We are starting to get heavy into considering offering real time or instant payment services. I'm having headaches about this, so I thought I'd start a thread to see what the implications are from a compliance, risk, and fraud standpoint.

From what I understand, these are credit pushes only, and once a credit is sent, it is final and cannot be pulled back unless the receiving bank agrees to it. Here are the questions I have come up with so far that I want to find answers to.

- Who is responsible when the wrong amount is sent?
- Who is responsible when the wrong person receives the payment?
- Who is responsible when someone unauthorized accesses the account (account hack or takeover)?
- Who is responsible when a bad actor is authorized and makes a payment that the account owner did not approve (bad employee)?
- When must funds be made available? What liability do we face if we hold a payment to do any investigation prior to sending?
- How will funds availability work, i.e., how will this play with Reg CC?
- How much is UCC involved in this payment system?
- On the consumer side, do these fall under all Reg E error resolution and liability provisions?

Let me be clear - I know a lot of this will be determined by our legal agreement with the customer, and I'm not expecting to have all these questions answered by the group. I also know the answers differ whether we offer this to consumers or just businesses. I just want to spark some discussion about the true risks of real time or instant payments and what people are doing to mitigate those risks. These will not be an inexpensive undertaking for us, and I don't want to compound that by taking on more than we're prepared for.

Thanks in advance!