Why False Pretenses Matter in the Fight Against Payment Scams

In a significant development in the fight against scams, Nacha is updating their rules to require financial institutions to address transactions initiated under ‘false pretenses’.

The concept of false pretenses is a powerful one. And a clear network rule with a definition is a significant development. Many scams succeed not because a payment is technically unauthorized, but because it is initiated under false pretenses, a common driver of credit push fraud and payment scams.

While the Nacha change applies to the ACH network, the underlying risk it addresses spans across all payment rails.

Why ‘false pretenses’ changes the conversation

False pretense is defined in the new Nacha rules as “the inducement of a payment by a Person misrepresenting (a) that Person’s identity, (b) that Person’s association with or authority to act on behalf of another Person, or (c) the ownership of an account to be credited.”

This definition was discussed during a recent webinar with Jordan Bennett of Nacha and Wade Raef of Outseer, Preparing for Nacha 2026 ACH Rule Changes. False pretenses are difficult to detect because the payment itself is authorized and the deception occurs before initiation. Detection depends on understanding what is normal, not on reviewing a single transaction.

This is what makes false pretenses transactions so difficult to address operationally. Risk only becomes visible when the transaction is viewed against prior account behavior, expected use of the account, and surrounding activity.

False pretense is the type of thing that “you know it when you see it” but how do you automate across millions of transactions to recognize it? And what do you do when it is recognized?

The former question can be answered by technology. For example, behavioral biometrics works behind the scenes to detect signs of coercion or manipulation, and other signals such as active call checks can be powerful tools in scams prevention. There are over 70 controls that banks implement to address scams, as set out in Outseer’s global research, Consumer Scam Controls.

The question of what to do when false pretenses are recognized is one of policies, procedures and, perhaps, customer agreements. Setting customer expectations as to what you will do to help them safely process payments includes telling them when you will NOT process a payment. In many cases, slowing a customer down, making them think about the context of a payment, can help them react to scams on their own.

A big shift in thinking

‍One of the most important shifts embedded in the Nacha 2026 rules changes is the recognition that scams do not end at payment initiation.

Looking at the transaction as a whole, which includes the party receiving the money, is valuable in fighting scams. While the rule does not suggest any form of information sharing, it does put requirements on the financial institutions receiving credit transactions to make them part of the solution.

In a scam scenario, the nefarious actors live on the receive side of a transaction – capturing money from the victim. It would be too easy if those accounts receiving money belonged to the actual bad actors, but that is rarely the case.

Another critical aspect of these scams is that they are repeatable. When false-pretense schemes succeed, the proceeds are often reinvested to fund additional attacks. Interrupting a single payment can therefore have a broader impact by disrupting an ongoing scam operation rather than just preventing an isolated loss.

‍How money mules fuel scams

‍Typically, the accounts receiving funds are part of a network of money mules, which makes money mule detection a critical component of scam prevention.

No financial institution wants money mules in their book of business, but reality is that most FIs have some mule activity. Fighting scams requires looking in-house for mule activity to curtail such activity as much as possible — even to the extent of closing accounts.

One of the primary enhancements to the Nacha Risk Management Rules is a requirement that Receiving Depository Financial Institutions (RDFIs) review their processes for handling incoming credits to evaluate whether the funds might be part of a credit push fraud scheme. This is a recognition of the reality that mule accounts exist and put FIs on notice that they are responsible for identifying mule activity.

All financial institutions seek to act in the best interests of their customers. Unfortunately, the “best interests” of some customers – money mules – are to the detriment of other consumers.

Mules are not a one-size-fits-all category, they encompass witting, unwitting and complicit actors. Mule accounts may be:

• Newly opened accounts showing rapid inbound activity
• Long-standing accounts with otherwise normal behavior
• Accounts belonging to individuals who have themselves been deceived into moving funds

This variability is what makes mule activity difficult to identify. Some mule accounts may appear overtly suspicious, while others blend into otherwise normal customer behavior. This reinforces the need to evaluate inbound credits over time, rather than relying on static rules or single-event reviews.

Detecting mules and false pretenses in payments

One defining characteristic of an account acting as a mule or part of a scam is that it will receive funds from multiple sources with the intent to send those funds to fewer sources. It is the “funneling” of money that eventually allows nefarious actors to cash out their ill-gotten gains.

FIs need to monitor transactions in the context of a customer relationship, with signals taken from across the digital banking sessions and transactions.

The good news is the tools are already in the toolbox. Identify the processes and techniques you would like to employ and, as my mother used to say, “shop from the pantry”!

Identify the processes and techniques already in use across fraud, AML, and payments teams, and document how they apply to false-pretense scenarios. Many institutions already have the necessary capabilities, the challenge is organizing them, applying them intentionally, and ensuring decisions can be explained later.

Financial institutions can look for changes in transaction patterns that do not align with historical behavior. For example, personal accounts receiving business or payroll-related credits, dormant accounts suddenly receiving large inbound payments, and funds moving rapidly through an account rather than settling there. Individually, these signals may not be definitive, but together they can indicate elevated risk.

Nacha’s guidance on false pretenses gives financial institutions a clear basis for investing in finding these types of transaction patterns.

Seize the opportunity

‍Any new rule provides an opportunity to evaluate what we do, how we do it and what supports the process. This is a great opportunity to improve your stance against scams and mules across all payment channels.

Moving Beyond Minimum Compliance

Minimum compliance is often reactive, addressing risk only after losses occur. In the context of modern scams and false pretenses, this approach leaves financial institutions exposed to repeat victimization as the same tactics are reused and refined.

The shift required is toward intentionality. Financial institutions are not expected to prevent every scam, but they are expected to understand where risks exist, apply controls deliberately, and be able to explain how decisions are made when risk is identified. Clarity around why certain risks are accepted, and how they are managed, is as important as the controls themselves.

Effective scam prevention is an ongoing process. It depends on consistent monitoring, regular evaluation of outcomes, and a willingness to adjust as behavior changes. Acting earlier, even when decisions introduce friction or discomfort, can interrupt scam activity before losses escalate.

Scammers thrive on confusion, fragmented defenses, and inaction. By focusing on money movement, false pretenses, and mule activity across payment channels, financial institutions can materially reduce scam losses and better protect their customers.

For an in-depth discussion of this topic, please watch this on-demand session, Preparing for Nacha 2026 ACH Rule Changes and False Pretenses Compliance.‍