Verification of Payee has arrived in Europe: 6 big lessons

The idea behind Verification of Payee (VoP) is simple: before a payment is sent, the sending bank checks whether the account name matches the IBAN.

If there’s a mismatch, the payer gets a warning. They can either proceed, amend, or stop the payment altogether.

The goal is to make instant payments not just faster but safer, reducing fraud, preventing mistakes, and restoring confidence in real-time transfers.

Now, VoP is mandatory for all SEPA (Single European Payments Area) Instant and regular SEPA credit transfers — a major change, and a real challenge for banks. But the transition hasn’t been easy.

We’ve been helping banks prepare, and we’ve learned a few things that you might find useful.

Here are our six biggest takeaways.

1. Bulk files are still a problem

Verification of Payee was originally designed for retail customers; a safeguard against both honest mistakes and fraud. 

But as per the European Instant Payments Regulation, VoP applies to corporate payments, too. 

The complication is that corporates process payments in bulk files for things like salaries or invoices. That means hundreds, if not thousands, of payments are sent at once. 

But what happens if 200 payments are typed incorrectly? How do you deal with so many “close match” responses at once? 

And how do you know if you’ve got the right details? 

There’s a lot for back-office teams to figure out, and it could cause ripples through the supply chain if payments are not sent. 

2. New process = new friction

The rules allow corporates to opt out of VoP for bulk files, but only if there’s more than one transaction in the file. If there’s just one, it must go through VoP. That means the same message is treated differently depending on whether it has one line or 100. 

This creates inconsistencies, adds friction, and forces corporates into two-way interactions they’ve never had before. 

Why? Well, for decades, back-office teams at businesses uploaded the payment file, sent it, and slept soundly knowing payroll or supplier payments would arrive the next day.  

But under VoP, corporates must now wait for responses, reconcile mismatches, and resubmit corrected files. 

Enterprise Resource Planning (ERP) systems make this even harder. They’re designed to automatically convert invoices into payment files and push them through in bulk. To comply with VoP, these same files must be “de-bulked” so that every transaction can be checked one by one through API calls.  

What was once a single, smooth process has become painfully fragmented. 

3. VoP creates two types of customer

To make life easier, corporates and PSPs can agree on an upfront rule. A supermarket chain, for example, might tell its bank: “Process everything regardless of the result.” Another might say: “Reject all no-matches automatically.” Once the agreement is in place, the PSP can act without going back to the corporate each time. 

This small change removes a major source of delay, especially for businesses sending thousands of payments at once. 

As a result, two broad patterns are emerging. Some corporates prefer pre-authorized bulk payments. Others prefer non-pre-authorized bulks. The former is a light touch. The latter adds friction but offers more control. 

 (Looking further ahead, APIs could enable real-time repair. A dedicated re-check endpoint would allow corporates to push a corrected name instantly, without resending the entire file. This would speed up exceptions and reduce the risk of missed cut-offs.)

4. Data quality really matters

And if your corporate customers don’t opt out. What then? 

The biggest operational risk is data. VoP does not connect to company registers (say, Infogreffe in France, Handelsregister in Germany, or Companies House in the UK). Nor does it connect to ERP vendor databases.  

It checks the payer’s input against the exact name string held by the bank. 

That means even minor deviations in account details — an abbreviation, a missing comma, or a misplaced accent — can tip the result from “match” to “close match” or “no match.” 

And getting this wrong can have big consequences. 

Let’s say you’re a business. You’re expecting €10 million in incoming invoice payments on a Friday. You need this money to pay your staff. But then you find €8 million has been held back because your company details did not align perfectly. Your cash flow evaporates instantly. Your staff don’t get paid. Your reputation is impacted. Not because your customers failed to pay, but because of small inconsistencies in stored data. 

So, educate your customers. Make sure they are aware of the exact information you hold on file. Punctuation, case, accents, and so on. All must be standardized and aligned with both the company’s legal entity name and trading names. 

