If you are a friend of mine and you think I owe you some money, please feel free to take it from my bank account: 10-11-12 98765432.
If you were wrong, I'll sort it out myself after you've taken the money from my account. If you were not a friend, well, I'll sort that out too. Hopefully. Even if that takes me hours.
The above may sound strange, yet that is what Continuous Payment Authority (CPA) is all about. Whenever consumers provide their debit or credit card details, they may - inadvertently - set up the CPA mandate.
Unlike Direct Debit that requires an explicit instruction to the bank, the CPA is an implicit "passive" animal. All it takes for the CPA to take force is a single purchase of a product or a service that may require a follow-up or recurring
payment. The CPA can be set up by merely providing card details and ticking that "Agree" box (I will buy a lunch to anyone who can conclusively prove that they always read, with due care and attention, the full text of Terms and Conditions before ticking
the "Agree/Accept" box).
Unlike with DD, consumers don't need to specifically agree to the CPA, and the companies are not obliged to advise/warn consumers of the CPAs being setup. Often, there
is no written record of the authority being set up.
Few consumers are familiar with the CPA. Even fewer are aware that the CPAs are linked to a card account, not the card itself - if a card, that was used for payment that "triggered" the CPA, expires or is cancelled, a new card is automatically linked
to that CPA mandate.
Yes, it is possible to cancel the CPA, by calling either the card issuer or the company in question (or both). Since most consumers do not know that the CPA was setup in the first place, they can only discover the fact after the payment(s) had been taken
from the card. Even then, it is not always easy to associate such payments with the CPA as the frequency and amounts of such payments can vary greatly.
Although the card issuers are aware of the CPA problem, most of them choose to distant themselves from it - "We are merely a payment agent" (the CPA payments are not covered by any bank guarantee). That doesn't have to be the case - after all, it is the
issuer who provides a consumer with the payment method which leads to the problem.
According to the Financial Ombudsman Service: "Underlying the arrangements for continuous-payment authorities
are agreements between the banks and the card networks. These contractual arrangements will be binding on those who are party to them. However, that does not include the consumer, who will have no knowledge of the agreement and will not have signed
up to it."
So, what can be done to solve the CPA problem?
One of the solutions is to provide consumers with a (virtual) prepaid card that is linked to the main card account and acts as a limited amount "buffer". The other solution is to allow consumers to explicitly confirm every transaction before it is
charged to the card. At TEDIPAY, we do both, as part of our "Peace of Mind" value proposition.