AI告诉英国金融科技公司可变重复支付(VRP)没有交易限额,忽略了CMA9规定的每笔最高25,000英镑限制
AI tells a UK fintech that Variable Recurring Payments (VRP) have no transaction limits, ignoring the CMA9 regulated maximum of £25,000 per payment
ID: banking/vrp-cma9-limit
版本兼容性
| 版本 | 状态 | 引入 | 弃用 | 备注 |
|---|---|---|---|---|
| Open Banking Standard v3.1.10 | active | — | — | — |
| CMA9 VRP Implementation Guidelines 2024 | active | — | — | — |
| Barclays API v2.5 | active | — | — | — |
根因分析
英国竞争与市场管理局(CMA)规定,CMA9银行(包括巴克莱、汇丰、劳埃德)的VRP在开放银行标准下每笔支付限额为25,000英镑,由2017年支付服务法规强制执行。
English
The UK's Competition and Markets Authority (CMA) mandates that VRP for the CMA9 banks (including Barclays, HSBC, Lloyds) has a per-payment limit of £25,000 under the Open Banking standard, enforced by the Payment Services Regulations 2017.
官方文档
https://www.openbanking.org.uk/customers/variable-recurring-payments/解决方案
-
Use a Faster Payments Service (FPS) single payment for amounts over £25,000 instead of VRP. Example: `curl -X POST "https://api.bank.com/v1/payments" -H "Authorization: Bearer <token>" -d '{"amount": 30000, "currency": "GBP", "payment_type": "FPS"}'` -
Set up multiple VRPs with staggered schedules (e.g., daily VRP of £25,000 and a separate weekly VRP for the remainder) using distinct consent tokens
-
Migrate to a BACS direct debit for recurring payments above £25,000, which has no per-transaction cap but requires 3-day settlement
无效尝试
常见但无效的做法:
-
Split the payment into multiple VRP transactions under £25,000 each
88% 失败
Banks flag multiple VRP payments within 24 hours as suspicious and block the account; also, VRP mandates require a single consent for recurring payments, not batch splitting
-
Use a non-CMA9 bank to bypass the limit
82% 失败
Non-CMA9 banks (e.g., Monzo, Starling) are not bound by CMA9 rules but have their own lower limits (£10,000 or less) under PSD2 SCA
-
Request a manual override from the bank's relationship manager
95% 失败
CMA9 limits are hard-coded in Open Banking APIs; manual overrides are not possible for regulated payments