Technosis - finance software
Logo of Technosis AG

Verification of Payee (VoP)

The "Verification of Payee" (VoP) procedure is a new security measure in the SEPA payment area that aims to reduce the risk of fraud and payment errors.

From October 5, 2025, all payment service providers will be obliged to verify the identity of the payee before executing SEPA credit transfers and instant payments. The introduction of VoP is part of the implementation of the EU Regulation on Instant Payments, which promotes the real-time processing of payments.

Important aspects of the VoP procedure:
  • Obligation to participate: All payment service providers in the SEPA area must have implemented a VoP solution by October 5, 2025.
  • Scope of the application: The VoP check is mandatory for all SEPA credit transfers and instant payments, if they are individual transactions.
  • Execution of the check: Before a payment is executed, data is sent to the recipient bank. The check is carried out there and a log is generated which is sent back to the ordering bank.
  • Liability regulation: In the event of incorrect payments resulting from a lack of a VoP check, liability can be transferred from the payer to the payer's payment service provider. However, it is not yet clear how the banks will position themselves here.
  • Opt-in verification of the transaction(s)
  • Opt-out no check

Over the past few weeks, we have examined the topic in detail and obtained information from the banks regarding implementation. It emerged that there are still many unanswered questions with regard to procedural implementation. On 14 March 2025, the DK provided further details. Unfortunately, we do not see any improvement.

Below are the key facts about the VoP

The start date for the VoP process is October 5, 2025.

SEPA and Instant Payment collectors with more than one transfer can be sent using the 'opt-out procedure' without verification (name, IBAN comparison).

Collectors with only one transaction will always be "opt-in".

If a payee is checked negatively, the payment is provided by the ordering bank as a CEU and must be signed again. It has not yet been clarified whether the bank will provide the complete collector or only the rejected payments. Furthermore, it is not yet clear what will be provided by the bank for rejected payments and how.

If an individual transfer has been sent with "opt-out", the ordering bank can now decide (in the words of the payment service provider) whether this transaction should be rejected immediately or whether it should be accepted. If the PSP accepts the transfer, the "opt-in" process must still be carried out afterwards. A request is sent to the recipient bank and they wait for the verification protocol. The transaction is then forwarded to the VEU, where the necessary electronic signatures must be provided again. We assume that not all banks will act in the same way with the change described.

What to consider from our point of view

For most corporates, EBICS is the communication channel with the banks. The implementation of the "opt-in" functionality in the EBICS clients takes place via new order types. CCT/CIP are those that can already be used and are to be used in future for 'opt-out' files, which are then not checked. CTV/CIV are new and relevant for "opt-in". We would like to explicitly point out that all programs used, whether TMS or banking software, must be updated by October 5, 2025. According to the information available to us, the new order types will not be activated until the deadline. This means that there will probably be no test scenarios for customers.

The procedure for using Corporate Seal has also not been clarified. The software used is currently responsible for ensuring that two authorized persons release the payment files when the dual control principle is specified. The EBICS ID with an e-authorization is then used for the release on the bank computer. With VEU, the EBICS host is the active party. So when the first authorized party carries out its release, the EBICS subscriber with the e-authorization is used. This completes the release. A second authorized party is no longer necessary.

The activation of a VEU module on the software provider side and the corresponding authorization on the bank's EBICS host must also be guaranteed. In addition, administration is required, as various settings usually have to be made.

If the amount limit for instant payments of EUR 100,000 per transaction falls with the start date of October 5, 2025, there will be a rethink in Treasury. For urgent SEPA credit transfers, on the other hand, the standard fee is EUR 2.56 per transaction. Instant payments, on the other hand, are on a par with normal SEPA credit transfers in terms of costs. From today's perspective, account clearing with instant payments would therefore only be logical. However, this must be considered separately, as the money is available in the recipient accounts as soon as it is received, and it is entirely conceivable that a clearing cycle could take place several times a day. However, it must be made clear once again that the requirement that individual transactions are always "opt-in" means that the release process for transfers must be run through twice for instant payments. At this point, we consider the extent to which the ATAQ-created collectors can always contain more than one payment.

Our conclusion:

The process for outgoing payment transactions, SEPA transfers, must be completely rethought for corporates. The treasury departments in particular should address this issue in the coming weeks. We also see a need for action on the part of those responsible for EBICS administration. The topic of VEU, Distributed Electronic Signature, is currently present in very few corporates. However, from today's perspective, it will be essential if action is to be taken in accordance with the requirements.

Learn more about

angle_right Solutions
angle_right News
angle_right Company
angle_right Career
angle_right Customers
angle_right Contact
  • +49 40 2190 897-0

© 2025 Technosis AG