New
Proof surpasses $640 billion in real estate transactions
Introducing Identify
Learn More
Notarize now
Log in
Risk Quantification Tool

What is your audit liability
actually worth?

Identity verification failures are now the primary trigger for ODFI relationship termination. Quantify your exposure — before your bank does.

Your organization
Adjust the inputs to see your live exposure profile
1
ACH origination volume
Annual origination volume $500M
Total dollar value of ACH files originated annually across all programs
Avg high-value transaction size
$
Typical withdrawal or rollover requiring manual review — the primary False Pretenses target
2
Current identity controls
All four are analog controls under NIST IAL2 — 97% of identity attacks specifically target these methods
3
Audit surface area
ODFI concentration 3 banks
More banks increase audit frequency and the surface area of Risk-Based Procedure reviews
VIP / high-balance accounts 200
Accounts >$1M — primary targets for False Pretenses fraud your ODFI is now liable for
NACHA daily fine rate
$2,500 / day
Attacks targeting legacy controls
97% of identity attacks
Liveness detection coverage
0 of 4 controls
Biometric binding coverage
0 of 4 controls
Unhedged liability
$485M
Total origination volume exposed through analog identity controls
97% of $500M in ACH volume has no IAL2 coverage
VIP target exposure
$10M
False Pretenses attack surface from high-balance accounts
Annual fine exposure
$225K
Est. 90 violation-days × $2,500 NACHA fine
ODFI relationship fragility
Medium risk
LowMediumHigh
Your control profile creates meaningful audit exposure. A targeted review will surface the IAL2 gaps below.
NIST IAL2 compliance gap analysis
Liveness detectionAudit red flag
No selected control can distinguish a live person from a spoofed credential. Biometric liveness is an explicit IAL2 enrollment requirement.
Biometric bindingAudit red flag
Identity cannot be bound to a physical person via any selected control. NIST IAL2 requires biometric comparison at enrollment and at each high-risk action.
Phishing-resistant authFail
KBA and SMS passcodes are deprecated by NIST for high-risk transactions — both are susceptible to social engineering and SIM swap attacks.
IAL2 document verificationPartial
Manual signature matching is not machine-readable and cannot produce the audit trail required to satisfy NACHA's False Pretenses rule.
Exposure breakdown
The vulnerability path

Your current "assume the risk" model leaves significant origination volume exposed to a failed audit, creating a critical friction point with your ODFI. Banks are increasingly exiting relationships with originators who refuse to bridge these analog holes.

The Proof path

You can secure your origination access by deploying an IAL2 execution layer. Proof provides the machine-readable audit trails your ODFI needs to satisfy the False Pretenses rule — ensuring you not only meet these mandates, but exceed them with absolute certainty.

Your origination access is at risk.

See how Proof closes the analog holes your ODFI is actively auditing for.

Build your path to compliance →

* Calculations derived from NACHA 2025 Operating Rules, NIST SP 800-63A Identity Assurance Level 2 standards, and the 2025 Microsoft Digital Defense Report (97% of identity attacks target legacy password and SMS-based controls). The NACHA daily fine of $2,500 applies to repeat "Risk-Based Procedure" violations under Rule 8.5.3. "False Pretenses" liability reflects NACHA's 2024 amendment shifting originator responsibility for fraudulently induced transactions. Unhedged liability applies the 97% attack-targeting rate to total annual ACH origination volume. Annual fine exposure is modeled at Low (30 days), Medium (90 days), and High (180 days) fragility levels. For illustrative purposes only — not legal or compliance advice.