[ergothus]

Perhaps those well-versed in such arts can inform me, who knows little about ACH and the rest:

Why is it so slow? I get that this is a system that can work built on top of any number of manual processes, but check-cashing scams are rampant and function in world where a major bank gets a check (apparently) from a different major bank and the customer is told it is all good....and possibly weeks later the check is noted as invalid and the deposit reversed.

...why can't the big players (at least) confirm things quickly? Why can't there be an easy status to say if a check has truly "cleared" or not?

The amount of fraud committed using this must be astronomical, based on how many reports I see without really looking.

What is the piece I'm missing?

[snoman]

ACH is a file format. You generate an ACH file and then SFTP that to the Federal Bank (or another central bank... I forget which). In simple terms, the file contains a header and a bunch of batches. The header has the account info whomever generated the ACH file (a bank, usually) and the records in each batch the account info of another party.

The federal bank iterates through all of the records in the file and attempts to perform each transaction using the pair of account info, the type of transaction, and the details in the transaction record.

To answer the question about why it takes so long?

Generally it doesn't actually. Most companies will tell you it takes 24hrs to send you money, and that's because most companies generate and submit an ACH file once a day, and the federal bank will process those files at some point after that.

Why does it take weeks for a deposit to be marked invalid and reversed? Well, analytics, fraud detection, and those kinds of activities are not all real-time. More than you think are actually caught _remarkably_ fast, but many take time to find and often include collaboration with multiple banks, government agencies, and policing organizations from multiple countries. That means geo-political concerns, international treaties, timezones, communication problems. You name it.

[Kneecaps07]

I actually had a job where part of my responsibility was processing this file. It was literally me opening WS_FTP Pro and manually downloading and uploading that file. It blew my mind that this was how we were doing it.

[teilo]

The entire system is built around asynchronous batch processing, as one would expect given when it was designed.

It assumes intermittent serial connections between systems to transfer the payload. The systems then process the payload offline, generate a response, and send back the result during the next transfer window.

Nowadays this is done via the Internet,* but the same basic architecture, and in many cases, the same mainframe backends, are still being used to do the processing.

* I'm not sure how the banks and the Fed are connected, actually. But ACH from businesses almost always go over the Internet. They used to go over dialup.

[mattmarcus]

Hey there - author of the article here.

Like some of the other comments said, ACH payments are handled by a middle man(The Clearing House/FedACH). In terms of speed, this is what their current guidance is:

"Specifically, the Nacha Operating Rules require that ACH credits settle in one to two business days and ACH debits settle on the next business day. Recent enhancements to the Nacha Operating Rules now enable same-day settlement of virtually all ACH transactions."

(https://www.nacha.org/news/what-ach-quick-facts-about-automa...)

For what you're asking about with check reversals, there are protections that let you challenge payments after they have "cleared". ACH payments from individuals can be challenged for up to 60 days and for businesses, up to 3 days (although sometimes banks will let you do it beyond that window).

ACH is built to be reversible. If you want avoid that, you can use wires or (soon) RTP.

[theossuary]

There's an interesting series of blog posts on the topic: https://engineering.gusto.com/how-ach-works-a-developer-pers...

And the accompanying hackernews thread - https://news.ycombinator.com/item?id=7636066

But basically it seems like ACH is slow because the federal reserve runs once a day batches.

[mindslight]

> ...why can't the big players (at least) confirm things quickly? Why can't there be an easy status to say if a check has truly "cleared" or not?

Consider a forged check with valid identifying information. Think about what the other side of that transaction looks like. That other customer needs time to review incoming transactions to their account, notice the errant one, and dispute it. And so waiting this time is the only practical way the receiving bank can fully clear a transaction.

[Symbiote]

Does that mean Americans check their account every day or two?

I probably read my statements (online only) about every two months...

[mindslight]

The timeframe is much longer - 60 days AFAIK. So essentially you verify every statement, or verify the online transactions every month and a half.

Even with the smaller attack surface of a banking system based on only "pushing" money, surely other countries must have analogous timeframes for reporting unauthorized transactions (eg from an authorized login).