Register as a PISP with your ASPSP and obtain OAuth2 scopes including 'payments' and 'recurring-payments:sweeping'
POST /domestic-vrp-consents with ControlParameters specifying MaximumIndividualAmount, PeriodicLimits, ValidFromDateTime, ValidToDateTime, and CreditorAccount; attest in the request that the use case qualifies as sweeping (funds moving between accounts owned by the same PSU)
Redirect the PSU through the ASPSP's authorization endpoint; the ASPSP applies the 'Payment to Self' or 'Trusted Beneficiary' SCA exemption so only one strong authentication is required at mandate setup
Exchange the authorization code for a VRP consent access token; store the ConsentId and the token for reuse
Initiate each recurring payment by POST /domestic-vrp-payments with the ConsentId plus per-payment fields (InstructedAmount, DebtorAccount, CreditorAccount); no further PSU interaction is required while the mandate constraints are satisfied
Monitor the VRP consent status via GET /domestic-vrp-consents/{ConsentId} and refresh the mandate before ValidToDateTime expires to avoid payment failures
Known gotchas
Sweeping scope requires PISP attestation that both accounts belong to the same legal owner; the ASPSP may reject the exemption and demand per-payment SCA if this attestation is missing or unconvincing
ControlParameters.PeriodicLimits are enforced by the ASPSP and are not advisory — payments that breach a periodic limit will be rejected with a 422 without any SCA fallback
The SCA exemption applies only to subsequent payments, not to the initial mandate authorisation; always budget for a full SCA redirect on mandate creation
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp