Rent collection that runs itself — from mandate to landlord, end to end
agentOS Direct Debit automates the full BACS lifecycle: mandate setup, fund collection, clawback protection, and automatic forwarding to your client account. Built exclusively for UK letting agents.
From tenant invite to funds in your client account
Send a mandate invite
From your dashboard, enter the tenant's details, set the amount, frequency, and collection day. The tenant receives a unique, time-limited link to a guided multi-step form — no account required on their end.
Tenant completes the mandate form
The tenant supplies their bank details, accepts the Direct Debit Guarantee, records a short video verification, and completes identity checks — all in one guided flow. Bank account numbers are modulus-checked in real time. The form shows exactly when money will leave their account and when you'll receive it.
BACS collection runs automatically
On the scheduled collection date, the service submits to Modulr via BACS. Funds are swept into a secure Griffin holding account and held for a configurable period to protect against clawbacks before being forwarded to your client account.
Monitor everything from your dashboard
Track active mandates, upcoming collections, reserve health, and any alerts from a single dashboard. Failed collections trigger automatic retries per BACS re-presentation rules. Every fund movement is logged to a full audit trail.
92 shipped capabilities — here are the ones that matter most
Guided Tenant Mandate Form
A public-facing, token-gated multi-step form walks tenants through personal info, DD T&Cs, bank details, video verification, and ID checks. Partial progress is saved at each step so nothing is lost on reload.
Video & Identity Verification
Tenants record a short in-browser video stating their name, amount, and property — stored as fraud evidence. A third-party ID verification provider confirms identity before the mandate is registered.
UK Bank Account Modulus Checking
Sort code and account number combinations are validated using the Vocalink modulus algorithm — client-side and server-side — before AUDDIS submission, reducing failed mandate registrations.
BACS Working Day Engine
Correct collection dates every time. The engine skips UK bank holidays and weekends, handles month-end edge cases (31st in April, Feb 29 mandates), and shows tenants two key dates: when funds leave and when you receive them.
Clawback Reserve Protection
A configurable reserve is held in your Griffin holding account — calculated as the higher of a minimum threshold or a risk-factor percentage of outstanding collections. Funds are only forwarded once the reserve is satisfied.
Threshold Alert Engine
Configurable alerts fire when mandate creation rate, daily/weekly collection amounts, or clawback reserve levels breach set thresholds. Alerts are sent by email and surface in the dashboard until acknowledged.
Automatic Collection Retries
Failed collections follow BACS re-presentation rules: a second attempt is made after 5 working days. After two failures the mandate is flagged and downstream systems are notified via the gatekeeping API.
Reporting & Reconciliation Exports
Collection success rates, clawback history, mandate activity, and forward reconciliation reports — all filterable by date range and exportable to CSV. Designed to drop straight into accounting software.
AES-256-GCM Encryption at Rest
Bank account numbers, sort codes, and all tenant PII fields are encrypted at rest using AES-256-GCM with KMS-managed keys. Plaintext is never returned to the UI. Masked values are stored separately for display.
API-First, Scoped Access
Every capability is accessible via API key with fine-grained scopes: mandates:read/write, collections:read, alerts:read/write, reports:read. agentOS and any other consumer integrate without a user session.
Outbound Webhook Events
Subscribe to real-time events across the full lifecycle: mandate.active, collection.collected, collection.failed, funds.forwarded, alert.raised, and more. Configure which events you want per integration.
Full Audit Trail
Every DD financial action — mandate state change, collection submission, fund sweep, forward payment, clawback event — is logged with actor, resource, amount, and timestamp. Accessible via the activity dashboard and API.
Secure by design, compliant by default
Every layer of the fund flow is protected — from the mandate form to your client account.
Encryption at every layer
Bank details and all tenant PII are encrypted at rest with AES-256-GCM. Decryption only occurs inside the BACS submission job — never exposed to the UI or API responses.
BACS Direct Debit Guarantee compliant
The full DD Guarantee is presented and accepted at mandate creation. Advance notice of amount changes is enforced. Clawback handling follows the BACS re-presentation and reversal rules.
7-year data retention with FCA alignment
An automated archival job enforces configurable retention periods (default 7 years). Bank details are redacted from archived records while the audit metadata is preserved. Webhook payloads purge after 90 days.
Signed webhooks & scoped API keys
All inbound webhooks from Modulr and Griffin are verified with HMAC signature checks before processing. Outbound API access is gated by scoped keys — no scope, no access.
Built for regulated environments
Compliance controls baked into the product, not bolted on after.