If you run a business, you want to make sure that clients can pay you in the easiest way possible. One simple way to receive payment is through direct debit. Direct debit is an automatic transaction that transfers money from one person’s account to another on a recurring basis. But to receive payment through direct debit, you must first receive approval to automatically withdraw funds from your clients’ accounts. Here, you must follow some practical guidelines set up by payment regulating body, AusPayNet. This article will explain these guidelines and the four key steps you must take to receive approval for a direct debit request (DDR).

1. Establish Your Legitimacy

If you wish to offer direct debit payments, AusPayNet requests that you demonstrate your business’s legitimacy. This means that you must:

  1. be an established business or entity; and 
  2. contact your bank to request approval to offer direct debit payment.

You may need to provide your bank with evidence that you meet their criteria.

The criteria may include information relating to: 

  • how you will identify your clients to avoid fraud;
  • what kind of service are you providing;
  • whether you have a refund policy; and 
  • your compliance with the Bulk Electronic Clearing System framework.

If you meet your bank’s criteria, they will provide you with:

  • their terms and conditions, which you must understand and agree to; and
  • a user identification number, which you require to offer direct debit services.

2. Establish Your Clients’ Identity

One of the AusPayNet’s key concerns is to limit fraud that may occur if a client is misidentified.

For example, issues can arise surrounding properly identifying clients if you receive their consent for direct debit:

  • over the phone;
  • through email; or
  • electronically.

To manage this risk, you must receive a completed DDR form from each client. You must keep this form for seven years from the date of the last debit made under the DDR. The DDR form must:

  • authorise your business to debit the client’s account;
  • identify the bank that will process the debit (name and BSB);
  • outline the account name and number of the client;
  • identify your business (through both business name and user identification number); and
  • be dated and signed by the client.

Can You Receive Authorisation Over the Phone?

You may only receive authorisation over the phone if your bank has approved it in writing. You should ensure that your client identifies themselves in accordance with your bank’s requirements. Further, you will need to provide your bank with written confirmation of the agreement and the DDR service contract within seven days of the call.

3. Define Your DDR in a Service Agreement

The DDR service agreement sets out the terms and conditions surrounding how you will debit your clients’ account. AusPayNet requires that the DDR service agreement include particular items such as:

  • how the client can amend or cancel the debit arrangement;
  • that the client must have sufficient funds in their account; and
  • your policy if payments fall on a day other than a business day.

4. Consider Privacy

By requesting that your clients complete the DDR form, you may be collecting personal information such as: 

  • contact details; 
  • account details;
  • addresses; 
  • telephone numbers; and
  • email addresses.

If clients provide your bank details, it is likely they will want to know how you manage this information from a privacy perspective. Therefore, it is best practice to have a privacy policy. A privacy policy will set out how you securely hold and handle information, which will enhance your legitimacy and confidence in your clients.

Key Takeaways

To offer direct debit payment from clients, there are a number of steps you must take. First, you must comply with AusPayNet requirements and ensure that clients cannot make fraudulent payments. Further, you must ensure that your DDR service agreement clearly sets out your terms and conditions surrounding DDR payments. You will also need to ensure that your privacy policy outlines how you will handle any personal information. If you have any questions about drafting a DDR service agreement or privacy policy, contact LegalVision’s IT lawyers on 1300 544 755 or fill out the form on this page.

About LegalVision: LegalVision is a tech-driven, full-service commercial law firm that uses technology to deliver a faster, better quality and more cost-effective client experience.
Nathalie King

Get a Free Quote Now

If you would like to receive a free fixed-fee quote or get in touch with our team, fill out the form below.

  • We will be in touch shortly with a quote. By submitting this form, you agree to receive emails from LegalVision and can unsubscribe at any time. See our full Privacy Policy.
  • This field is for validation purposes and should be left unchanged.

Privacy Policy Snapshot

We collect and store information about you. Let us explain why we do this.

What information do you collect?

We collect a range of data about you, including your contact details, legal issues and data on how you use our website.

How do you collect information?

We collect information over the phone, by email and through our website.

What do you do with this information?

We store and use your information to deliver you better legal services. This mostly involves communicating with you, marketing to you and occasionally sharing your information with our partners.

How do I contact you?

You can always see what data you’ve stored with us.

Questions, comments or complaints? Reach out on 1300 544 755 or email us at info@legalvision.com.au

View Privacy Policy