Buy Now, Pay Later Providers In The UK: Legal Tips For SMEs

Offering Buy Now, Pay Later (BNPL) at checkout can lift conversion rates and average order values. It’s convenient for customers and can help you compete with bigger retailers.

But there’s more to BNPL than flicking a switch in your e‑commerce platform. The moment you introduce a third-party finance product into your sales flow, you’re dealing with consumer credit rules, financial promotions, data protection, refund logistics, complaints handling and a new set of contract risks.

In this guide, we’ll break down how BNPL providers work from a UK small business perspective, your main legal obligations, and the key terms to negotiate so you’re protected from day one.

What Is BNPL And How Do BNPL Providers Work With Merchants?

BNPL lets customers split the cost of a purchase into instalments. Typically, a BNPL provider pays you (the merchant) up front or within a short settlement window, then collects repayments from your customer over time.

From your side, the relationship is governed by a merchant services agreement. You’ll usually pay a higher fee than standard card processing, in exchange for improved conversion and (in many models) the provider taking credit risk on the customer.

Key mechanics to understand:

• Commercial model: Some providers pay you the full amount less a fee; others pay in tranches tied to customer repayments.
• Risk allocation: In many “merchant-funded” models the BNPL provider assumes credit risk; however, chargebacks, fraud losses, and certain disputes may still fall on you depending on the fine print.
• Customer journey: Your customer will see BNPL messaging in your checkout, and may be redirected to the provider to onboard and get a credit decision.
• Refunds and returns: You’ll need a seamless process so refunds sync with repayment schedules and your cash is reconciled quickly.

Why it matters legally: once BNPL is in your checkout, your advertising, pre‑contract information, pricing display, surcharges, returns handling and data-sharing flows need to align with consumer law, financial promotions rules and UK GDPR.

Are BNPL Services Regulated In The UK, And What Does That Mean For You?

As at the time of writing, many short-term, interest‑free BNPL arrangements are exempt from full FCA consumer credit regulation. However, several important rules still bite in practice:

• Financial promotions must be fair, clear and not misleading. The Financial Conduct Authority (FCA) has taken an active interest in BNPL marketing, and unauthorised merchants must not communicate regulated financial promotions unless an authorised firm approves them. BNPL providers usually supply compliant assets and require you to follow strict brand guidelines.
• Consumer law still applies. The Consumer Rights Act 2015 and the Consumer Protection from Unfair Trading Regulations 2008 prohibit misleading or aggressive practices and unfair terms. If you sell online, the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013 require clear pre‑contract information and cancellation rights for eligible purchases. For online sales, it’s worth revisiting your E‑Commerce Terms And Conditions and your obligations under the distance selling laws.
• Advertising standards apply. BNPL messaging is also subject to the ASA/CAP Code, which expects prominent risk and cost disclosures (e.g. late fee implications) and avoids targeting vulnerable consumers irresponsibly.
• Data protection duties are non‑negotiable. You must have a lawful basis to share customer data with your BNPL provider, and you’ll need a clear Privacy Policy that explains this. If the provider processes data on your behalf (or vice versa), you’ll likely need a Data Processing Agreement or a data-sharing arrangement.

Regulatory positions evolve. The direction of travel is tighter oversight of BNPL promotions and customer outcomes. Build your processes so they would still work if rules tighten, rather than needing a scramble later.

What Legal Documents Should You Have In Place Before Adding BNPL?

Getting your documents right keeps your checkout clean and reduces disputes. At a minimum, we recommend the following.

1) Merchant Agreement With The BNPL Provider

This is your core contract. Look closely at:

• Fees and settlement: Per‑transaction fees, monthly minimums, reserve/holdback, and settlement timelines.
• Chargebacks and fraud: Who wears what risk, dispute workflows, evidence standards and time limits.
• Refunds and partial returns: When you refund, how and when are funds netted off; what happens to the provider’s fees; how partial returns are handled.
• Service levels and downtime: What happens if the BNPL widget is unavailable in peak trading?
• Promotion rules: How you can display the BNPL brand, mandatory disclosures, and approval of promotional copy.
• Data protection: Roles (controller/processor), cross‑border transfers, security obligations, and breach notification.
• Termination: Notice periods, immediate termination triggers and what happens to in‑flight transactions.

2) Customer-Facing Terms

Your site terms should set out your sales contract with the customer, and dovetail cleanly with the BNPL provider’s terms. Ensure your Terms of Sale or E‑Commerce Terms And Conditions cover pricing, delivery, returns, cancellations, and how refunds are processed when BNPL is used.

3) Privacy And Data Sharing

Explain in your Privacy Policy that you share certain data with the BNPL provider to assess eligibility and process the transaction, and link to the provider’s policy. Where personal data flows go both ways, a robust Data Processing Agreement or data-sharing terms should be in place.

4) Invoices, Receipts And Communications

If you issue invoices or receipts post‑checkout (for B2B customers or mixed audiences), make sure you meet UK invoicing rules, including mandatory details and timing. Our guide to UK invoice requirements sets out what to include. If payment later fails and you need to pursue the debt (outside the BNPL flow), have a consistent, lawful process for chasing overdue payments.

What Compliance Pitfalls Should UK Merchants Watch When Using BNPL?