Then, get them to update invoices and remittance advice to match (if needed). Register aliases and abbreviations if you can. 

Your corporate customers need real-time reporting of failed or held VoP payments. They’ll need configured dashboards to flag missing receipts quickly. Call-centre staff will need scripts to help payers correct the beneficiary names. Escalation paths should be in place for time-critical flows like payroll. 

Your corporate finance teams should forecast a dip in volumes and, if necessary, secure short-term liquidity lines to protect cash flow. 

Remember: you, the bank, hold your customers’ details. So it’s up to you to do this work. 

But also remember: some disruptions are inevitable. Especially early on. 

5. Everyone has work to do

Now that the deadline has passed, everyone has something to do. 

As a payment service provider, you should now have a basic service live across both SEPA Credit Transfers and SEPA Instant. That means running VoP checks on all consumer and corporate payments. And — crucially — deciding how they will handle bulk files when mismatches occur. You can’t leave your customers guessing.  

Your corporate customers, for their part, must pick a stance. Do they opt in or opt out of VoP checks by default? And does that choice vary by channel? When will they rely on “single-transaction bulk” files? For one-off trades? Or small payroll runs? You must agree with them on how these will be treated. Submitting files earlier than usual, even just one business day, can provide a margin of safety while processes are still bedding in. 

ERP and TMS (treasury management system) vendors have responsibilities, too. Even if they cannot roll out a full integration immediately, they should release patches that can capture and store the outcome codes returned by banks. That way, corporates at least have visibility into whether a payment passed VoP or not. Making these patches flexible enough to cope with proprietary file extensions will avoid headaches when each bank interprets the standard slightly differently. 

And regulators have a role as well. National supervisors should clarify how much tolerance they will allow — as BaFin has done in Germany. Schemes should publish FAQs to prevent divergent practices from emerging country by country. 

6. There’s more to do in 2026

Meeting the October deadline was the start. To make VoP sustainable, the industry faces a marathon of work through 2025 and 2026. 

The first priority will be a common mechanism for opting in or out.  

Today, corporates must navigate a patchwork of contractual addenda and portal choices. Tomorrow, there should be a single flag inside the pain.001 message or its API equivalent that makes the choice unambiguous across all PSPs. 

Bulk pre-validation services are also on the horizon. Instead of waiting until payments are due, corporates will be able to send creditor lists in advance and receive a “match,” “partial match,” or “no match” result along with a validity timestamp. Including that reference in later files would allow the system to skip repeat checks for a set period, perhaps 90 days. 

Single-transaction bulks need a harmonized solution too. Allowing national authorities to carve out their own exemptions risks fragmentation. A formal override flag, blessed at the European level, would give corporates the breathing room they need without undermining consistency. 

Another workstream is harmonized response codes. Today’s mismatch outcomes are messy. Extending ISO 20022 with VoP-specific qualifiers — and ensuring they appear identically in both camt.054 and pain.002 messages — would let corporates build one parser instead of many. 

ERP and TMS vendors will also need to step up. A “VoP-Ready” certification programme, run by the European Payments Council or EBA CLEARING, could provide assurance that vendors are capable of storing match results, triggering automated re-checks, and supporting the opt-in/opt-out logic per file or transaction. 

Finally, governance matters. Europe will need new KPIs, such as reducing unresolved partial matches below one percent after the first year. Publishing quarterly statistics would show whether VoP is striking the right balance between reducing fraud and avoiding unnecessary payment failures. 

Need some help?

Speak to RedCompass Labs.

October’s deadline was about survival — getting the minimum service live and giving corporates a reversible choice. The real value will only emerge once the industry agrees on common flags, introduces pre-validation, and harmonizes codes.

The best defense is preparation: clean your data, set clear rules, and communicate early. That is how VoP can deliver its promise. 

Editor’s note: These insights are based on our experience working with banks on Verification of Payee. If you have a different take, let us know by contacting us at [email protected].