| Verification of Payee (VoP): Key Takeaways |
|---|
| • VoP verifies account names before payments are processed. • It protects against APP fraud, where victims are tricked into sending money. • The scheme will be mandatory in the EU from October 2025 under the Instant Payment Regulation. • VoP has limitations because it does not confirm account existence or business legitimacy. • Businesses can achieve enhanced protection with Trustpair, which safeguards against vendor and invoice fraud. |
Verification of Payee (VoP) is a European scheme under the Instant Payment Regulation. It checks if the account name provided by the payer matches the records of the recipient’s bank. The goal is to fight payment fraud, especially Authorized Push Payment (APP) fraud, and reduce misdirected payments across the EU.
While VoP reduces fraud risks, it is not enough to fully protect businesses. Advanced solutions like Trustpair close the gaps and provide complete fraud prevention. Contact an expert to learn more!
What is Verification of Payee?
Verification of Payee (or VoP) is a European scheme to protect payment system users against fraud. It is part of the Instant Payment Regulation (IPR), released in parallel to the new PSD3.
The European Union’s goals are clear: to reduce fraud while developing new payment methods and open banking throughout the SEPA zone. It is a similar measure to the UK’s Confirmation of Payee (CoP).
While private pre-validation services (like SWIFT) already exist within Europe, this measure will make it general and mandatory for financial establishments.
Specifically, the VoP scheme is here to protect users against Authorized Push Payment Fraud (also called APP fraud).
In this scheme, a criminal impersonates someone the victim-to-be trusts (a bank clerk, a mobile phone company employee, etc.) and asks them to accept a push notification under a false motive. By doing so, the victim sends funds without realizing that the recipient isn’t who they said they were.
Instant payment systems and (most) wire transfers are instantaneous and irreversible so by the time the victim recognizes the fraud, it is usually too late.
With the rise of instant payment — and instant payment fraud — VoP has become a necessary protection against APP.
With VOP, service users will now be asked to provide the name of their recipient when sending a transaction. Their Payment Service Provider (bank or financial institution) will check this name to see if it matches the records of the receiving banking establishment.
This ensures the identity of the account holder is clear, reducing the risk of impersonation.
What is the verification of payee process?
The Verification Payee process is here to confirm the identity of the transfer’s recipient — the payee. Just like the Confirmation Payee regulation already implemented in the UK, VoP takes place before the money is sent.
The VoP involves several parties:
- Payer,
- Payer’s Payment Service Provider (PSP),
- Payee’s PSP, Payee.
Here is the VoP step-by-step process:
- The payer enters the payee’s account details (sort code and IBAN) and name.
- The payer’s PSP sends a request to the payee’s PSP to check the information matches.
- The Payee’s PSP checks their record.
- The payer’s PSP receives a response they communicate to their payer.
- The payer decides to proceed, correct, or cancel the transaction.
The whole process is quasi-instantaneous, taking between 1 and 3 seconds (the mandatory response time dictated by the VoP scheme). Because of this, VoP doesn’t go against instant payment methods.
There are 4 answers possible from the payee’s PSP to the payee:
- Match: the name given by the payer matches the payee’s.
- Close Match: the payee’s name is close to the one given (there is likely a typo in the name entered).
- No Match: the name given doesn’t match the one on record.
- Verification is impossible: checks haven’t been made.
This process applies to the name of the payment counterparty (the payee), and takes place for businesses and natural persons.
Learn more about VoP in our latest fraud flash series!
What is the VoP calendar?
The Verification of Payee (VoP) timeline is defined in the Instant Payment Regulation. All payment service providers (PSPs) must offer the VoP service to their customers by October 5, 2025.
The European Payments Council (EPC) set the following milestones in the official payee scheme rulebook:
February 2024: Three-month consultation on the draft VoP scheme rulebook.
March 2024: EU adoption of the VoP scheme under new EU regulations.
Mid-October 2024: Publication of the first rulebook for PSPs.
October 5, 2025: VoP becomes mandatory across all payment systems.
This gives EU banks about a year to integrate the VoP process into their platforms. It must be available across all channels: online, mobile, phone, and in-branch, with no additional charge for users.
VoP addresses both:
- SEPA instant and non-instant credit transfers.
- Individuals and businesses.
However, for companies handling cross-border payments, VoP alone may not be enough. Stronger VoP solutions are required, with robust verification mechanisms and real-time verification of account details. These safeguards help build customer trust and ensure compliance requirements are met.
Is Verification of Payee enough to stop fraud?
While VoP protects against APP fraud, it isn’t enough to completely stop fraud. VoP only checks the name on the account — it doesn’t check if the bank account exists, or if the recipient is a real company.
At Trustpair, we’re seeing an increase in vendor fraud which VoP and CoP are no match for. In this scheme, criminals impersonate suppliers (real or fake ones) to get companies to pay them.
This can look like:
- Hacking into your real supplier’s inbox and sending you an email requesting to change their bank account details for theirs. For example, they’ll state the company has changed their name, or they’ll have opened another account in the company’s name.
- Creating a company with a matching bank account, and sending invoices to your company to get paid for services or goods never delivered. This variation is called invoice fraud and often involves employees who leverage their knowledge of your processes. Companies like Facebook and Google fell victim to this scheme, costing them more than $100 million.
The only real solution against fraud? Using fraud prevention software like Trustpair.
How Trustpair goes further than VoP?
- Validates international bank account numbers (IBANs) and performs real-time verification across cross-border payments
- Provides seamless integration with ERPs, ensuring automation at scale
- Uses robust verification mechanisms to guarantee accurate verification before payment authorization
- Helps companies prevent fraud, reduce payment errors, and strengthen customer trust
- Meets strict compliance requirements with a proven track record of zero third-party fraud cases
Trustpair fills in the security gaps in your payment chain far more than VoP. We have access to otherwise hard-to-access databases to carry out international account validation of your suppliers in the EU, US, Asia, and across the World.
With fraud schemes becoming more and more elaborate, using anti-fraud software is the only serious protection against fraud. We’ve worked with 300+ companies worldwide, with zero accounts of third-party fraud.