SEPA Direct Debit

SEPA Direct Debit — mandate-driven debits across Europe, the UK and ACH.

topropay handles the SEPA Direct Debit mandate lifecycle end-to-end, alongside ACH direct-debit payments and Bacs Direct Debit, through one unified API. Same authorise / capture / refund / dispute model as cards; R-message and R-code handling under the hood; one ledger across every rail.

SEPA DIRECT DEBIT MANDATE CORE · ONE-OFF / RECURRENT Unique mandate ref. UMR-9421-EU-2025 Creditor identifier DE98ZZZ09999999999 Debtor name EXAMPLE GMBH Debtor IBAN DE89 3704 •••• •••• 00 Amount & cycle €189.00 · monthly Pre-notification 14 days Debtor signature ✎ signed Captured at 2026-06-12 09:41 CET VAULTED
One mandate, one UMR, every subsequent debit references it.
CORE & B2B
SEPA schemes supported
Mandate
lifecycle managed end-to-end
R-codes
decoded and retried automatically
1 ledger
across SEPA, Bacs and ACH

Key benefits

Why direct debit payment processing belongs inside the same orchestration layer

Four outcomes that show up consistently once SEPA / ACH / Bacs direct-debit flows share the same platform as card and wallet authorisations.

  1. Mandate

    SEPA direct debit mandate lifecycle, handled end-to-end

    The platform captures the mandate at sign-up (paper, electronic, or eMandate via the bank), stores the signed evidence in the vault and surfaces it on every subsequent debit. Amendment, replacement and cancellation events are first-class — your billing system never needs to track mandate IDs manually.

  2. Retries

    R-code-aware retry calendars on every rail

    SEPA R-messages (AC04, MS03, AM04 and friends) and ACH R-codes (R01, R03, R04 and others) decode automatically into a per-code retry policy. The merchant doesn't write a per-reason script; the platform translates the rail's error into the right next-attempt window.

  3. Same API

    SEPA and ACH direct debit through the same primitives

    Direct debit payment ach flows and SEPA Direct Debit flows share the same authorise / capture / refund / dispute model. The merchant integrates one API; the platform absorbs the per-rail differences in mandate posture, settlement calendar and dispute window.

  4. Reconciliation

    One ledger across SEPA, Bacs and ACH

    Settlements, fees, returns and chargebacks across SEPA Direct Debit, Bacs Direct Debit, ACH and equivalents normalise into one ledger keyed off vault tokens. Finance closes the month from a single export instead of three rail-specific files.

How it works

Six stages from sign-up to reconciliation

What happens between the mandate being captured and a settled (or returned) debit landing in the unified reconciliation feed. Same shape across SEPA and ACH.

  1. Sign-up

    Capture the mandate

    The customer signs the mandate via the hosted page (paper signature uploaded, e-signature inline, or bank-initiated eMandate). The platform stores the signed evidence and issues a vault token.

  2. Schedule

    Define the debit cycle

    Cycle, grace window, retry window and dunning policy live next to the mandate. One-off debits and recurring debits both run from the same scheduler.

  3. Initiate

    Submit the debit file

    On the scheduled day, the platform initiates the debit through the connected SEPA acquirer (or ACH originator) under the merchant's creditor identifier. No file-format work on the merchant side.

  4. Wait

    Bank settles or returns

    SEPA Direct Debit settles on the cycle's value date; ACH settles on the scheme's calendar. Returns surface as R-messages (SEPA) or R-codes (ACH) inside the same webhook stream as authorisations.

  5. Retry

    Decode the rail error and retry

    AC04 (account closed) gets a different policy than MS03 (reason not specified). R01 / R03 / R04 each map to a recovery window. Merchant-side code just sees 'retry scheduled' or 'returned permanent'.

  6. Reconcile

    Settlement and dispute timeline

    Settled debits, fees, returns, refund-after-debit reversals and disputes all land in the unified ledger with the mandate ID, vault token and operator identity preserved.

