VRP Additional Information

Commercial VRP (cVRP) is available as a Private Beta version. Please contact your Customer Success Manager if you would like to access it.

Scope

There are two types of VRP available through Yapily, each with their own scope and restrictions.

Sweeping VRP
Commercial VRP

Sweeping VRP is mandated by the CMA Order and is limited to sweeping services.

Restrictions

Sweeping VRP is subject to the following restrictions:

The payments must be between two accounts held by the same person or business
The payments must be domestic to the UK and deal in GBP
The source account must be a current account

Included use cases

Sweeping between current account providers, including to move funds between current accounts to avoid falling into overdraft on another current account
Sweeping to destination accounts which are used for unbundling overdrafts from a current account and other alternative forms of credit that closely compete with overdrafts
Sweeping to destination accounts which are used for loan repayments as part of a service that provides alternative forms of credit to an overdraft
Sweeping to a credit card account
Sweeping to cash savings accounts that are capable of paying interest
E-money accounts that are used by consumers and SMEs as substitutes for current accounts alternatives to savings accounts

Excluded use cases

Sweeping to make e-commerce purchases (including sweeping money to an e-money “me-to-me-to-business” account, in order to purchase goods or pay for services or pay for utility bills)
Sweeping to destination accounts used for the purchase of cryptocurrency
Sweeping in order to use online gambling and gaming services.
Sweeping to destination accounts used for foreign exchange or international money transfer services.
Investment products (including pensions) that may be used by consumers as alternatives to savings accounts

Commercial VRP is governed by the UKPI Multi-Lateral Agreement (MLA) and is available for a defined set of approved use cases. Using cVRP for anything outside those use cases is a breach of the MLA.

Restrictions

The payments must be domestic to the UK and deal in GBP
The source account must be a personal current account
cVRP is only available for In-Scope Use Cases as defined in the UKPI MLA
Mandate parameters (maximum amount, frequency, and period limits) must be set proportionately to the use case - reflecting what a payer would reasonably expect to pay for the relevant goods or service. Setting parameters broader than necessary may constitute a breach of the MLA.

Included use cases (Wave 1)

Utilities & telecoms - recipient must hold the appropriate licence from the relevant regulator
- Electricity providers licensed by Ofgem
- Gas providers licensed by Ofgem
- Water providers licensed by Ofwat
- Broadband, fixed phone line, and mobile phone service providers licensed by Ofcom
Transport - recipient must be a Train Company to which the National Rail Conditions of Travel apply
- Rail tickets and season passes from National Rail train operators
Regulated financial services - recipient must be regulated by the FCA or The Pensions Regulator; payments must be from a UK account to a UK account
- Mortgage repayments to an FCA-regulated mortgage provider
- Contributions to a pension scheme with master trust authorisation from The Pensions Regulator
- Payments into financial products and accounts eligible for FSCS protection (e.g. savings accounts, ISAs, investment accounts)

Regulated financial services use cases also cover payments made on behalf of a payer’s spouse, civil partner, or children. cVRP cannot be used to change or credit a payment method for a purchase that has already occurred, and no automatic forwarding arrangement may be set up on the destination account.

E-money accounts - recipient must be an Electronic Money Institution authorised by the FCA
- Topping up an FCA-authorised e-money account, such as a digital wallet or prepaid card

As with regulated financial services, cVRP cannot be used where automatic forwarding is set up on the destination account, or to credit a payment method for a purchase that has already occurred.

Charities - recipient must be a registered charity receiving donations via a charity platform provider
- Donations to registered charities via charity platform providers

Excluded use cases

Any use case not explicitly listed as an In-Scope Use Case under the MLA
Payments from business accounts (consumer personal current accounts only at Wave 1)
Sweeping use cases mandated under the CMA Order

The list of supported use cases and participating banks will expand over time. Contact Yapily to confirm whether your use case is in scope before building.

Institution Specifics

Some institutions impose limitations on the VRP flow or have non-standard capabilities. All known cases are detailed in this section.

Institution	ID	Notes
Monzo	`monzo_ob`	The period alignment for payment limits (`periodicLimits.alignment`) can be of type `CONSENT` only.

Compliance Requirements

VRPs are considered to be an ongoing relationship with the end user, meaning there are extra Know Your Customer (KYC) and transaction monitoring obligations on Yapily Connect Ltd. As a result, Yapily Connect customers using Yapily Connect’s PIS license for VRPs are required to provide extra fields about the end user who is making the payment. These details must be placed under the complianceData object when authorising a VRP payment. Refer to the endpoint’s API specification for details, and note that the required details will vary between a consumer and a business payer.

Customers with their own PISP license don’t need to provide these extra fields.

If you don’t provide the complianceData object in the request, you will receive an error and the request will not be processed.

Additional requirements for Commercial VRP

For cVRP, there are additional technical fields required beyond the standard complianceData object. These must be provided when initiating cVRP payments.

Transaction Risk Indicators (TRIs): TRIs are mandatory data fields attached to each cVRP payment initiation that help banks assess transaction risk. These are provided within the complianceData object. Key TRI fields include Payment Purpose Code, Payment Context Code, Contract Present Indicator, Beneficiary Pre-Populated, Beneficiary Account Type, and Merchant Category Code.
Ultimate Creditor: Where the ultimate recipient of funds is different from the named Creditor (for example, where a collections account is used), the UltimateCreditor field must be provided.
PSU Interaction Type: The PSUInteractionType field must be provided in both the consent and payment message, indicating whether the payer is present or the payment is biller-initiated.
Out-of-scope use case monitoring: You must only use cVRP for approved In-Scope Use Cases. If you become aware of any out-of-scope activity, notify Yapily immediately.

Refer to the endpoint’s API specification for the full list of required fields within the complianceData object for cVRP.

Documentation Index

​Scope

​Institution Specifics

​Compliance Requirements

​Additional requirements for Commercial VRP

Scope

Institution Specifics

Compliance Requirements

Additional requirements for Commercial VRP