It is the document a payer must sign and send to the biller in order to authorise the biller (via its payment service provider or ) to collect the funds directly from the account of the payer. The SDD mandate can be issued in a paper or electronic format.
The provides billers with a number of tools facilitating the creation of templates for SDD mandates (for both the and SDD Business-to-Business or B2B schemes), and ensure that they are user-friendly and compliant with the SDD rulebooks.
SDD mandates are signed by all kinds of payers: individuals, businesses, and more. It is therefore important that they remain easily understandable and as short as possible. The has issued a guidance document containing practical information on the visual presentation of SDD mandates. Any biller can use these guidelines to issue streamlined mandates (both paper and electronic). They suggest a number of ways to reduce the mandate size without losing any essential content and while remaining compliant with the SDD rulebooks.
The offer their SDD services to billers and payers in most European countries in which dozens of different languages are spoken. To make it easier for billers across to issue SDD mandates while still ensuring their clarity and compliance with the SDD rulebooks (available in English only), the has translated the SDD mandate text into all SEPA languages.
The SDD rulebooks include the option of issuing electronic mandates, often referred to as e-mandates. They are increasingly popular thanks to their convenience for both the payer (who does not have to print, sign and mail a document to the biller) and the biller (who enjoys automated processing and easy electronic storage and retrieval of e-mandate data). One way to make it secure involves the widely trusted online banking services used by the payer to authenticate themselves and electronically sign the mandate.
More information is available in the Clarification letter on electronic mandates to SDD scheme participants, and in the Clarification paper on the use of electronic mandate solutions. Interested stakeholders can also consult the EPC Recommendation on the validity of electronic mandates in a cross-border context and the Clarification paper on the change of creditor or creditor reference party.
To authorise a direct debit made with an e-mandate fulfilling the characteristics of the ’s optional e-mandate model, a payer’s has to validate the e-mandate. The payer’s PSP can either validate this e-mandate itself or use a ‘validation service provider’ acting on its behalf. In addition, the biller’s PSP uses a ‘routing service’ to facilitate the communication between the biller and the payer’s PSP. This routing service is either directly provided by the biller’s PSP itself or by a service provider acting on behalf of this PSP.
The messages are routed via open networks on the internet. In order to make this message exchange reliable and secure, the EPC makes available a standard for this messaging, the EPC e-Mandates e-Operating Model.
The EPC offers all bodies required to securely qualify legitimate validation service providers and routing service providers – also known as ‘certification authorities’ (CAs) – the opportunity to become ‘EPC approved’. The applicant will need to fulfil specific requirements in line with well-accepted international standards. The primary role of EPC-approved CAs is to provide a common trust (and hence liability) model enabling secure message flows between the validation service providers and the routing service providers without having to establish bilateral agreements between all possible combinations.
The EPC’s Trusted-Service Status List (TSL) features approved CAs authorised by the EPC to issue authentication certificates to both routing service and validation service providers and also to sign certificates for validation service providers for e-mandates. Furthermore, it contains copies of the public key infrastructure trust anchors of these approved CAs in order to support SEPA e-mandate services when they check certificates to establish whether they have been issued by these CAs. The EPC has contracted MULTICERT – Serviços de Certificação Electrónica, S.A. as its approved TSL provider to publish and maintain this list on its behalf on MULTICERT’s website. This TSL is currently suspended as there are no EPC-approved CAs to date. Any organisation interested in becoming ‘EPC approved’ can contact the EPC to learn more about the application process.