Glossary

Automated Clearing House (ACH) is an electronic network and system in the United States that facilitates the secure and automated transfer of funds and payments between financial institutions, offering a cost-effective and efficient alternative to paper-based methods. It is used for various financial transactions such as direct deposits, bill payments, and electronic transfers. To learn more, go to About ACH Transactions.

ACH warehousing refers to the practice of accumulating and storing Automated Clearing House (ACH) payment transactions before processing them in bulk. This process enables organizations to collect and consolidate ACH payments, such as customer dues or payroll, and execute them in a batch, streamlining the payment handling and improving operational efficiency.

Anti Money Laundering (AML) refers to a set of legal and regulatory measures designed to prevent and detect the illegal process of disguising the origins of illicit funds as legitimate income. AML efforts aim to combat financial crimes, including money laundering and terrorist financing, by establishing guidelines and procedures for identifying, monitoring, and reporting suspicious financial transactions to authorities.

An Application Programming Interface (API) is a set of defined rules and protocols that allows one software application to interact with and make use of the functions, data, or services provided by another software application, service, or platform. APIs enable different software systems to communicate and exchange information, enabling developers to build on existing technologies without having to recreate the underlying functionality. To learn about Narmi's APIs, go to Narmi Developer Docs.

The Bank Secrecy Act (BSA) is a U.S. federal law that requires financial institutions to implement anti-money laundering (AML) and reporting programs. It mandates these institutions to maintain records, report suspicious transactions, and comply with regulatory requirements to prevent financial crimes, including money laundering and terrorist financing. BSA aims to enhance transparency, security, and monitoring of financial transactions to safeguard the integrity of the U.S. financial system.

The Check Clearing for the 21st Century Act (Check 21) is a U.S. federal law that allows banks and other organizations to process checks electronically using digital images rather than traditional paper checks. It promotes more efficient and cost-effective check processing, reducing the time and resources required for check clearing and settlement.

A Customer Information File (CIF) is a comprehensive and organized electronic record containing detailed information about an individual or entity's interactions and accounts with a financial institution. These records typically include personal or business information, account details, transaction history, and other relevant data. The customer information file contains a CIF number that allows businesses to view their customer accounts by relationship and not strictly by account type.

Customer Identification Program (CIP) is a regulatory requirement in the United States that mandates financial institutions to establish and implement procedures for verifying the identity of customers opening new accounts. The aim is to prevent money laundering, fraud, and other illicit financial activities by ensuring that customer identities are properly verified and authenticated through specific identification processes.

A core banking system is a back-end system of record used by financial institutions to process daily banking transactions and post updates to accounts and other financial records. Core banking systems typically include deposit, loan, and credit processing capabilities, with interfaces to general ledger systems and reporting tools. Each core is slightly different in how it's structured, and how it requires other systems to communicate with it. To learn more, go to About Core Banking Systems.

Cross-Site Request Forgery (CSRF) is a type of malicious exploit where an attacker tricks a user into unknowingly making an unauthorized request to a web application on which the user is authenticated. This can lead to actions being taken on the user's behalf without their consent or knowledge, such as changing account settings, making unauthorized transactions, or modifying data. To learn more, go to CSRF Errors.

A Currency Transaction Report (CTR) is a document required by financial institutions and submitted to authorities, typically the Financial Crimes Enforcement Network (FinCEN) in the United States, when a cash transaction exceeds a certain predetermined threshold, such as $10,000. The report provides details about the transaction, including the individuals or entities involved, to help monitor and prevent money laundering and other financial crimes.

Data Aggregators are companies that facilitate data exchange by connecting a consumer or business’ financial accounts to authorized fintech partners, providing information the companies need to power their services. For more information about Narmi and data aggregators, go to About Data Aggregators.

A Denial of Service (DoS) attack is a type of cyber-attack where malicious actors prevent users from accessing a given service or website.

An Enterprise Service Bus (ESB) is a software architecture that uses a bus-like infrastructure. The "bus" concept enables you to integrate multiple applications by putting a communication bus between them, allowing each application to talk to the bus. This decouples applications from each other and allows them to communicate without dependency on other systems on the bus. An ESB can also be referred to as "middleware." For more information, go to Enterprise Service Bus.

