Open search form Open menu
Search for an expert
Search
Financial Services
  • 21 Aug 2025
  • 7 min read

Verification of Payee requirements (VoP) under the EU’s Instant Payments Regulation (IPR)

Written by

Melissa Meußer

Dr. Michael Huertas

Co-author of the article is Julia Siebrecht

QuickTake 

From 9 October 2025, payment service providers (PSPs) in the EU will be required to offer payers a “Verification of Payee” (VoP) service prior to authorising a credit transfer. Payers who are not consumers may waive this VoP service but are allowed to opt back into provision of such service.

This VoP service obligation is part of the Instant Payments Regulation (IPR), adopted by the European Parliament and the Council on 13 March 2024 however the VoP requirement applies to all credit transfers and not just to instance credit transfers. In short, applying VoP aims to reduce fraud risks in payment transactions, enhance the security of SEPA credit transfers and strengthen consumer trust in instant payments. Where a payer authorises a credit transfer following it having been warned by the PSP of an incorrect unique identifier, the payer is liable for the transfer to an unintended recipient. The European Payments Council (EPC) has published a dedicated VoP Scheme RulebookAvailable hereShow Footnote,  which will enter into force on 5 October 2025 — just days ahead of the regulatory deadline. 

The IPR generally an the VoP principles specifically will not only reshape payments in the EU but equally require PSPs and others to update their policies, procedures and client-facing documentation as well user interfaces. This Client Alert explores the key issues arising from the VoP requirements and key implications for payments transactions in the EU. This Client Alert should be read together with our further Client Alerts on the IPR and payments generally as well as related thought leadership from PwC.  

Key issues

The EU’s IPRPlease see detailed timeline here.Show Footnote, was adopted by the European Parliament and the Council on 13 March 2024, seeks to expedite the implementation of instant payment systems across the EU. The IPR applies to all euro-dominated credit transfers within the EU and includes the following main requirements:

  • Mandatory Instant credit transfers (Art. 5a): PSPs offering euro credit transfers (SEPA Credit Transfers) must also provide instant credit transfers (SCT Inst), enabling customers to send and receive funds immediately.
  • Equality of charges (Art. 5b): Charges for instant credit transfers must not exceed those for standard credit transfers of the corresponding type.
  • VoP service (Art. 5c): PSPs must offer the payer a free service to verify the payee´s identity of the payee. This requirement applies to both standard and instant credit transfers.
  • Regular sanctions screening (Art. 5d): PSPs must check, at least daily, whether any of their payment service users are persons or entities subject to sanctions.
  • Implementation deadlines vary: Firms in the euro area must implement the VoP requirements by 9 October 2025. For firms outside the euro area, an extended implementation deadline of 9 July 2027, applies.

VoP service: purpose and functionality

VoP is an automated mechanism that compares the name of the intended payee with the corresponding IBAN. This extra step is intended to reduce the risk of fraud and prevent incorrect transfers. The result is based on a “traffic light” system with the following possible results: “match,” “close match,” “no match,” or “other” according to a “match criteria”. 

If there is a “close match” or “no match”, the payer can still initiate the payment. The obligation to conduct VoP checks applies not only to SEPA instant transfers, but also to all SEPA credit transfers within the EU/EEA that involve payment accounts. SEPA instant transfers or SEPA transfers to accounts that are not payment accounts (e.g. loan accounts, fixed-term deposit accounts or instant access savings accounts) or that are routed to recipient banks not (yet) subject to verification requirements (e.g., outside the EU/EEA or where the euro is not the national currency) are therefore not verified.

In accordance with Article 5b of the IPR, the VoP service must be offered free of charge to the payer. 

Supervisory guidance: BaFin FAQs

BaFin is one of the first EU national competent authorities that has published a list of frequently asked questions on the IPRBaFin FAQ available here.Show Footnote.  Key points raised by BaFin include:

  • VoP must be fully integrated into all customer channels, including online banking, mobile applications, and APIs.
  • The payer must receive the verification result before initiating the payment transaction.
  • Implementation of VoP solutions will generally require extensive testing and technical roll-outs but equally updating the client-facing general terms and conditions (T&Cs) and obtaining explicit customer consent.

Technical and organisational implementation considerations

Given the above, the following technical and organisational implementation considerations might arise for certain firms:

  • Real-time capability and performance: VoP responses must be delivered within seconds, even under high-volume scenarios such as bulk payments. Processes must be designed to ensure reliable, high-performance operation at all times. Real-time requirements place high demands on system performance, particularly in the context of sanctions screening as well as other functionality of existing payment and/or core banking systems.
  • Misclassification: Considerations on potential liability risks in the event of a “false match” or a “false no match,” including possible financial losses, customer disputes, and reputational damage. In this context, it is important to ensure that customer data is up-to-date and accurate in order to avoid misclassification.
  • Usability: End customers must be able to access query results quickly, understand them clearly, and take prompt corrective action. This requires concise, action-oriented guidance, as the absence of such guidance increases the risk of payments being cancelled or wrongly flagged as fraudulent, potentially leading to customer dissatisfaction and service-related complaints.


