Verification of Payee (VoP): How can the response quality of VoP requests be improved?

Verification of Payee(VoP)

From October 5, 2025, Verification of Payee (VoP) will also be introduced for both real-time payments and SEPA payments as part of the instant payment regulation. As a private individual, you will mostly use this service in your own bank’s banking app. After entering the recipient’s name and IBAN, the VoP request is sent to the recipient’s bank in the background. After a few seconds, the app displays whether the recipient name stored at the recipient bank

• matches the information in the payment in the app completely (Match)
• is spelled almost correctly and how it should be spelled correctly (Close Match)
• has no similarity (No Match) or
• cannot be queried (because the account does not exist at the recipient bank, it is not a payment account, or the bank is temporarily or generally unavailable for VoP queries) (Not Applicable)

Except in the first case – Match – the payer is shown drastic risk information. A pop-up will show the following information:

If the payer has copied the data from an invoice or created the payment using a QR code, they are probably now unsure: “Why doesn’t the recipient’s name match? Have I fallen for a fraudster or a forged invoice?”

The important thing is that the payment can still be made, although the liability for an incorrect transfer lies with the customer. The amount of money is credited to the specified IBAN, regardless of the recipient’s name, as banks do not check the name when crediting the recipient’s account. This is precisely why Verification of Payee is so important: the payer can check whether the recipient is the correct one before releasing the payment.

Why does VoP make sense?

The following fraud scenario could serve as a deterrent example: A hacker hacks into the website of “Kaffeemaschinen Müller GmbH” and asks buyers to make a down payment for an order. However, the IBAN given does not belong to Kaffeemaschinen Müller, but to the malicious hacker.

The bona fide payer would therefore not receive a VoP match with “Kaffeemaschinen Müller GmbH”, as the bank account is held at the recipient bank under the name of the account holder.

The payer should be careful here and, if necessary, investigate why this is the case or not make the payment. The presentation so far has focused exclusively on the payer’s perspective. Now we are changing sides and looking at the issue from the perspective of the payee.

VoP passive: How does a bank answer verification-of-payee requests from others?

A payee should also think about the VoP name. Private individuals can relax here: Banks have reliable mechanisms for processing first and last names as well as joint accounts. The VoP systems are able to correctly process different name constellations – such as first name/surname, surname/first name, surnames only or even initials of the first name – and should therefore deliver a high number of “match” results.

The situation is different for corporate customers. The VoP check ignores the legal form (AG, GmbH etc.) when comparing the recipient’s name from the transfer and the data on how the recipient is stored at the bank, converts everything to lowercase letters, replaces diacritical characters with the corresponding letter combination (é -> e), converts ä, ö, ü to the two-letter version (ae, oe, ue), converts special characters to spaces and converts double spaces to a single space. And only then is a comparison made.

But otherwise the company name must be correct and complete. Otherwise, there is a “no match” as a VoP response and the potential payer receives the risk message shown above in the app or banking application and is unsettled. The banks use the official company name from the commercial register as the account name, no matter how unwieldy it may be. The following examples illustrate this.

What can you do yourself in preparation for VoP?

In order not to confuse payers – as described above – invoice issuers should take the following points into account:

• The name shown on the invoice should correspond exactly to the commercial register name.
• Any enclosed remittance forms should show the correct recipient name.
• Any printed QR code should also correctly display the recipient’s name.
• In order to analyze the quality of the recipient names of incoming payments in advance, corporates that already receive camt.053 can analyze the field <TxDtls>/<RltdPties>/<Cdtr>/<Pty>/<Nm> and check how differently it is spelled and, if necessary, define aliases for the top 10. Banks can take these into account in the VoP check if necessary and thus reduce the no-match rate.

However, there are also constellations in which the commercial register name cannot be used or is not commonly used.

What is an alias?

“Brillen.de” is not the company name entered in the commercial register; the official name is “SuperVista AG”. However, the name “Brillen.de” is clearly visible on the invoice.

Other examples of the sensible use of an alias could be common abbreviations: Volkswagen/VW or Allgemeiner Deutscher Automobil Club/ADAC.

The solution for these cases is the use of an alias name (in English regulation the word “tradename” is used for this). This alias must be agreed between the bank and the account holder and can then be checked during the VoP check as an alternative to the official company name. The best result is reported back during the VoP check. If a “close match” is determined for the name and a “match” for the alias, this is returned as a “match”.

For accounts with the above constellation, the customer should speak to their bank about whether one or more aliases can be set up. An alias can also be very useful after name changes and the resulting name change in the account, at least for a transitional period.

Next steps

VoP goes into production on October 5, 2025, with a big-bang approach. From this date, private individuals will be forced to use VoP. If the deviations are too large, the depositor will be shown the risk warning shown above. This should be avoided. To get an idea of the VoP quality of your own account in advance, you could ask your bank to analyze the data. The house bank could analyze the incoming money to this IBAN over a certain period of time and list how often which recipient name was used. Based on this list, the alias names could be created and thus achieve a higher hit rate.

But corporate customers themselves can also contribute to a higher VoP hit rate: they should check the names listed on the invoices, including the details on transfer forms and QR codes, to see whether they match the data stored at the bank. And if the name entered in the commercial register is not clearly recognizable on the invoice, the corporate customer should request one or more alias names from their bank.