VRP (Variable Recurring Payments) as an Open Banking alternative to Card-on-File and Direct Debits
May 6, 2021
The arrival of Open Banking Payments (also known as account-to-account (A2A) payments) is already starting to shift the way consumers and businesses pay and get paid. Regulated third-parties such as Fire are enabling Open Banking payments directly from a customer’s or donor’s bank account to a businesses or charities account. Open Banking is shaking up an industry that has historically been difficult to access – inviting more competition and stimulating innovation.
The figures are starting to back up the hype in the Open Banking payments space. Figures released by the Open Banking Implementation Entity in the UK show how this growth is beginning to really take off in 2021. In 2018 there were 320,000 Open Banking Payments made, and in just 2 years this figure has grown by over 1,000% to 4,000,000 Open Banking payments in 2020 and over 1,000,000 in February 2021 alone.
Given this shift by merchants and customers towards using Open Banking payments a question that often comes up from merchants is “how can I accept recurring payments using Open Banking”. This is to be the next big development for Open Banking in the UK and is called “Variable Recurring Payments”.
If you work outside of the FinTech sector, chances are you have not heard of Variable Recurring Payments before, however, with the key financial, access and control benefits to both consumers and businesses alike, it is worth familiarising yourself now.
Variable Recurring Payments (VRP) Overview
So, what are variable recurring payments and how are they different to card-on-file and direct debit solutions that businesses already have in place?
In short, Variable Recurring (or VRPs) are a new way of making payments using bank APIs, and are a cheaper and more secure alternative to Direct Debits and card-on-file for recurring payments. VRPs allow an account-holder to give permission to a regulated third-party provider to make payments from their account based on restrictions such as payment amount and number of payments allowed. VRPs could be used instead of card-on-file for Netflix, Spotify or Amazon purchases or instead of a direct debit for recurring donations to a charity. One of the first use cases that may be available will be ‘sweeping’. Sweeping is where funds are automatically transferred between two accounts of the same name (e.g. to automatically move money to or from their current account to avoid overdraft fees or to transfer to savings or pensions). VRP is particularly well suited for sweeping as the transfers are quick, cheap and secure as opposed to using cards which can be expensive or direct debits which are too slow.
The main advantages of VRP from a customer perspective is that these payments have tight limits that are setup by the customer using a “consent”. From the business or service provider perspective it gives them a cheaper, faster way to get paid than card-on-file or direct debits that also leaves them less exposed from a risk perspective as they can not accidentally bill the customer for a larger amount than intended, longer than intended and there are also no sensitive card details that can be stolen.
For example, as opposed to a customer giving a business their card details and losing control of how much and how long they can be billed, Variable Recurring Payments allow the customer to set limits on the payments via consent parameters. These consent parameters or limits provide control to the customer by allowing them to set the max amount per transaction, max amount per day, max amount per month, a time limit on the consent etc.
Examples of VRP Consent Parameters:
The maximum cumulative value of payments initiated under the VRP Consent
The maximum cumulative number of payments initiated under the VRP Consent
The maximum payment value per payment
The maximum cumulative payment value per time window
The maximum frequency of payments per time window
Expiry Date of the VRP Consent
The user experience when setting the “consent” with the business using a third-party provider such as Fire would look something like this.
Example VRP journey from a user perspective (Source: Open Banking VRP Proposition Consultation Paper)
Example Variable Recurring Payments (VRP) Use Cases:
As can be seen from these use cases (also from the Open Banking VRP Proposition Consultation Paper) the customer is given a lot more control over their recurring payments.
- As a home owner, I want to allow my electricity provider to automatically take payments from my bank account but only up to a maximum of £100 per month.
As a user of a social network, I want to connect my bank account so that I can make quick and easy in-app authentication of payments to my friends and be able to easily disconnect it from an access dashboard with my bank if I change my mind.
- As a new customer of a subscription service, I want to set up my subscription payments such that it expires after 6 months so that I don’t get caught in a subscription trap.
- As a ride-hailing app customer, I want to connect my bank account so that payment is made automatically on my behalf as I arrive at my destination with a maximum payment size of £45.
- As a customer using an online marketplace, I want to do a one-time payment setup for oneclick payments offered by the marketplace to enable a quick checkout process
- As a customer looking to earn more interest, I want to use a third-party smart saving app that moves money from my bank accounts to my own saving account on a flexible/variable basis so
that I can save money.
- As a customer looking to avoid unnecessary fees, I want to use a third-party service that monitors my account to maintain a threshold balance in my account or avoid overdraft fees and moves funds as and when required between my accounts.
- As a customer in financial difficulty, I want convenient short-term credit to avoid going overdrawn, and then to automate repayments so that I minimise both my overdraft fees and
When will I be able to accept Variable Recurring Payment for my business?
The Open Banking Implementation Entity (OBIE) in the UK carried out a consultation earlier this year around VRPs and Sweeping. The aim of this consultation was to try and establish the next steps forward around giving access to third-party providers such as Fire to Variable Recurring Payments and also around using VRP as the preferred method for Sweeping on behalf of customers. The consultation looked at how this would look from an access, commercial, consumer protections and legal perspective. The OBIE recommendation was that VRP was the most suited method to carry out Sweeping.
There is currently no obligation for banks to provide access to third-party providers such as Fire to these APIs for VRP outside of Sweeping activities from a regulatory perspective. Access for VRP activities would currently still need to be agreed on a bilateral basis between the third-party provider such as Fire and the bank. This is something that we expect to change into the future.
The OBIE recently published their latest API standard version 3.1.8 on the 31st March 2021 which enabled both Variable Recurring Payments and Sweeping functionality. It is worth nothing that this standard is an optional standard that must be implemented by the CMA9 in the UK for access to Sweeping activities. VRP and Sweeping are very tightly coupled together from an Open Banking perspective. Sweeping was mandated by the original CMA order and roadmap whereas VRP was not. The OBIE have created an optional standard for VRP (API standard version 3.1.8 mentioned above) and have also carried out an evaluation and have concluded that the CMA9 should provide this VRP standard to provide for Sweeping access. This will effectively make it mandatory for all of the main CMA9 banks in the UK to provide access to Sweeping using the VRP APIs which opens their doors to allowing third-party providers full access to carry out all VRP activities once new regulatory or commercial access models are agreed. There is still a bit to go with some issues to be ironed out before customers will be able to pay their Netflix and Spotify using VRP as opposed to card-on-file but this is a big step in the right direction.
This new version of the API will allow companies such as Fire to access the bank’s APIs and initiate VRP transactions once the access, commercial and legal frameworks have been agreed, hopefully towards the end of 2021 or early 2022. The discussion around VRP is confined to the UK for the moment, as the EU are behind due to the lack of a EU regulatory mandate for banks to offer VRP or Sweeping access. Fire will keep you updated around the latest developments in Open Banking, Variable Recurring Payments and Sweeping.
While we wait for VRP and Sweeping to become a reality, Fire Open Payments is Fire’s Open Banking Payments product that can be used for one-off payments for your business. You can find out more about Fire Open Payments and try it yourself by reading our previous blog – The Steady Rise of Open Payments.