[coachtrotz]

The NACHA response is missing the forest for the trees. Securing the account data is great, but it's only a small piece of the puzzle.

It doesn't: a) penalize ACH Originators responsible for submitting the fraudulent entry (beyond the recently implemented $4.50 charge) b) do anything to promote alternative account numbers for EFTs, which in theory could be better protected as they won't be on paper checks c) promote better validation tools to prevent the likes of Plaid and entities using their APIs from harvesting broad amounts of private consumer financial data