Skip to content
← CommunitySuite Idea Lab

How can we improve CommunitySuite? Search or submit ideas below.

CommunitySuite Idea Lab: Profiles

Categories

JUMP TO ANOTHER FORUM

(thinking…)

Add Permission to View ACH Details in Profiles

We would like to see a permission setting that would allow users with that permission to view the full Account number entered into ACH Settings. Today, our only option is to Configure the settings or Clear the Settings.

We would like to the option for a small number of users to be able to view the settings (including the full account number).

This would be helpful when we need to confirm that the account number entered. It would also be helpful if we need to clear the settings to merge into another record and add the settings back after the merge.

40 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Michelle Schneider shared this idea  ·   ·  Report…  ·  Admin →
Archived  ·  AdminSkye Weber (Admin, Foundant Technologies) responded  · 

Thank you for your request to introduce a permission setting that would allow certain users to view the full bank account number stored in ACH Settings. We understand the need for visibility in cases where confirmation or re-entry of bank information is necessary, such as during record merges.

However, we are unable to fulfill this request due to compliance requirements under NACHA (National Automated Clearing House Association) Operating Rules and related data security standards. Specifically, NACHA guidelines and best practices around data security and access controls require that sensitive banking information, such as full bank account numbers, be protected and accessible only to systems or individuals with a strict operational need—typically through encrypted or tokenized systems that minimize direct human access.

Allowing users to view full account numbers, even with elevated permissions, could increase the risk of unauthorized exposure or misuse of sensitive financial data, and would place the system out of alignment with established ACH data protection protocols, as well as broader compliance frameworks such as PCI DSS and SOC 2.

We appreciate your understanding as we prioritize the protection of sensitive financial data and maintain compliance with NACHA and industry standards.

Show previous admin responses (1)
Comments are closed An error occurred while saving the comment
  • Susie Lotreck commented  ·   ·  Report

    Please add this functionality for all the reasons mentioned above!!

  • Frannie Powers commented  ·   ·  Report

    This would be so much more efficient for double checking. We currently have a process that involves Jotform, the bank website, and Foundant and if we could cut the Jotform step out it would speed up the process.

  • Freddie Garcia commented  ·   ·  Report

    While you're there adding this permission. It would be really cool to have a field in a reporting object that indicates whether the ACH value has been configured. Maybe a boolean field such as "ACH Configured" True/False. I understand not having the value of the ACH in a reporting object for security/privacy but reporting just need to know if there is something there. Also, I know it's not the correct idea for this but a boolean for the SSN also? :-)

  • Sally Weldon commented  ·   ·  Report

    Please, like SSN, ACH settings should allow a restricted group to display.