Overview
Standard Entry Class (SEC) Codes are three-letter identifiers required for every ACH (Automated Clearing House) transaction. They describe how the customer authorized the payment and help ensure that each transaction complies with NACHA rules. Using the correct SEC code is essential for avoiding errors, maintaining compliance, and protecting your business.
What Are SEC Codes?
SEC Codes categorize ACH transactions based on the method of authorization and the type of account used (consumer or business). Every ACH transaction must be labeled with an appropriate SEC code to remain compliant.
Incorrect or missing SEC codes can cause transaction failures or non-compliance during audits.
Common SEC Codes and When to Use Them
The following are some of the most commonly used SEC codes. This is not an exhaustive list—other SEC codes exist and may apply in specific use cases. For guidance on less common codes, consult your ACH processor or Merchant Service Provider.
| SEC Code | Stands For | When to Use It |
|---|---|---|
| PPD | Prearranged Payment and Deposit | Customer authorizes recurring or one-time payments from a personal bank account in writing. |
| CCD | Corporate Credit or Debit | Business authorizes a debit or credit to its corporate bank account. |
| WEB | Internet-Initiated Entry | Customer authorizes a payment online via a website or mobile app. |
| TEL | Telephone-Initiated Entry | Customer provides authorization verbally during a phone call. |
| POP | Point of Purchase | A check is scanned and returned to the customer at the point of sale. |
Note: Merchants can set a default SEC code in their account settings. If no SEC code is selected, WEB will be used by default.
How to Choose the Right SEC Code
The correct SEC code depends on how the transaction was initiated and the customer’s account type:
- Use PPD or CCD for written agreements depending on whether the customer is a person or a business.
- Use WEB for online shopping carts or invoice links.
- Use TEL for phone-initiated payments.
- Use POP for in-person check scanning (rare).
Always align the SEC code with the way you obtained the customer’s authorization.
For guidance on setting a default SEC code for your Virtual Terminal, please see this article on Setting a Default SEC Code for ACH Payments in the Virtual Terminal.
Proof of Authorization (POA) and SEC Codes
Each SEC code comes with specific authorization requirements:
- PPD/CCD: Require a signed agreement or form.
- TEL: Requires documentation of verbal consent, often recorded or confirmed in writing.
- WEB: Requires digital consent with authentication and logging.
Merchants are required to retain POA records for at least two years to comply with NACHA regulations.
Merchant Impacts
Using incorrect SEC codes can lead to:
- Failed transactions
- Return codes (e.g., R05, R07, R10, R29)
- Increased scrutiny during audits
- Potential suspension of ACH privileges
Properly applying SEC codes helps you stay compliant and protect your ACH processing capabilities.
Common Questions
What happens if I don’t select a SEC code?
If you do not choose one, the system will default to WEB. This could cause a transaction to fail if you're not approved to use WEB or if the authorization method doesn’t match.
Can I use the same SEC code for all transactions?
Not necessarily. You must use the SEC code that corresponds to how the transaction was authorized.
How do I update or set my default SEC code?
Default SEC code settings can be configured in your Merchant Portal. In your Merchant Portal, on the left side menu → click on Options → Settings → under Transaction Options click on SEC Code Configuration. This setting will only change the default SEC code displayed in the Virtual Terminal.
Need Help?
If you're unsure which SEC code to use or how to set it up correctly, contact your Merchant Service Provider for assistance.