UK Payments Initiative: What the New Open Banking Scheme Means for UK PSPs

ByOfficer

Last updated: June 2026

Get the legal basis of the UK Payments Initiative wrong and you can spend a quarter building a payment proposition on the assumption that EU rules apply, only to find that none of them do. The UK Payments Initiative is the first commercial open banking scheme in the country, and the FCA confirmed its launch in a statement on 2 June 2026. It sits on a uniquely British stack of rules: a competition order, the Payment Services Regulations 2017, and a new data statute. None of that is PSD2 or PSD3. For payment service providers building recurring-payment products, the first job is not technical integration. It is knowing which rulebook governs the thing you are about to connect to.

The scheme matters because it changes the commercial logic of open banking. Until now, most open banking payments in the UK ran on infrastructure that was effectively free to access, mandated under a 2017 competition remedy. Commercial variable recurring payments, or cVRP, introduce a paid model. That single change pulls in the FCA, the Payment Systems Regulator, and the Competition and Markets Authority at the same time, because a paid access model raises competition questions that a free mandate never did.

This article walks through what the UK Payments Initiative is, the rules underneath it, what cVRP changes for banks and third parties, the pricing question the regulators have parked rather than answered, and the governance handover from Open Banking Limited to a new standards body. The focus is operational: what a UK PSP, account provider, or third-party provider should actually check before relying on the scheme.

Related reading: PSD2 Reporting Requirements

What the UK Payments Initiative actually is

The UK Payments Initiative, abbreviated UKPI, is an industry-led scheme that establishes a commercial framework for open banking payments. The FCA described it in its 2 June 2026 statement as a scheme that will give people more choice about how and when they pay for recurring goods and services, and said it expects the launch of the first scheme by UKPI to act as a catalyst for other commercial open banking schemes to emerge.

Read that last point carefully. The FCA is not designating UKPI as the open banking scheme. It is treating it as the first of several it hopes will compete. The regulator used the words “competition between commercial open banking schemes.” That framing tells you the FCA does not want a single monopoly scheme to replace the old mandated model. For a PSP, that means the scheme you integrate with this year may not be the only one you integrate with next year.

UKPI is a scheme, not a regulator and not a piece of legislation. It sets commercial and operational rules that participants agree to follow. Where it gets its teeth is the combination of the underlying statutory payment rules and the access it brokers to bank payment APIs. The scheme itself does not create legal obligations on firms that do not join it. That is a real distinction, and it is one teams routinely blur when they describe UKPI as “the new open banking rules.” It is not the rules. It is a scheme that operates on top of them.

The legal basis, and the Brexit trap that catches EU-trained teams

This is where teams coming from an EU background lose time. UK open banking does not run on PSD2 as Brussels maintains it, and it is not waiting for PSD3 or the Payment Services Regulation. The UK left that track. The contrast with the EU, where credit transfers are being pushed through the SEPA instant payments rules, is sharp: the British framework rests on three separate domestic instruments, and each does a different job.

The first is the Retail Banking Market Investigation Order 2017, the CMA Order that created mandated open banking in the first place. It required the nine largest banks and building societies, the group known as the CMA9, to build and maintain open APIs and to fund a central implementation body. That body is Open Banking Limited. Sweeping, the original variable recurring payment use case that lets a customer move money between their own accounts, was mandated under this order at no cost to the third party.

The second is the Payment Services Regulations 2017, the domestic instrument that carried the substance of PSD2 into UK law and still governs payment initiation services and account information services. A third party initiating a payment under open banking is doing so as a payment initiation service provider under those regulations, supervised by the FCA. That has not changed with the arrival of UKPI.

The third is the newest and the one most teams have not absorbed. The Data (Use and Access) Act 2025 received Royal Assent on 19 June 2025. It creates a framework for smart data schemes and is intended to put UK open banking on a statutory footing rather than leaving it propped up by a competition remedy. The Act lets the Treasury make regulations that can require the FCA to write rules on how financial services providers share customer and business data, including rules on using a prescribed interface and complying with prescribed interface standards. When the FCA says it will consult on a long-term regulatory framework by the end of 2026 subject to new powers, those are the powers it means.

