Posted by: Mike Clarke
Whether you're running an inbound, outbound or blended contact centre, at some point you'll likely need to set up Direct Debits over the phone. While most of the actual payment processing is handled by third parties, understanding the regulations related to setting up and taking payments via Direct Debit is essential to keeping your operation compliant. Here we take a look at the Direct Debit Guarantee, what it's for, and your responsibilities when setting up a new Direct Debit payment.
If you routinely need to accept payments from a client, using Direct Debits is an effective, convenient and secure method. However, it’s important to understand the regulations related to setting up and taking payments via Direct Debit as these differ from other payment methods.
Direct Debits are payment instructions that are processed by a central payment network; often referred to as BACS (Bankers Automated Clearing Service). Most companies don't directly process the direct debits; they use a third party to process the payment information and arrange for the payment to go to the bank. Pay.uk control direct debit regulations and accessing the latest updates and regulations requires you to be a website member.
Unfortunately, this means there is a separation between you and the regulations. It's common for companies to assume that the same regulations apply to both card payments and direct debits, but this isn't true.
Remember that compliance with the GDPR and other data protection legislation is always a priority when using customer information and you should always ensure that personal information is kept secure and access to this information should be heavily restricted.
What is a Direct Debit Guarantee?
Direct Debit has been the default option for taking recurring payments for many years now. It's an instruction authorizing regular payments on a specific date for a specified amount, although these can vary provided certain rules are followed (see below). This makes budgeting easier for the consumer while automating payment collections for the company.
The Direct Debit Guarantee is at the heart of this system, ensuring that companies can’t take more than the customer has agreed to, and siding with the customer by default in the case of a dispute. The Direct Debit Guarantee must be offered by all banks and building societies that accept instructions to take payment by Direct Debit.
The Direct Debit Guarantee states that the customer can request a refund for any payment taken using the Direct Debit Agreement. If the bank agrees with the validity of the claim, the customer will receive an immediate refund. The bank is entitled to investigate these claims to satisfy themselves that an error has occured. This protects consumers in situations where someone else used their information to set up a Direct Debit or if the amount taken is incorrect or a duplicate. To prevent this protection from being abused, the Direct Debit Guarantee does not remove the company’s right to pursue the customer for any money owed following a refund under the Direct Debit Guarantee.
When you set up a Direct Debit, you need to provide the customer with all the necessary information including details on the Direct Debit Guarantee. The customer must be given the opportunity to hear and/or read this guarantee before any payments are processed.
Do you need to read out the Direct Debit Guarantee on the phone?
It is a misconception that this must be read out on the phone. You can agree to provide this to the customer via a website address sent by SMS, by email or sent out in the post. However, you must inform the customer about the Direct Debit Guarantee and advise them how they will receive it (or give them the option). It’s considered best practice that if you do read it out over the phone, you provide them with a copy they can refer to later, typically via email as part of order confirmation.
You then need a clear record of this transaction. A call recording will provide verification that you have advised them in general, but it doesn’t verify you followed up and sent the documents. For this, you need a record keeping system such as a CRM database that will keep a record of any emails, SMS messages and so on tjhat have been sent to the customer, retaining a digital copy with a timestamp. Ideally, you also want the functionality to receive a response accepting these conditions through the same method, although confirming acceptance on the call is also satisfactory provided the call is recorded.
What About Call Recordings?
While credit card payments are governed by the rules set out in the PCI-DSS (Payment Card Industry Data Security Standards), these same rules don’t apply to direct debits directly as no payment is being processed at that point. Setting up a direct debit instruction is simply the consumer agreeing to payments being made later. When taking information for direct debits it's advised that you record the full call once you have consent to record from the customer. Pausing the recording or using a technology such as DTMF suppression that would be essential when processing a card payment is not required when only taking a customer’s sort code and account number.
You are required to keep a copy of the call for 36 months after the final direct debit payment or 15 months after the payer cancels it.
If the customer disagrees with the account details being recorded on the call, you may still proceed with the order. In this situation, you do not take any financial information on the call and arrange to collect this information via an alternate method (via a form on your website or a paper form sent out in the post).
Can anyone agree to a direct debit over the phone?
People typically assume that you can agree to a direct debit agreement if you are an account holder. However, this is not strictly true. You can only agree to an explicit debit agreement over the phone if you are the sole authorized account holder.
If you share your account or have a business account with multiple named account holders, you cannot agree to a direct debit over the phone or online. In this scenario, you must send the Direct Debit agreement via post.
What about altering the agreement?
Should the direct debit amount, frequency, or payment date need to change, you need to notify the customer of this change ten working days before the payment is taken and provide them with the option to cancel and provide a new payment method.
If the customer wants to change the account associated with the direct debit, you need to confirm the customer’s identity to ensure you are speaking to the correct person. Failing to do this would be a breach of the GDPR.
What about if a customer switched bank accounts?
The customer would need to contact the bank to complete a current account switch, which would move all the direct debits over to the new account.
However, should the recipient of the money change bank accounts, any funds transferred to the previous account will be transferred to the latest account for 36 months. This gives you plenty of time to renew the direct debit agreements to avoid any loss of payments.
Do Direct Debit Agreements expire?
Direct Debit agreements typically expire after one year of inactivity although it can sometimes take a little longer. If payments continue regularly, the Direct Debit will continue indefinitely until either party cancels it.
Stages to setting up a Direct Debit over the phone
The key to remaining compliant is to follow a set of steps on every call where you need to process Direct Debit information:
- Establish that the call will be recorded and get verbal consent for this to happen. Should the customer disagree, arrange to obtain this information through another medium such as a form on your website or a paper form sent by post.
- Confirm they are the only person required to agree to a direct debit to be set up on the account. You cannot continue with a paperless agreement if they are not.
- Clearly state how they will receive the terms & conditions of the Direct Debit.
- Record the call and all actions from the interaction, ideally within a CRM system.
- Maintain a secure record of all the interactions with the customer for 36 months after payments stop.
At Greenlight, our platform can enable you to keep accurate records of all customer interactions through our highly customisable CRM. Utilizing our dynamic agent scripting features and call recording facilities can help guide your agents through the correct process to ensure you remain compliant at every step with the correct prompts at the right time. We also offer real-time bank account sort code and account number validation to avoid costly errors and have integration with a number of direct debit processing partners making the process of setting up direct debits with customers simple and secure.
For more information on how Greenlight can work for you, get in touch today to arrange a free consultation.