Rail comparison

SEPA Direct Debit vs ACH direct debit at a glance

Two bank-rail debit families that look similar on paper and behave differently in production. The platform handles both; the comparison below is for the merchant's decision-making, not for ours.

Dimension SEPA Direct Debit ACH direct debit
Geography SEPA zone (EU + EFTA + UK SEPA on a transition basis) United States
Schemes CORE (B2C, 8-week refund right), B2B (B2B, no refund right, mandate confirmed by debtor's bank) Standard Entry Class codes (PPD for consumer, CCD for business)
Mandate Mandate stored at creditor; mandate-reference (UMR) on every debit; first / recurrent / final flags Authorisation stored at originator; NACHA mandates renewed/refreshed per rules; same-day vs next-day windows
Settlement D-1 to D-5 depending on scheme variant; pre-notification 14 / 1 days Same-day ACH or next-day; cut-off times per ODFI
Returns R-messages (AC04, MS03, AM04, BE05, etc.) within scheme windows R-codes (R01–R99) within return windows per code
Currency EUR (with UK SEPA carve-out post-Brexit) USD

Main use cases

Where direct debit payment systems earn their keep

Six merchant shapes that benefit most from bank-rail direct debit — across SEPA, ACH and Bacs, on the same orchestration layer.

  • Subs

    Subscriptions and SaaS on EUR / USD

    Recurring SEPA Direct Debit for EUR-billed subscriptions, ACH debit payment for USD-billed subscriptions — both inside the same recurring engine as card recurring.

  • Utility

    Utility and telecom bill pay

    Utility-style monthly debits where SEPA Direct Debit and ACH dominate. Mandate evidence, pre-notification and per-cycle invoice metadata flow through the unified API.

  • Donor

    Donation and nonprofit recurring

    Recurring donor relationships managed on SEPA CORE in the EU, ACH PPD in the US, with gift-aid metadata preserved end-to-end and donor-portal cancel flows wired in.

  • B2B

    B2B contracts and AP-driven flows

    B2B SEPA scheme for higher-trust counterparties (no consumer-style refund right; mandate confirmed by the debtor's bank) and ACH CCD for US business-to-business debits.

  • Plat

    Marketplaces collecting from sellers

    Marketplaces collecting recurring listing or platform fees from sellers via SEPA / ACH direct debit, with per-tenant routing policies and split-payment-aware reconciliation.

  • Low-tk

    High-volume, low-ticket recurring

    Per-transaction flat pricing on bank rails beats per-percent card pricing for low-ticket recurring traffic. The routing engine surfaces the comparison per merchant.

Reference

R-message and R-code handling, decoded

A sample of the SEPA R-messages and ACH R-codes the platform decodes automatically into a per-code retry policy. The merchant's billing system sees normalised events, not raw rail-format strings.

  • AC04 SEPA

    Account closed — permanent return; merchant collects new mandate.

  • MS03 SEPA

    Reason not specified — retry once; if it returns again, treat as permanent.

  • AM04 SEPA

    Insufficient funds — retry after a few business days.

  • BE05 SEPA

    Identifier of creditor incorrect — operational fix on the platform side.

  • R01 ACH

    Insufficient funds — retry up to two more times under NACHA.

  • R03 ACH

    No account / unable to locate — permanent return; collect new authorisation.

  • R04 ACH

    Invalid account number — operational fix; sometimes a digit transposition on capture.

  • R10 ACH

    Customer advises not authorised — escalate; do not retry.

The full R-message and R-code catalogue is exposed inside the merchant dashboard, with the per-code retry policy and operator-side override surfaces.

Platform features

Capabilities behind the direct debit payment gateway

What the platform actually ships for SEPA and ACH direct-debit traffic — beyond the general orchestration features shared with card recurring.

  • Mandate capture surfaces

    Hosted page, embedded SDK and operator-side mandate intake — paper, e-signature and bank-initiated eMandates.

  • UMR & creditor-ID handling

    Unique Mandate Reference per debtor and creditor identifier per merchant — generated and tracked end-to-end.