The practical takeaway is blunt. If your compliance mapping for a UK recurring-payments product cites PSD2 articles or anticipates PSD3, the mapping is pointed at the wrong jurisdiction. The controlling texts are the CMA Order 2017, the Payment Services Regulations 2017, and the Data (Use and Access) Act 2025.

Commercial variable recurring payments: what cVRP changes

Variable recurring payments let a customer give a trusted third party standing permission to initiate payments from the customer’s bank account within agreed limits, such as a maximum amount per payment and a maximum frequency. The customer stays in control of the mandate and can cancel it. It is open banking’s answer to the direct debit and the card-on-file subscription, but built on real-time bank rails.

The split that matters is between sweeping VRP and commercial VRP. Sweeping is the self-to-self use case, moving a customer’s money between accounts they own, and it was mandated under the CMA Order for free. Commercial VRP, cVRP, extends the mechanism to third-party payments, paying a biller or a merchant rather than yourself. That is the use case UKPI is built around, and it is the one that needed a commercial model because banks were never mandated to provide it for nothing.

The early use cases are concentrated. The FCA and PSR have framed the first commercial model around regulated financial services, utilities, and public sector payments. The UK Payments Initiative was incorporated in late 2025, the FCA and PSR announced the scheme on 16 December 2025, and the regulators expect the first live payments under the UKPI scheme during the first quarter of 2026. The longer-term prize the government keeps naming is e-commerce, where open banking would compete directly with cards, but that is a later phase rather than the launch position.

Here is what cVRP does not mean. It does not replace direct debit, and it does not carry the Direct Debit Guarantee. The consumer protection model for an open banking payment is different from the direct debit refund right, and a firm that markets cVRP as “just like direct debit” is setting up a complaints problem. The protections come from the payment initiation framework and the scheme rules, not from the direct debit scheme. That distinction needs to be clear in customer terms before a single mandate is taken.

The pricing model and the position the regulators have parked

The genuinely new thing about UKPI is that access is paid. The scheme is built around a centralised access fee, a pricing model that lets banks charge for cVRP access rather than provide it for free as they were forced to do for sweeping. A coordinated, scheme-level pricing model is exactly the kind of arrangement that competition law scrutinises, because firms agreeing on access fees can look like firms agreeing on prices.

That is why the Competition and Markets Authority entered the picture. On 20 January 2026 the FCA and PSR published a joint statement confirming they would not, at this stage, prioritise a Competition Act 1998 investigation into the UKPI’s centralised access fee pricing model for commercial variable recurring payments. The FCA and PSR had written to the CMA on 15 January 2026, and on 16 January 2026 the CMA confirmed that, based on the information available to it, it did not intend to take a different position on CA98 prioritisation. The CMA noted it wanted to avoid deterring businesses from collaborating in ways that may benefit consumers.

Two things deserve emphasis because they are easy to overstate. First, this is a non-prioritisation position, not a clearance or an exemption. The regulators have said they will not prioritise an investigation now. They have not said the pricing model is lawful under competition law for all time. Second, it is explicitly temporary. The position applies until the government’s anticipated legislative framework is in place, expected by the end of 2026, or until July 2027, whichever comes first. After that point the comfort expires and the long-term framework, or a fresh competition assessment, takes over.

For a PSP building a business case on cVRP economics, that time-limited comfort is the single most important caveat in the whole scheme. A pricing model that is tolerated until mid-2027 is not the same as a pricing model that is fixed. The regulators also said they would monitor market developments, review changes to the pricing methodology, and expect UKPI to submit finalised governance documents. Pricing is being watched, not waved through.

Who has to do what

The obligations split by role, and conflating the roles is where smaller firms get their gap analysis wrong.