There are a handful of recurring issues we see when SMEs plug in BNPL for the first time.

Financial Promotions In Your Checkout

Even if you’re not FCA‑authorised, certain BNPL promotions are regulated. Avoid phrases that downplay the nature of credit (e.g. “always interest‑free” if late fees apply) and ensure any eligibility limitations or costs are clear and prominent in the same journey. If your BNPL provider supplies pre‑approved assets, use them.

Pre-Contract Information And Distance Selling

For online sales to consumers, you must provide prescribed information before the contract is formed, including total price, delivery costs and cancellation rights. The BNPL option cannot obscure the final price or make the cancellation process harder. Revisit your flows against the distance selling rules, and ensure your Terms of Sale match what your checkout does in practice.

Returns And Refunds With Instalments

The Consumer Rights Act 2015 still governs your refund obligations (e.g. for faulty goods). Map out how a full or partial refund triggers adjustments to the customer’s BNPL plan and how quickly funds are returned. Customers should not be left paying instalments for a product they’ve returned.

Surcharges And Pricing Transparency

The UK bans surcharges for consumer card payments. While BNPL isn’t a card, pass‑through “BNPL fees” added at checkout can look like a surcharge and invite scrutiny. If you need to adjust pricing to recover costs, consider your overall pricing strategy and ensure changes are notified fairly and clearly. If you run subscription or repeat‑billing models alongside BNPL, keep an eye on price increase notification rules.

Data Minimisation And Security

Only share what’s necessary with your BNPL provider, and document the lawful basis (usually “performance of a contract” and/or “legitimate interests”). Update your Privacy Policy, cookie disclosures and consent mechanisms where BNPL widgets track user behaviour.

Vulnerable Customers And Affordability

Even where you’re not authorised, regulators expect responsible treatment of vulnerable customers. Choose providers with strong affordability checks and considerate collections practices, and ensure your customer service team can signpost support.

How To Choose A BNPL Provider: A Practical Due Diligence Checklist

Beyond the brand name and fee headline, dig into the details that will actually affect your day‑to‑day.

Commercial And Operational Fit

• Approval rates in your category and average order value limits.
• Settlement timing, reserves and cashflow impact.
• Fees (per‑transaction, monthly minimums, dispute fees).
• Support hours, account management and UK‑specific coverage.
• Technical integration, sandbox availability and checkout UX.

Risk, Chargebacks And Disputes

• Who absorbs credit losses and fraudulent transactions, and under what conditions.
• Evidence requirements and timelines for merchant‑initiated disputes.
• Return and partial refund handling, including whether provider fees are refunded.

Compliance And Brand Safety

• Financial promotions approval process for your marketing.
• Affordability checks and treatment of vulnerable consumers.
• Complaints handling SLAs and ombudsman escalation where relevant.
• Data protection compliance, UK hosting options and transfer safeguards.

Data And Contracts

• Clear controller/processor roles; availability of a robust Data Processing Agreement or data‑sharing terms.
• Transparency about data used for underwriting and marketing.
• Exit provisions for data deletion/return at termination.

If your business occasionally needs to recover unpaid balances outside the BNPL flow (for example, add‑on services billed separately), have a compliant collections process and understand your options for outsourcing recovery or, in some cases, selling a debt to a collection agency.

How Should You Update Your Website, Policies And Processes?

Once you’ve picked a provider, align your paperwork and processes before you push BNPL live.

• Terms and policies: Update your E‑Commerce Terms And Conditions, returns policy and FAQs to explain how BNPL refunds and cancellations work.
• Privacy: Refresh your Privacy Policy and cookies disclosures to cover BNPL widgets and data sharing with the provider.
• Checkout flow: Make pricing, delivery charges and cancellation rights prominent and consistent with distance selling laws.
• Customer service: Train your team on BNPL FAQs, refund timelines and complaint escalation pathways.
• Accounting: Map settlement files to your ledger and document how to reconcile partial returns and fees.
• Incident response: Agree on breach notification and downtime comms with your BNPL provider.

If you also take traditional card payments, keep your card processing and BNPL terms aligned and consider a lightning‑fast fallback so customers can still pay if the BNPL widget goes down.

Key Takeaways

• BNPL can boost conversions, but it introduces consumer credit marketing rules, data protection duties and new operational risks for your business.
• Treat the merchant agreement as mission‑critical: negotiate fees, settlement, refunds, chargeback allocation, service levels, data protection and termination.
• Keep your customer contract watertight: up‑to‑date Terms of Sale or E‑Commerce Terms And Conditions should explain BNPL refunds, delivery, cancellations and liability in plain English.
• Your privacy framework matters: have a clear Privacy Policy and appropriate Data Processing Agreement or data‑sharing terms with the provider.
• Online sales must still meet consumer and distance selling requirements, and your BNPL promotions must be fair, clear and not misleading.
• Plan your back‑office: compliant invoicing, reconciliation of settlements and a lawful approach to chasing overdue payments keep cashflow healthy.

If you’re weighing up BNPL providers or want your contracts, website and privacy documentation reviewed before launch, our team can help you set this up properly. You can reach us at 08081347754 or team@sprintlaw.co.uk for a free, no‑obligations chat.