Bank on file basics
An introduction to recurring payments (Bank on file)
You can collect recurring payments from your users in the UK in two ways: Variable Recurring Payments (VRP) and Direct Debits. We call this experience Bank on file.
VRPs are modern, mandate-based payments that give you flexibility and speed. The first step is creating a mandate. VRP mandates include a set of constraints that determine:
- The period over which payments can be made
- The maximum amount of an individual payment
- The maximum amount that can be paid over a specified period
Direct Debit mandates have no constraints such as payment limits or validity periods, meaning payments of any value can be taken until the mandate is revoked by the user.
After your user authorises a mandate, you can accept payments for a variety of purposes such as fixed or variable subscriptions (or payments that you initiate on behalf of your user). These payments execute immediately without individual authorization, as long as they fall within the mandate's constraints.
Types of mandate
| Type | From → To | Example Use Cases |
|---|---|---|
| Sweeping | User → User (same person) | Moving money between own accounts, paying off own credit card, automated savings |
| Commercial | User → Business | Subscriptions, utility bills, recurring purchases, donations |
Sweeping
Sweeping payments are payments between a customer's accounts, as defined by the CMA. For example, moving money between current accounts, paying off credit card debt, or moving money to savings.
Key characteristics:
- Payments are between accounts owned by the same user
- Enabled by a legal provision called "sweeping"
- Widely available across UK banks
Wave 1 bank on file
These are payments that don't fall within the scope of sweeping as defined by the CMA. This includes applications such as ecommerce payments, subscriptions to a variable service, or investments.
Key characteristics:
- Payments are between a consumer and a business (B2C)
- Covers use cases like subscriptions, utility bills, and regular
- Requires specific approval and regulatory agreements
Example use case: You could use commercial VRPs like card on file payments and set up a one-click checkout experience, where your user provides a mandate and can then make instant one-click payments without re-authentication.
Direct Debits
Direct Debits are also available for BACS recurring payments. Used alongside [creditable notifications] with open banking API calls populating Direct Debit consents, these can provide you with an instant experience similar to VRPs.
Direct debits are not a type of VRP, but are also based on mandates created with the /v3/mandates endpoint. Direct debits are an agreement between a customer and a business for regular payments. Once the terms are agreed upon, the business sends a direct debit instruction to the customer's bank, which authorizes payments to be made regularly.
Key characteristics:
- No constraints on payment amounts or validity periods (payments can continue until mandate is revoked)
- Processed through the BACS scheme (takes 2-3 working days for authorization)
- Requires remitter details (customer's bank account information) upfront
- Currently GBP only
Example use cases:
- Regular payments with varying amounts (eg utility bills)
- Large purchases split over scheduled payments
- Subscriptions or donations on a fixed schedule
Recurring payments user journey
To set up recurring payments, your user must first authorise a payment mandate. This mandate represents the authorisation that a user has given you to take payments from their payment account.
At a high level, the steps required to progress a user to making a payment are as follows:
- Define the mandate and consent parameters so it's ready to authorise. Do this through a request to the /v3/mandates endpoint.
- Authenticate the mandate using an access token with the
paymentsscope. - Send your user through a UI to authorise the mandate. You can use a TrueLayer UI such as the HPP, or build your own.
- Create a payment that uses the authorised mandate's
idin thepayment_method. - Receive status updates on the payment attempt, and receive funds. This is automatic with a TrueLayer merchant account, or you can use references for external accounts.
Next steps
You need to create a mandate before you can make any VRPs. Learn how to create a mandate and what to include in it.
Updated about 9 hours ago