Account providers, the banks holding the account

The CMA9 already build and maintain the open banking APIs under the 2017 order. For cVRP, an account provider that wants to offer commercial access does so through the scheme and its commercial model, rather than under the free mandate that covers sweeping. The bank is the account servicing payment service provider in payment-services language, and it remains responsible for authenticating the customer and applying strong customer authentication to the mandate setup under the Payment Services Regulations 2017. Payee-side controls such as Confirmation of Payee operate separately from that mandate authentication. Joining a commercial scheme does not move the SCA obligation off the bank.

Third-party providers initiating the payment

A firm initiating a cVRP on a customer’s instruction is acting as a payment initiation service provider and needs the relevant FCA authorisation or registration for that activity under the Payment Services Regulations 2017. Scheme membership is an additional commercial and technical layer on top of that authorisation, not a substitute for it. A firm cannot scheme its way out of needing to be an authorised or registered payment institution where the activity requires it.

The biller or merchant receiving the payment

A utility, a lender, or a public body collecting via cVRP is the ultimate beneficiary and usually contracts with a third-party provider rather than connecting directly. Its main exposure is consumer-facing: clear mandate terms, clear cancellation rights, and accurate description of the payment method. This is the group most likely to misdescribe cVRP as a direct debit in its billing communications, which is a conduct risk under the FCA’s consumer duty rather than a payments-rules breach. The senior managers accountable for that conduct sit inside the UK senior-manager accountability regime.

On reporting, the honest answer is that UKPI does not create a new prudential or transaction return on day one. Payment initiation and account information activity already sits inside the existing FCA payment-services reporting regime, and fraud and operational incident reporting obligations continue to apply to authorised firms. When I map a new payment flow, the first question is always which existing return it lands in rather than assuming a new one appears, and cVRP volumes will surface through the payments fraud and operational data firms already file rather than through a bespoke UKPI return. If the FCA’s end-of-2026 consultation introduces dedicated reporting, that is the moment to revisit the mapping, not before.

The Future Entity: the governance handover most teams have not noticed

Underneath the cVRP headlines, the body that runs UK open banking is changing. Open Banking Limited was created under the 2017 CMA Order and funded by the CMA9. The plan, set out through the Joint Regulatory Oversight Committee and now carried forward under FCA oversight, is to replace it with a long-term standards body usually called the Future Entity.

The Future Entity is intended to be a new, industry-funded standards-setting body for open banking APIs, taking over from Open Banking Limited as the successor organisation. The FCA has been running an independent assessment to help industry decide which organisation should lead the next phase, and 2026 is the year the transition is expected to take concrete shape. The Future Entity is expected to be a not-for-profit company that defines and maintains the technical and operational standards participants follow, rather than a public body with enforcement powers. That regulatory backstop is what the Data (Use and Access) Act 2025 is meant to provide once the FCA has its rules in place.

This sits inside a larger government strategy. The National Payments Vision, published by HM Treasury on 14 November 2024, set the direction: open banking developed as a ubiquitous payment method with a sustainable commercial model, JROC wound down, and the FCA taking lead responsibility for open banking regulation. The UK Payments Initiative and the Future Entity are the two operational pieces of that vision arriving at roughly the same time, one for commercial payments and one for governance.

The point teams miss is that the standards you integrate against have an owner that is mid-transition. API standards, conformance, and dispute arrangements are managed today by Open Banking Limited and are expected to move to the Future Entity. Building integration documentation that names a permanent standards owner is premature while the handover is still being settled. Reference the standard and the current maintainer, and expect the maintainer to change.

Timeline and what to prepare now

The dates that are actually fixed are fewer than the noise suggests. The National Payments Vision is dated 14 November 2024. The Data (Use and Access) Act 2025 received Royal Assent on 19 June 2025. The FCA and PSR pricing-model non-prioritisation statement is dated 20 January 2026, resting on the 16 January 2026 CMA confirmation, and that comfort runs until the end-of-2026 framework or July 2027, whichever is first. The FCA confirmed the UKPI scheme launch on 2 June 2026 and said it will consult on a long-term regulatory framework by the end of 2026, subject to getting new legislative powers.