Additional use cases for small companies: onboarding and KYC validation services

During digital onboarding - for example, when opening bank accounts or signing contracts for services such as electricity, insurance or mobile phone contracts - an IBAN is often requested but typically not verified in real time. This creates a gap that may lead to failed payments, delayed service activation or even fraudulent activity through the misuse of another person’s account details. 
VoP can possibly close this gap by confirming in seconds whether the user genuinely owns the specified account and whether the account holder’s name matches the contractual partner. By integrating this step into the onboarding process, firms, in particular small(er) companies, may be able to strengthen fraud prevention, improve payment reliability and enhance the overall customer (onboarding) experience. 

EPC Directory Service (EDS)

The European Payments Council (EPC) has responded to these changes with the publication of the EPC VOP Scheme Rulebook and the EPC Directory Service (EDS), which the VoP scheme will rely upon. 

The EDS creates a centralised platform that stores essential information for secure identification, authorisation, reachability, and interoperability of EPC scheme participants. It includes identifiers like bank identifier code (BIC) and legal entity identifier (LEI) plus routing data. Participants can locally store EDS data to avoid bottlenecks. EDS is set to go live in early September 2025, ahead of the VoP procedure starting in October 2025. Key functions include data access via a web GUI or EDS APIs and downloading participant information.

Outlook

The introduction of payment recipient verification promises customers a safer and more trustworthy future for payment transactions. For PSPs, however, it may pose a number of challenges in changes to operations and documentation.

It remains to be seen what the full impact of VoP will be on everyday payment behaviour and what the first liability cases might look like. Will VoP deliver the hoped-for increase in security while also speeding up payment transactions, or will it ultimately prove to be a paper tiger if customers automatically approve payments? This is a question that the market as well as supervisors will likely need to address if VoP is to deliver on its stated aims. 

About us

PwC Legal is assisting a number of financial services firms and market participants in forward planning for changes stemming from relevant related developments. We have assembled a multi-disciplinary and multijurisdictional team of sector experts to support clients navigate challenges and seize opportunities as well as to proactively engage with their market stakeholders and regulators.

Moreover, we have developed a number of RegTech and SupTech tools for supervised firms, including PwC Legal’s Rule Scanner tool, backed by a trusted set of managed solutions from PwC Legal Business Solutions, allowing for horizon scanning and risk mapping of all legislative and regulatory developments as well as sanctions and fines from more than 2,500 legislative and regulatory policymakers and other industry voices in over 170 jurisdictions impacting financial services firms and their business.

Equally, in leveraging our Rule Scanner technology, we offer a further solution for clients to digitise financial services firms’ relevant internal policies and procedures, create a comprehensive documentation inventory with an established documentation hierarchy and embedded glossary that has version control over a defined backward plus forward looking timeline to be able to ensure changes in one policy are carried through over to other policy and procedure documents, critical path dependencies are mapped and legislative and regulatory developments are flagged where these may require actions to be taken in such policies and procedures.

The PwC Legal Team behind Rule Scanner are proud recipients of ALM Law.com’s coveted “2024 Disruptive Technology of the Year Award” and the “2025 Regulatory, Governance and Compliance Technology Award in 2025”.

If you would like to discuss any of the developments mentioned above, or how they may affect your business more generally, please contact any of our key contacts or PwC Legal’s RegCORE Team via de_regcore@pwc.com or our website.

Contact us

Melissa Meußer

Frankfurt am Main
Financial Services

Tel.  +49 69 95855555

Email  E-Mail

Show profile

Dr. Michael Huertas

Partner Frankfurt am Main
Financial Services

Tel.  +49 160 97375760

Email  E-Mail

Show profile

Other Expert Articles and Blogs

Antitrust, Public Procurement and State Aid Law
EU Commission launches in-depth investigation into ADNOC’s acquisition of Covestro under EU Foreign Subsidies Regulation
  • 15 Aug 2025
  • 8 min read
Data Protection and Cybersecurity
PwC Vietnam: New Personal Data Protection Law
  • 14 Aug 2025
  • 1 min read
Antitrust, Public Procurement and State Aid Law
The Role of Corporate Compliance Systems in Preventing Antitrust Violations
  • 07 Aug 2025
  • 8 min read
All Expert Articles and Blogs