FedNow is a real-time payment system developed and operated by the Federal Reserve in the United States. It is designed to provide a secure, efficient, and instant payment infrastructure that allows individuals and businesses to make real-time, 24/7 payments and transfers, reducing the time and cost associated with traditional payment methods, such as checks and ACH transfers, and enhancing the overall speed and accessibility of the U.S. payment system. To learn more, go to Narmi + FedNow.

The Financial Crimes Enforcement Network (FinCEN) is a bureau of the U.S. Department of the Treasury that collects, analyzes, and disseminates financial intelligence to combat and prevent financial crimes. FinCEN establishes and enforces regulations related to anti-money laundering (AML) and know your customer (KYC) requirements, while also receiving and processing reports, such as Currency Transaction Reports (CTRs) and Suspicious Activity Reports (SARs).

Financial technology (fintech) refers to a broad and rapidly growing industry that leverages technology and innovation to create and improve financial services and solutions. Fintech companies develop digital tools, platforms, and applications to enhance various aspects of finance, including banking, payments, lending, investment, insurance, and personal finance management.

A function is a self-contained and reusable block of code that performs a specific task or set of tasks. It typically takes input, processes it, and produces an output. Functions are used to modularize and organize code, making it more manageable, readable, and maintainable. A Narmi Function is a serverless function, allowing you to execute a custom task on-demand in the cloud, triggered by a specific condition, and deployed to a managed environment. To learn more, go to About Narmi Functions.

Identity decisioning is the process of determining if a consumer or business is authentic in financial onboarding or transaction monitoring. For more information on identity decisioning in Narmi, go to About Identity Decisioning.

Know Your Business (KYB) is a due diligence process that financial institutions, businesses, and organizations use to verify and understand the identity and business activities of their corporate clients or partners. KYB involves collecting and verifying information about a business entity to assess the business's legitimacy, evaluate potential risks, and ensure compliance with regulatory requirements. For more information, go to About Identity Decisioning.

Know Your Customer (KYC) is a due diligence process that financial institutions, businesses, and organizations implement to verify and identify their clients or customers. KYC involves collecting and verifying information about an individual to assess potential risks and prevent fraud. For more information, go to About Identity Decisioning.

A general ledger refers to the primary accounting record that summarizes all financial transactions and activities within the bank, including deposits, loans, withdrawals, interest income, and expenses. It provides an organized and comprehensive view of the bank's financial position, enabling accurate financial reporting, auditing, and regulatory compliance.

Multi-factor authentication (MFA), also known as two-factor authentication (2FA), is a security process that requires users to provide two different authentication factors to access an account or system, making it more challenging for unauthorized individuals to gain access to sensitive information. Typically, this involves something the user knows (e.g., a password) and something the user possesses (e.g., a mobile device or security token). For more information, go to Two-Factor Authentication.

A magnetic ink character recognition (MICR) code is a character-recognition technology used to streamline processing and clearing of checks. The line appears at the bottom of the check and includes the bank’s routing number, the customer’s account number, and the check number.

The National Automated Clearing House Association (NACHA) is a not-for-profit organization that oversees and administers the ACH Network in the U.S. The ACH Network is a nationwide electronic funds transfer system that securely processes various types of transactions, including direct deposits, bill payments, and more. NACHA sets and enforces rules, standards, and operating guidelines for ACH transactions to ensure the safety, integrity, and reliability of the network.

A NACHA file is a standardized electronic data file format used in the U.S. for processing ACH transactions. NACHA files contain detailed information about ACH payments and adhere to specific formatting rules to ensure the accurate and secure exchange of electronic funds between banking institutions. These files are used by financial institutions, businesses, and organizations to initiate and manage ACH transfers, which can include direct deposits, bill payments, payroll processing, and more.

The Narmi Application Framework (NAF) is a developer-facing application layer that gives your financial institution a method for building integrations. With the NAF, you can embed applications directly within the Narmi Online Banking experience. These embedded applications are developed, hosted, and maintained by a financial institution, a development agency, and/or a third party vendor. For more information, go to Narmi Application Framework (NAF).

The North American Industry Classification System (NAICS) is the standard used by Federal statistical agencies in classifying business establishments for the purpose of collecting, analyzing, and publishing statistical data related to the U.S. business economy.