  • Pre-notification

    Configurable 14-day / 1-day SEPA pre-notifications via webhooks; merchants pipe them into their own notification surface.

  • R-message decoder

    SEPA R-messages decoded into a per-code policy; ACH R-codes likewise. No per-reason scripting on the merchant side.

  • Retry scheduler

    Decline-reason-aware retries with scheme-compliant windows; merchant gets one final settled-or-returned event per debit.

  • B2B & CORE schemes

    SEPA CORE for B2C-style debits with 8-week refund right; SEPA B2B for B2B debits with mandate confirmed by debtor's bank.

  • Vault tokens

    Mandate evidence and account data live in the vault; refunds, retries and amendments run on vault tokens, not raw account numbers.

  • Webhook stream

    Signed, replay-safe events for mandate.created / debit.initiated / debit.returned / refund.created — same model as card events.

  • Operator portal

    One dashboard for SEPA, ACH and Bacs direct-debit traffic — initiation queue, return queue, refund queue, dispute queue.

  • Audit & evidence retention

    Mandate signing evidence, R-message metadata and operator actions retained per scheme rules.

Trust & compliance

Compliance posture for SEPA and ACH direct-debit traffic

Both rails carry their own scheme rulebooks. The platform aligns to EPC for SEPA, to NACHA for ACH, and to the underlying acquirer / ODFI's risk programmes.

PCI DSS Level 1
Service-provider posture validated annually on-site; vault posture extends to mandate and account data.
SEPA scheme alignment
Mandate management aligned to EPC rulebooks; UMR generation, mandate references and first/recurrent/final flags handled per scheme.
NACHA alignment
ACH origination respects NACHA rules — return windows, prenotes, ODFI cut-offs and authorisation refresh requirements.
Sanctions screening
Originator-side and beneficiary-side sanctions screening on every debit; flagged debits stopped before file submission.
Data residency
EU data residency for SEPA flows; US residency for ACH flows; signed event logs available from the dashboard for audit.
Licensed verticals only
Licensed gaming, regulated financial services and other compliance-bound verticals supported where current operating licences exist. Grey and black-market verticals are out of scope.

Ready to ship debits

Run SEPA Direct Debit and ACH debits through one API.

A 30-minute debit review covers the rails relevant for your buyer base, the mandate-capture surface that fits your sign-up flow, and a sandbox to test R-message and R-code handling against before any commercial commitment.

Frequently asked

Buyer questions about SEPA Direct Debit and ACH on topropay

Questions buyers ask before committing — covering mandate handling, scheme comparison, post-Brexit UK SEPA, and the boundary between SEPA / ACH / Bacs.

  1. 01

    What does the platform mean by sepa direct debit support?

    Sepa direct debit support on topropay covers the full mandate lifecycle (capture, store, amend, cancel), debit initiation under the merchant's creditor identifier, R-message decoding for returns, scheme-compliant retry windows, and reconciliation across the unified ledger. Both CORE (B2C-style) and B2B schemes are supported.

  2. 02

    How is the sepa direct debit mandate stored and surfaced?

    The sepa direct debit mandate is captured at sign-up (paper, e-signature or bank-initiated eMandate) and stored in the vault with the signed evidence, UMR, creditor identifier and first/recurrent/final flag. Every subsequent debit references the mandate; amendment and cancellation events are first-class in the webhook stream.

  3. 03

    How does direct debit payment ach work next to SEPA Direct Debit?

    Direct debit payment ach flows run through the same API as SEPA Direct Debit — same authorise / capture / refund / dispute model, same webhook events. The platform absorbs the per-rail differences (NACHA mandate rules, R-codes, ODFI cut-offs) so the merchant doesn't fork their billing system per rail.

  4. 04

    What's the difference between ACH debit payment and SEPA Direct Debit in practice?