Several other dates are still soft, and treating them as firm is a mistake. The exact date the Future Entity formally takes over from Open Banking Limited has not been pinned to a single confirmed day in the primary statements, and the precise sector-by-sector phasing of cVRP rollout is set out in scheme and PSR delivery documents that continue to move. Where a date is not nailed down in a primary source, the safer planning assumption is a window, not a deadline.

What a firm can do now does not depend on the soft dates. Confirm your authorisation covers payment initiation if you intend to initiate cVRP. Decide whether your commercial case survives the possibility that the access-fee model is revisited after mid-2027. Write customer terms that describe cVRP accurately and do not borrow the direct debit guarantee. Track the FCA’s end-of-2026 consultation, because that is where reporting and conduct obligations specific to commercial open banking are most likely to be set.

Common mistakes teams make reading this scheme

The first is treating UKPI as legislation. It is a scheme that operates on top of the CMA Order, the Payment Services Regulations 2017, and the Data (Use and Access) Act 2025. Joining it does not change your statutory obligations, and not joining it does not exempt you from them.

The second is assuming EU payment law applies. UK open banking is not governed by PSD2 as it now stands in the EU, nor by PSD3. A control framework built on EU citations is mapped to the wrong rulebook, and the gap will show up the first time a UK supervisor asks for the legal basis.

The third is reading the regulators’ competition position as a green light. The FCA, PSR, and CMA have agreed not to prioritise a Competition Act 1998 investigation into the cVRP access-fee model for now. That is a time-limited non-prioritisation, not a permanent clearance, and it expires by July 2027 at the latest. A long-term business case that ignores that expiry is fragile.

Frequently Asked Questions

Is the UK Payments Initiative the same as PSD3?

No. The UK Payments Initiative is a domestic industry-led open banking scheme. It is not the EU’s PSD3 or Payment Services Regulation, and it does not implement them. UK open banking rests on the Retail Banking Market Investigation Order 2017, the Payment Services Regulations 2017, and the Data (Use and Access) Act 2025. Firms should map UK products to those instruments, not to EU payment law.

What is the difference between sweeping VRP and commercial VRP?

Sweeping moves a customer’s money between accounts the customer owns and was mandated under the 2017 CMA Order at no cost to third parties. Commercial variable recurring payments, cVRP, extend the same mechanism to payments to a third party such as a utility or a lender. cVRP needs a commercial model because banks were not mandated to provide third-party access for free, and that paid model is what the UK Payments Initiative provides.

Does cVRP come with the Direct Debit Guarantee?

No. cVRP is an open banking payment initiated under the payment initiation framework, not a direct debit. It does not carry the Direct Debit Guarantee refund right. The consumer protections come from the payment-services rules and the scheme rules. Describing cVRP to customers as equivalent to direct debit creates a conduct risk under the FCA’s consumer duty.

Have the regulators approved the UKPI pricing model?

Not exactly. On 20 January 2026 the FCA and PSR said they would not prioritise a Competition Act 1998 investigation into the UKPI’s centralised access fee model, and on 16 January 2026 the CMA confirmed it did not intend to take a different position. This is a non-prioritisation, not a clearance or an exemption, and it is temporary. It applies until the long-term framework expected by the end of 2026, or until July 2027, whichever comes first.

Do I need FCA authorisation to offer cVRP?

A firm initiating payments for customers acts as a payment initiation service provider and needs the relevant FCA authorisation or registration under the Payment Services Regulations 2017. Scheme membership is a separate commercial and technical layer on top of that authorisation. Joining the scheme does not remove the need to be authorised or registered where the activity requires it.

What is the Future Entity and does it affect my integration?

The Future Entity is the planned successor to Open Banking Limited as the standards-setting body for UK open banking APIs. It is expected to be an industry-funded not-for-profit that maintains technical and operational standards. The 2026 transition matters for integration because the owner of the standards you build against is changing, so documentation should reference the current maintainer and expect it to move.

