Everyone has that pile of objects in the basement or the attic that over the years just keeps growing in size. It could be old toys no longer used but saved for use by the grandchildren, old clothes you think you might wear again someday, or the furniture from your parents’ house that you hated to give up but really had no room for in your own house. In the banking context, the pile of objects closely resembles the cash management agreements many banks use. Many of these agreements were first put in use years ago when the bank decided to offer ACH services in addition to the normal commercial deposit account. Eventually the bank added wire transfer and a money market sweep account to the suite of options. Oftentimes banks use a separate form for each of the available services, some of which may or may not conflict with the other forms that were developed over a 10- or 20-year period.
Technology, cyber-risks and the ways people initiate transfers of funds have changed over time and will continue to change in the near future. If you haven’t updated your cash management agreements in several years, now may be a good time to review that pile of documents and agreements and consider what items needs to be addressed. A good way to handle such a review is to combine the separate agreements into one master agreement. Consolidating the documents in such a manner ensures that all of the definitions are consistent and any security processes are addressed across the entire platform.
What are the typical services that banks offer customers today? Probably the most common is ACH. ACH is one of those services where the technical underpinnings have essentially remained the same while regulations, rules and risks have changed. A customer is allowed to initiate debit entries through a bank to accounts maintained at the bank and in other depository financial institutions by means of the Automated Clearing House Network (“ACH”) pursuant to the terms of the Cash Management Agreement and the rules of the National Automated Clearing House Association (“NACHA”). In addition to NACHA rules, the Uniform Commercial Code (“UCC”) also comes into play. As with the transmission of funds generally in today’s environment, ACH transactions also must comply with various federal laws and regulations, including ones established by the Office of Foreign Asset Control (“OFAC”) and the United States Treasury’s Financial Crimes Enforcement Network (“FinCEN”).
ACH is one of those services that can be problematic for a bank and can result in regulatory criticism if the bank is not sensitive to the types of businesses conducted by its customers. Banks who process items for companies that are engaged in deceptive trade practices can find themselves subject to significant civil money penalties. For this reason, the ACH section of the Cash Management Agreement will emphasize the customer’s compliance with all U.S. laws, regulations, regulatory guidelines and guidance, and official commentaries, including without limitation all such regulations, guidelines, and commentaries issued by the Federal Financial Institutions Examination Council (“FFIEC”).
Wire transfers are another common service offered by banks. Wires can be initiated either by verbal instruction or via the internet. Wires can also be problematic for banks in several ways. First, it is not uncommon for a customer to simply key in the wrong information for the recipient. A wire that was supposed to go to a bank in NY City ends up going to someone in Cypress. Take my word for it, if the wire goes anywhere outside of the continental U.S. in error, it is most likely not coming back. Hopefully, the Wire portion of the Cash Management Agreement makes it crystal clear that the bank is not liable for mistakes made by the bank customer.
One of the other common services is remote deposit capture. Customers who receive a large volume of physical checks love this service. Scan an item using a desktop scanner and presto, a deposit is made to the customer’s account. There are a lot of variables about who owns the scanner and whether to rent or own it. This section of the Cash Management Agreement should provide risk minimization by limiting both the size of individual checks that can be deposited and an aggregate amount of checks that can be deposited on a daily basis. It will also address all of the issues surrounding the checks themselves, such as not depositing the same check twice and ensuring that the image quality is good.
Other possible services include Online Banking and Bill Pay; Lockbox, Positive Pay, Zero Balance Accounts and Sweeps Accounts.
An area of concern that is present in all of these services is that of cyber-security and the risk of loss for unauthorized transactions. Several years ago the drafters of the UCC adopted a brand new Article 4A to address the dramatic increase in wire and other electronic transfers between commercial accounts. Article 4A continues the traditional risk allocation framework in that unless certain exceptions exist, the bank bears the risk of loss for fraudulent transfers from a commercial deposit account. The major exception is where the bank and its customer have agreed upon certain commercially reasonable security procedures. In that instance the risk of loss for fraud will reside with the customer if the bank proves that it accepted a fraudulent payment order (1) in good faith and (2) in compliance with the security procedure and any written agreement or instruction of the customer restricting acceptance of payment orders issued in the name of the customer. Further, if a bank has established security procedures that a customer has declined to use, and the customer instead agrees in writing to be bound by payment orders issued in its name and accepted by the bank in accordance with another security procedure, then the customer will bear the risk of loss from a fraudulent payment order if thedeclined procedure was commercially reasonable.
When drafting a cash management agreement, lenders need to insure that their agreements take into account these changes in the UCC as well as other regulatory changes. If you are still using standalone agreements for each service, it may be time for you to consider consolidating them into one master agreement or at least reviewing and updating each separate agreement to insure it is current. At Bryan Cave we are familiar with all of the types of agreements used to transfer funds— including cash management, treasury management, ACH, wires, mobile banking and remote deposit—as well as with current case law addressing the risk of loss for fraud. We would be glad to provide a quick review of your internal documents or to consolidate your documents into a new master agreement.