    ACH debit payment runs in the US under NACHA rules with R-codes (R01–R99), same-day or next-day settlement and PPD/CCD entry classes. SEPA Direct Debit runs in the SEPA zone under EPC rulebooks with R-messages, D-1 to D-5 settlement and CORE/B2B schemes. Both bank-rail debits; the timing and dispute windows differ.

  5. 05

    How is debit payment processing tracked across rails?

    Debit payment processing on the platform tags every debit with rail, scheme, mandate ID, vault token, operator identity and any return code. The dashboard rolls up by rail or by scheme; the reconciliation export includes the same columns so finance can split out per-rail behaviour when needed.

  6. 06

    Are direct debit payment solutions on the platform single-rail or multi-rail?

    Direct debit payment solutions on topropay are multi-rail by design — SEPA CORE, SEPA B2B, Bacs Direct Debit in the UK, ACH in the US, plus equivalents in supported APAC markets. The merchant picks the rails relevant to their buyer base; the integration is one API regardless.

  7. 07

    What payment solutions direct debit options do you recommend for cross-border merchants?

    Payment solutions direct debit options for cross-border merchants usually mean SEPA CORE for EU buyers, ACH PPD for US consumers, ACH CCD or SEPA B2B for B2B counterparties, and Bacs Direct Debit for UK buyers. topropay handles all of them inside one API and one reconciliation feed.

  8. 08

    How is ach direct debit payment authorisation captured?

    Ach direct debit payment authorisation is captured at sign-up via the hosted page (online flow) or operator-side (offline flow), with the signed authorisation stored in the vault. NACHA-required prenotes and authorisation-refresh windows are handled by the platform; the merchant just stores the vault token.

  9. 09

    Does the platform handle sepa direct debit uk for post-Brexit UK merchants?

    Sepa direct debit uk flows are handled where the connected partner banks support them — many UK merchants run SEPA-EUR debits alongside Bacs Direct Debit-GBP debits for UK accounts. topropay surfaces both rails through the same API; UK merchants typically combine them rather than choose between them.

  10. 10

    Is there a direct debit payment gateway shape on topropay?

    A direct debit payment gateway shape on topropay is the same unified API used for cards. From the merchant's perspective the API behaves like a gateway (authorise / capture / refund / dispute), but the rail underneath is SEPA Direct Debit, ACH or Bacs Direct Debit rather than a card scheme.

  11. 11

    What direct debit payment systems exist on the platform beyond SEPA and ACH?

    Beyond SEPA Direct Debit and ACH, the platform connects Bacs Direct Debit in the UK, BECS in Australia and Pix-debit-style flows in supported LATAM markets. The direct debit payment systems are routed through partner-licensed connectivity where direct underwriting isn't in topropay's licence scope.

  12. 12

    What does dda debit ach payment mean in your data model?

    DDA debit ach payment refers to an ACH debit against a demand-deposit account — i.e. a checking-account debit. In our data model, ACH debits carry the entry class (PPD for consumer DDA, CCD for business DDA, WEB for internet-authorised debits) so the merchant and the routing engine know which rules apply.

  13. 13

    How does direct debit payment processing compare to card recurring for cost?

    Direct debit payment processing typically costs less per-transaction than card recurring for low-to-mid ticket sizes, because bank-rail fees are flat-or-near-flat per transaction whereas cards carry interchange and scheme fees as a percentage. The trade-off is timing (debits settle slower) and return windows (longer than card chargebacks in some cases).

  14. 14

    Can a merchant run SEPA CORE and SEPA B2B in parallel on one account?

    Yes — CORE and B2B run as two separate scheme tracks under one merchant account. The mandate captures which scheme applies, the platform routes the debit through the right SEPA acquirer, and reconciliation tags each row with the scheme used.

  15. 15

    What about refunds and reversals on SEPA Direct Debit?

    SEPA CORE carries an 8-week no-questions-asked refund right for the debtor, plus a 13-month right for unauthorised debits. SEPA B2B has no consumer-style refund right but mandate is confirmed by the debtor's bank up front. The platform handles both timelines and surfaces refund / reversal events identically in the webhook stream.