrics can detect cloned voices before fraud occurs. Still, these tools are only as strong as the humans overseeing them— someone must review alerts, validate findings and make informed decisions.
Beginning in 2026, new ACH fraud monitoring rules will require all Originators, Third-Party Senders and Third-Party Service Providers to have documented, risk-based processes to identify suspicious or unauthorized entries. For corporate Originators, that means taking a closer look at how your company monitors payments and vendor changes.
AI can be one option to help meet those expectations, but it’s not the only way. Strong internal controls, manual reviews and traditional monitoring tools remain vital components of a solid fraud prevention strategy.
AI can process vast amounts of data and highlight patterns that might otherwise go unnoticed, but it lacks the intuition, judgment or accountability that human oversight provides. For business payments, context matters—whether it’s understanding why a vendor’s account information changed or whether an authorization really looks legitimate.
And at the end of the day, business is built on relationships. Your customers, vendors and employees still value human communication, especially when trust or money is at stake. Customers facing stressful situations don’t want a chatbot. They want empathy, reassurance and clear answers from a real person. Empathy and understanding can’t be automated.
AI is both a powerful ally and a potential liability. It can help streamline operations, strengthen fraud defenses and enhance customer service, but it can’t replace human expertise or responsibility.
Like in The Terminator, the technology isn’t inherently good or evil; it depends on who’s using it and how. Businesses have the opportunity to harness AI thoughtfully, pairing innovation with accountability. The future of payments security and efficiency isn’t predetermined, and this season of planning and preparation is the perfect moment to shape what comes next. As the movie reminds us: “There is no fate but what we make.”
by Matthew Wade, AAP, AFPP, APRP, CPA, Senior Manager, Advisory Services, EPCOR
Ring in 2026 by giving your organization’s payments strategy a fresh start. New opportunities and rules are on the horizon, and setting a payments-focused resolution now helps your business stay audit-ready, compliant and ahead of industry changes.
Corporate Originators should be aware that automated proof of audit requests from Nacha are now sent directly to financial institutions. To stay compliant and reduce risk, complete your annual ACH audits. Reviewing full audit reports (not just confirmations) helps identify exceptions, verify compliance and address potential risks before they affect operations. Additionally, it’s critical to regularly review company user permissions—removing access for employees who have left or changed roles—to prevent unauthorized access and reduce operational and compliance risks.
Regulatory changes, including Nacha’s upcoming ACH fraud monitoring rules, are more than compliance checkboxes—they’re essential to safeguarding your organization. Update internal controls, verify vendor and partner payments carefully and establish risk-based monitoring processes. Strong fraud defenses protect your company and maintain trust with partners and customers. For practical, step-by-step guidance, watch EPCOR’s Did You Know video on the upcoming ACH fraud monitoring rules to see exactly how to prepare your organization.
The digital-first era and new payment rails, such as RTP® or the FedNow® Service, are redefining what’s possible. Instant payments, artificial intelligence (AI), cloud computing and secure digital tools can help streamline operations, improve transaction speed and strengthen fraud detection. Exploring instant payment use cases with your financial institution can enhance liquidity and efficiency.
Customers and vendors expect fast, secure and seamless payments. Leveraging modern technology and digital tools not only speeds up reconciliation but also builds stronger relationships. Personalization, frictionless approvals and proactive communication are key to maintaining satisfaction and trust.
The road to a successful 2026 starts now. With audit readiness, compliance and modernization in sync, your organization can stride into the new year prepared for a smarter, safer and more efficient payments future.
by Keldon Bowling, Communications Specialist, EPCOR
As budgets are finalized and goals are set, it’s the perfect time to set your team up for success. If you have experienced staff nearing retirement, now is your organization’s chance to train newer team members to step confidently into their roles. The best way to glide into 2026? Arming your team with knowledge and tools that make every payments process feel seamless.
So, get ready for payments education for your team and clients!
Staying compliant starts with easy access to the ACH Rules. If you don’t have a copy or need extras, contact your financial institution to see if they can make a copy or additional copies available to your organization.
EPCOR’s Guide provides a concise overview of the key ACH Rules every ACH Originator should know. It covers general rules, ODFI/ Originator responsibilities, prerequisites, warranties and walks through essential processes such as returns, NOCs, prenotes and more.
EPCOR’s short, animated videos make complex payments topics easy to understand in just a few minutes. Perfect for sharing with team members or clients, recent videos include New Fraud Monitoring Rules for ACH Originators, Stop. Secure. Report., Stop. Think. Verify., ACH Notifications of Change and more. EPCOR also offers a business-focused series to help small businesses stay vigilant, covering invoice fraud, CEO impersonation scams, point-of-sale (POS) fraud prevention and more. Watch these videos on EPCOR’s website, LinkedIn or YouTube channel.
Payments Insider (which you’re reading now) is a quarterly e-newsletter designed to keep organizations of all sizes up to speed on the latest payment system developments. The most recent edition is always available on EPCOR’s Corporate User webpage.
EPCOR’s Corporate User webpage provides a variety of resources for end-users, including updates on upcoming ACH Rules changes and much more. The page is regularly refreshed with new materials, and visitors’ suggestions are always welcome. Explore the resources by visiting epcor.org/corporateuser.
EPCOR’s Third-Party Sender webpage offers a range of resources, including sample agreements, helpful tools, educational videos, links to useful workbooks and more. Explore the page at epcor.org/tpsuser, and for any questions or guidance in finding the right resources, be sure to reach out to your financial institution.
As you kick off the new year, don’t hesitate to reach out to your financial institution for guidance or additional educational resources your team might need. Staying informed, asking questions and leveraging available tools ensures your organization can confidently navigate 2026 with efficiency, compliance and peace of mind.
PREPARE FOR NACHA’S 2026 FRAUD MONITORING RULE
By March 20, 2026 (or June 19 depending on your ACH volume), ACH Originators are required to have risk-based procedures in place to detect and respond to potentially unauthorized or fraudulent entries. Focus on new or changed accounts, review your processes and leverage your financial institution’s tools to stay compliant and reduce fraud risk.
Our team of dedicated professionals are here to support you.
