Direct Debit 101: Validation and Verification

A guest blog by Don Hollingum from Direct Debit 101. For more information visit:

Why use Direct Debit?

Direct Debit, the product, has been working for thousands of businesses, both large and small for over 50 years, and its usage continues to grow both in terms of the number of organisations that use it and the number of payments collected – in excess of 4.5 billion payments were collected in 2019.

One of the key reasons for the longevity of this payment product is that it works effectively for both the party owing the money (the payer) and the beneficiary of the money (the collecting organisation). There is also significant flexibility within Direct Debit that, when used to its full potential, can be made to suit the needs of payers regardless of their income profile.

To help to ensure that the Direct Debit product continues to work for both the payer and collecting organisation there are of course rules that must be complied with. These rules include safeguards.


There are a number of safeguards associated with Direct Debit but this article focusses on the area before payments are collected, termed validation and verification.

In the world of Direct Debit these are two very different safeguards, and not adopting them fully and effectively is likely to lead to payment failures, indemnity claims, complaints, and adverse publicity for the collecting organisation.

Validation includes checks such as ensuring that the account number provided by the payer at time of obtaining a Direct Debit Instruction exists at the sorting code of the payment service provider (PSP) provided, modulus checking, and the the account accepts Direct Debits, (e.g., typically a savings account would not accept Direct Debits).

Verification includes a detailed checks relating to the payer, to ensure that the payer(s) is/are who they say they are, that they live at the address they provided, and that the account number provided relates to an account in their name or an account on which they are authorised to effect payment instructions.

Verification checks are more complex than validation checks and with the increasing levels of remote sign-ups (paperless Direct Debit), increasingly important. They help to mitigate the risk of fraud. A failure to complete these checks will have a negative impact on the collecting organisation including the losses associated with the provision of goods and/or services to a fraudster and the negative impact on cashflow of failed payment collections and potential losses arising from indemnity claims. In addition, there is the distress caused to the consumer whose account may have been erroneously debited.

As we are all well aware fraud is a subject that is continually in the news and the payments industry continues to wrestle with developing and introducing a one stop solution to help collecting organisations (who Bacs term service users) ensure that the authority they have obtained from their customer to effect payment collections by Direct Debit is valid.

Currently Bacs produces a non definitive list of tools that collecting organisation may elect to use. The list isn’t regarded as being definitive and in any event it is for the collecting organisation to agree with its sponsoring PSP which tools are acceptable for its own circumstances.

Whilst many collecting organisations are likely to submit the authority, or Direct Debit Instruction (DDI), to their customers PSP in a dematerialised form, i.e., via AUDDIS, very quickly after they have obtained it, there are instances where the DDI will be retained by the collecting organisation for a period of time, perhaps waiting for other processes or documentation to be completed, before it is submitted to the PSP. Either way, because the PSP merely receives an AUDDIS ‘0N’ message i.e., with no signature or other data to verify, there is currently no assurance that the PSP will identify any invalid authorities.

Under Bacs Scheme rules, where a DDI is submitted via the AUDDIS process, it is the responsibility of the collecting organisation to ensure they have verified the authority, else they will have no defence against a subsequent indemnity claim for reasons such as ‘payer disputes having given authority’, or ‘signature is fraudulent or not in accordance with the authorised signature held by the PSP’.

The burden of verification, i.e., to comply with Scheme rules, imposes an additional cost on the collecting organisation, a cost that will vary dependant on the verification tools used and perhaps the number of payers that need to be verified.

Whilst this additional cost is not a welcome one, it can and will be mitigated by:

  • the identification of errors and/or attempted fraud at the outset, i.e., before goods and or services are provided,
  • the avoidance of administrative costs in attempting to contact the customer/payer at a later point in time
  • a reduction in cost associated with presenting payment collections that fail
  • a reduction of an adverse impact on cashflow resulting from failed payments
  • a reduction in costs and perhaps losses, arising from indemnity claims raised at some point in the future, perhaps where further goods and/or services have been released to the same customer/payer
  • a reduction in the costs and adverse publicity arising from complaints from aggrieved consumers who have been debited in error/defrauded and negative media coverage.

This article reflects the requirements on users of Direct Debit and illustrates ways in which costs can be mitigated and losses minimised within your existing Direct Debit processes.

Get in contact

Adopting necessary validation and verification processes are essential and we’d welcome the opportunity to discuss these with you, please email us at or visit us at

Comments are closed.

Up ↑