Does the UK Payments Initiative create new reporting obligations?

Not on launch. Payment initiation and account information activity already sits inside the existing FCA payment-services reporting regime, and fraud and operational incident reporting continue to apply. The FCA has said it will consult on a long-term regulatory framework by the end of 2026, and any dedicated commercial open banking reporting would most likely come from that work rather than from the scheme launch itself.

Related Articles

Key Takeaways

  • The FCA confirmed the launch of the UK Payments Initiative, the first commercial open banking scheme, in a statement dated 2 June 2026, and expects competing schemes to follow.
  • UK open banking rests on the Retail Banking Market Investigation Order 2017, the Payment Services Regulations 2017, and the Data (Use and Access) Act 2025, not on EU PSD2 or PSD3.
  • Commercial variable recurring payments extend VRP from self-to-self sweeping to third-party payments and introduce a paid, centralised access fee model.
  • The FCA and PSR will not prioritise a Competition Act 1998 investigation into the cVRP pricing model, confirmed with the CMA on 16 January 2026, but only until the end-2026 framework or July 2027, whichever comes first.
  • cVRP is not a direct debit and does not carry the Direct Debit Guarantee, which is a consumer-duty risk if firms describe it that way.
  • Initiating cVRP requires FCA authorisation or registration as a payment initiation service provider under the Payment Services Regulations 2017; scheme membership does not replace that.
  • Open Banking Limited is being replaced by the Future Entity as the standards body during 2026, so integration documentation should expect the standards owner to change.
  • No new reporting return arrives at launch; watch the FCA’s end-of-2026 consultation for any dedicated commercial open banking obligations.

Sources and References

  • FCA, “Open banking: launch of the UK Payments Initiative scheme”, statement, 2 June 2026: https://www.fca.org.uk/news/statements/open-banking-launch-uk-payments-initiative-scheme
  • FCA, “Regulators give clarity in relation to open banking pricing models”, statement, 20 January 2026: https://www.fca.org.uk/news/statements/regulators-give-clarity-open-banking-pricing-models
  • Payment Systems Regulator, “Commercial variable recurring payments: update on delivery”, policy statement, 16 December 2025: https://www.psr.org.uk/publications/policy-statements/commercial-variable-recurring-payments-update-on-delivery/
  • HM Treasury, “National Payments Vision”, 14 November 2024: https://www.gov.uk/government/publications/national-payments-vision
  • Data (Use and Access) Act 2025 (Royal Assent 19 June 2025): https://www.legislation.gov.uk/ukpga/2025/18/contents
  • Retail Banking Market Investigation Order 2017 (CMA): https://www.gov.uk/cma-cases/review-of-banking-for-small-and-medium-sized-businesses-smes-in-the-uk
  • The Payment Services Regulations 2017 (SI 2017/752): https://www.legislation.gov.uk/uksi/2017/752/contents
  • FCA, “Independent assessment of proposals to establish an open banking standards-setting body”: https://www.fca.org.uk/publications/external-research/independent-assessment-proposals-establish-open-banking-standards-setting-body

What UK PSPs should pin down before relying on the scheme

The UK Payments Initiative is real, it is live, and it is genuinely the first commercial open banking scheme in the country. But the parts that should drive a build decision are not the launch headline. They are the legal basis that is purely domestic, the pricing comfort that expires by July 2027, the consumer protection model that is not direct debit, and a standards owner that is mid-handover. A firm that maps those four things correctly is ready for the scheme. A firm that treats UKPI as settled EU-style payment law will rebuild its compliance work later, on a worse timeline.

Disclaimer: The information on RegReportingDesk.com is for educational and informational purposes only. It does not constitute legal, regulatory, tax, or compliance advice. Always consult your compliance officer, legal counsel, or the relevant supervisory authority for guidance specific to your institution.

Similar Posts