June 01, 2026
cVRP: a new standard for recurring payments in the UK
In 2025, the UK made 351 million open banking payments: a 57% jump on the year before, with VRP accounting for roughly 16% of all open banking transactions and growing 98% year on year. It’s clear that pay by bank works for recurring payments.
Until recently, most of that growth was limited to sweeping, money moving between accounts a person already owns. Useful, but a fraction of what Variable Recurring Payments (VRP) can actually unlock. Now, the UK is opening up the real recurring payments market: from consumers to businesses, all regulated and at scale.
What VRP use cases are available, and why "commercial" is the unlock
Sweeping VRPs, or "me-to-me" payments have made a major impact. They’ve unlocked smart savings, overdraft avoidance, and instant fintech funding.
With Commercial VRP (cVRP), UK businesses can use VRP to make it easier to transact with their customers. Wave 1 covers five high-trust sectors:
Financial services. Payments into regulated products like savings accounts, ISAs, mortgages, pensions, and insurance, as well as FCA-authorised e-money accounts.
Utilities and telecoms. Electricity, gas, water, broadband, and mobile.
Rail. Tickets purchased under National Rail Conditions of Travel.
Charities. Donations to organisations registered with the Charity Commission, OSCR, or CCNI.
Government. Central and local government bodies, including TfL-designated organisations.
For an account funding use case like an investments brokerage this now means end users can:
Create a single consent with clear limits
Securely verify it with their bank
Make one-time or scheduled monthly account top ups under a single VRP consent
Funds landing with the brokerage in near real-time
Wave 1: where safe recurring payments grow next
Wave 1 focuses on regulated, high-trust sectors where recurring payments are already common: regulated utilities, regulated financial services, central and local government, charities, and rail. These are sectors where consumer protection is already strong, transaction predictability is high, and the value of flexible recurring payments is most obvious.
cVRP introduces three things that direct debit and continuous card authorities do not:
Irrevocable, instant settlement. Once a payment executes, the funds move in real-time. There is no chargeback window, no indemnity claim. There is now a clear dispute framework. For clients, this means eliminating an entire category of financial and operational risk.
Granular, consumer-controlled consent. The consumer authorises the mandate with specific limits. You get instant confirmation once a mandate is set up and end users can view and revoke mandates at any time from their bank app.
SCA at consent, not at payment. With VRP, strong authentication happens once when the mandate is created. Subsequent payments execute without friction, on the strength of that authenticated consent. This gives merchants the conversion benefits of stored credentials combined with the benefits of strong customer authentication.
The security case is already proven. In the first half of 2025, open banking payment fraud was roughly 3.5 times lower than other payment fraud types. That’s largely due to how open banking payments are designed. They don’t share card numbers with the merchant, and every payment is authenticated directly through the payer’s bank. VRP extends this to recurring payments, replacing stored card credentials with a single bank-authenticated mandate.
The trajectory ahead
cVRP opens the addressable market by an order of magnitude: every consumer with a recurring relationship to a regulated utility, financial services provider, or public sector body in the UK is now in scope, with more use cases going into effect later this year. And, as the nature of transactions changes and agentic commerce takes shape, VRP provides the regulated, consumer-controlled rails to support it.
How to get started using VRP with Plaid
Plaid has been live with VRP since 2022, and as a founding participant in the UKPI scheme, we are ready for commercial VRP from day one.
VRP is built on the same Payments API that powers Plaid's one-time Pay by Bank, so if you're already integrated, adding recurring payments is straightforward. And because VRP sits alongside our identity, account data, and risk products, you get a single provider for the full stack — from verifying a customer's identity and affordability through to initiating and reconciling payments. With over 9,000 apps on the Plaid network globally, each transaction also benefits from network-level fraud signals drawn from user behaviour across the ecosystem.