With whom are you trading online?

GraceCourt

Anyone who has set up a regular Direct Debit ("DD") arrangement to make monthly payments to a utility company - which is just about everybody! - will probably have received an e-mail from a company called GoCardless Limited, sent on behalf of the supplier, keeping the bill payer informed about the progress and management of the DD authority. What you might not have noticed is that these e-mails fail to provide all of the information required by the Companies Act 2006 about the identity of the sender, and failure to comply is a criminal offence under Regulation 28 of The Company, Limited Liability Partnership and Business (Names and Trading Disclosures) Regulations 2015.  Of course, you might believe that this is all unnecessary "red tape", but if you ever have to take steps to address a consumer complaint, especially if there's a possibility of legal proceedings, you're never even going to be able to get off the starting blocks if you don't know with whom you are dealing - one of the primary reasons for the requirement.

So when a registered payment services provider is involved, you'd think they ensure compliance, wouldn't you? Nope.  According to GoCardless Limited, it doesn't even send these messages out (which is easily disproved by a cursory examination of the SMTP message headers in the e-mail) and legal compliance is the responsibility of its clients, not GoCardless Limited, whose own web site and business communications are indeed fully compliant.

All that has come as somewhat of a shock to many of their clients, quite a few of whom are completely unaware of the requirement, even though one might assume that the service provider also provides guidance and assistance to its clients as part of the service, and GoCardless Limited will also shortly be referred under the Payment Services Regulations 2017 to the Payment Systems Regulator, a little-known organisation officially created under the Financial Services (Banking Reform) Act 2013 that since 2015 has been responsible for ensuring that payments systems are operated and developed in the interests of the people and businesses that use them.  However, public sector organisations are under-funded and overworked so don't hold your breath for a result any time soon.  In the meantime, unless a business is operated by a named "sole trader", you should be looking on the web site, letter, or e-mail for at least the following:

• the company's registered name, including (except in the case of a limited company exempt from the obligation to use the word “limited” as part of its registered name under section 60 of the Companies Act 2006), the fact that it is a limited company;
• the company's registered number;
• the part of the United Kingdom in which the company is registered; and
• the address of the company's registered office.

Where a business is registered with HMRC for VAT purposes, its web site should also display the VAT number, which can be checked as genuine or otherwise using (for example) the VIES VAT number validation service.

Ironically, the following are included by GoCardless as "restricted activities" in relation to its services:

        Using or attempting to use (or if you are a Partner, permitting any other person to use) GoCardless in any way or in connection with any activity which:

• is fraudulent or unlawful;
• misrepresents your identity or gives the impression that you are associated or affiliated with a third party if this is not the case;
• breaches any applicable local, national or international law or regulation (including, but not limited to, using GoCardless in connection with the supply of goods or services that breach any such law or regulation);
• could reasonably be considered harmful, false, misleading, unlawful, obscene, defamatory, libelous, threatening, pornographic, harassing or hateful;
• (etc.)

But the omission of information required by law as a consumer protection measure would seem to contravene ALL of these!  And it appears that no-one is responsible for the enforcement of these Regulations - not Trading Standards, not Companies House, not the Financial Conduct Authority... is it any wonder that online fraud is worth tens of millions of pounds per year?  Not long ago I had trouble getting a VAT receipt for the purchase of a brand new iPad on Amazon... research revealed that the company identified as the "seller" had in fact been dissolved some years prior, but luckily I had paid by credit card so the purchase was protected by Section 75 of the Consumer Credit Act 1974.  In the circumstances, the iPad was effectively worthless as Apple wouldn't honour any warranty, so I was repaid the cost in full by the credit card company.  This sort of thing is the reason why the law requires traders to be properly identified, so do your homework before parting with your money.

Ectophile

I pay my gas, water and electricity to three different companies, all by direct debit.  And I have never received any emails from GoCardless.

SevenOfNine

2 monthly DDs, nothing from GoCardless. Same with my mother, nothing!

oldagetraveller1

"will probably have received an e-mail from a company called GoCardless Limited, "

No, and never heard of them!

However, if the first post is a genuine warning, then thanks for the heads up.

GraceCourt

Thanks for the follow-up posts.

Whilst (obviously!) I don't know which utility companies, etc., that the posters have signed up with, they very probably HAVE received e-mails from GoCardless Limited - the whole point is that, because the messages that they send out on behalf of their clients don't comply with the Companies Act 2006, you don't know that it was this company that sent them!  As an update, after initially denying that they send these messages, they now admit that they send them, but now state that they comply because they include a link to where the information is shown on-line.  Of course, even if they do (and the ones I have don't!),  that doesn't comply with the legal requirements of the Companies Act 2006, because a link displays dynamic content, not static content, so a message sent in the past won't display details of the legal entity as it was at the time of sending, it will only display details as they are recorded at the time of look-up.  So... non-compliant, and therefore GoCardless Limited and its directors are committing a criminal offence every time one of these non-compliant e-mails is sent!

jonesMUFCforever

So what exactly is your point?
Have you lost out because of this at all?

forgotmyname

Which utility company?  Same as the others never received anything from that company.

GraceCourt

jonesMUFCforever said:

So what exactly is your point?
Have you lost out because of this at all?

The point is that if you don't know the identity of a trader, it's too late to do anything about it when you need to enforce your consumer rights.

That's why Part 6 of the legislation sets out the information required:

- the registered name of the company;

- the registered office address of the company;

- the registered number of the company; and

- the part of the UK in which the company is registered.

See my post here about Shell Energy Retail Limited and its failure to comply with Part 6 in its e-mails.

GraceCourt

Ectophile said:

I pay my gas, water and electricity to three different companies, all by direct debit.  And I have never received any emails from GoCardless.

I'm guessing - because of the rules requiring certain information about Direct Debits to be communicated to the account holder - that you have received e-mails from GoCardless Limited but because they don't comply with Part 6, you thought they were from the companies to whom the payments were going.

sheramber

I pay by DD but have never received any emails about them , whether from the company or GoCardless or anybody else.

RichardD1970

Having done a search of all my old email (going back years) the only one I get regular emails about is Bought By Many pet insurance. I get a monthly email with the amount and date of withdraw and the account it is drawn on.
In the small print at the bottom it does say,

 "Payments provided by GoCardless. Read the updated GoCardless Privacy Notice to learn more about how they use personal data."

with the link leading to this; https://gocardless.com/privacy  

Nothing from any of the numerous other energy/utility companies I have used.