A North American Industry Classification System (NAICS) code is a standardized numerical code used to classify and categorize businesses and industries in North America, including the United States, Canada, and Mexico. NAICS codes provide a consistent and systematic method for identifying and grouping businesses based on their primary activities and industries. NAICS codes are required on Business Account Opening applications.

The Narmi Design System is a “single source of truth” library that documents every design component used across Narmi products, along with a set of guidelines and source code that instruct designers and developers on how to build with these components. For more information, go to Narmi Design System.

A Notice of Change (NOC) is created by an receiving financial institution (RDFI) to notify the originating financial institution (ODFI) that previously valid information contained in a posted entry has become outdated or that information contained in a pre-notification or live transaction is erroneous an should be changed. Many times, a NOC occurs because the customer’s account or routing number has changed.

Originating Depository Financial Institution (ODFI) is a financial institution that initiates and sends electronic funds transfers or ACH (Automated Clearing House) transactions on behalf of its customers.

The Office of Foreign Assets Control (OFAC) is a U.S. government agency responsible for administering and enforcing economic and trade sanctions against individuals, organizations, and countries involved in activities deemed threatening to U.S. national security and foreign policy. OFAC maintains a list of entities with which U.S. citizens and companies are generally prohibited from engaging in financial transactions or conducting business.

The USA Patriot Act (Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act) is a U.S. federal law enacted in 2001. It grants authorities and law enforcement agencies expanded surveillance and investigatory powers to combat terrorism, including provisions for data collection, wiretapping and intelligence sharing. It also aims to prevent and detect financial transactions associated with money laundering and terrorist financing activities.

Remote Deposit Capture (RDC) is a technology and banking service that allows individuals and businesses to deposit checks into their bank accounts electronically, without physically visiting a bank branch or ATM. For more information, go to Remote Deposits.

A Receiving Depository Financial Institution (RDFI) is a financial institution that receives electronic funds transfers or ACH (Automated Clearing House) transactions on behalf of its customers.

Regulation E is a federal regulation in the U.S. that is part of the Electronic Fund Transfer Act. It is administered by the Consumer Financial Protection Bureau (CFPB) and is designed to protect consumers engaging in electronic funds transfers (EFTs). Regulation E establishes specific rights, responsibilities, and procedures for financial institutions and consumers in the context of electronic transactions, such as electronic funds transfers, ATM transactions, and debit card transactions.

A sandbox is a controlled and isolated testing environment that replicates the production system, allowing developers and testers to safely experiment with new software or code changes without affecting the live or operational system. It helps assess the behavior and functionality of software in a protected setting, reducing the risk of errors or issues impacting the live environment. For more information about Narmi's sandbox, go to our Developer Quick Start Guide.

A Software Development Kit (SDK) is a set of software tools, libraries, and documentation that facilitates the development of applications, software components, or integrations for a particular platform, operating system, or framework. SDKs provide developers with pre-built functions, resources, and guidelines to streamline the creation of software, ensuring compatibility and adherence to the standards of the target environment.

Standard Designated Nationals - OFAC published a list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific.

Single Sign-On (SSO) is an authentication and access control method that allows users to log in once to a system or application and gain access to multiple interconnected systems or services without needing to re-enter their credentials. SSO enhances user convenience, security, and efficiency by reducing the need to remember and manage multiple usernames and passwords for various platforms.

A Virtual Private Network (VPN) is a secure and encrypted network connection that enables users to access the internet or other network resources while preserving privacy and security. VPNs are commonly used to protect data transmission from eavesdropping, enhance online anonymity, and access geo-restricted content by routing internet traffic through a private and secure server or network.

A webhook is a method for automating the delivery of real-time data or notifications from one web application to another. It functions as an HTTP callback or endpoint, enabling one application to send data to a specific URL or endpoint in another application when a predefined event or trigger occurs. Webhooks are commonly used in web development and API integrations to facilitate instant communication and data exchange between different systems or services. For more information, go to Webhooks.

Two-factor authentication (2FA), also known as multi-factor authentication (MFA), is a security process that requires users to provide two different authentication factors to access an account or system, making it more challenging for unauthorized individuals to gain access to sensitive information. Typically, this involves something the user knows (e.g., a password) and something the user possesses (e.g., a mobile device or security token). For more information, go to Two-Factor Authentication.