October 2025 marks a turning point in the European payments landscape. The introduction of mandatory Verification of Payee (VOP) requirements under the EU’s Instant Payments Regulation is a regulatory milestone that shows a fundamental shift in how payment security, trust, and accountability are built into the digital economy.
As with any major regulatory step, VOP arrives as a response to the rapid evolution of online payments, an evolution that brings both opportunities and new layers of risk. For example, one of the biggest trends is the growth of account-to-account (A2A) payments. But this type of payments doesn’t have a chargeback option like card payments do. That means if money is sent to the wrong person, either by mistake or because of a scam, it’s very hard to recover.
At the same time, fraud has evolved. Across the EU, authorized push payment (APP) fraud, for example, continues to climb, with estimated losses reaching up to EUR 2.4 billion, a figure growing by as much as 25% since 2022, and likely underreported.
In this evolving landscape, VOP makes a real difference. This article explores what VOP is, how the scheme works, who it impacts, and what platforms, PSPs, and payment stakeholders need to know as the October 2025 deadline approaches.
VOP is a pre-payment verification that ensures a match between the name and IBAN of the intended payee before a payment is authorised. Put simply, it stops money from being sent to the wrong party, whether by mistake or due to fraud.
The European Payments Council (EPC) has created a dedicated VOP Scheme Rulebook, which sets a common technical and operational standard that all participating payment service providers (PSPs) must follow across the Single Euro Payments Area (SEPA). All players in the market can speak the same “language” when it comes to IBAN name checks, so the scheme defines how PSPs should exchange messages to verify whether the name and IBAN match for a payment.
All PSPs that participate in the SEPA Credit Transfer (SCT) or SEPA Instant Credit Transfer (SCT Inst) schemes must follow the VOP scheme.
The scheme also allows room for innovation. While the basic VOP check must follow standard rules, PSPs can also build Additional Optional Services (AOS) on top, for example, enriched fraud alerts, pre-validation tools, or custom notifications. These added-value services are not defined in the rulebook, giving providers the freedom to develop their own features and tailor their offering to customer needs.
The journey toward full VOP implementation is already well underway. The European Payments Council published the official VOP Scheme Rulebook in October 2024, giving the industry the technical foundation to build from. From March 2025, payment service providers were able to begin the formal adherence process.
Now, with the 9th of October 2025 deadline fast approaching, the focus shifts from planning to execution. PSPs must align with the compliance requirements but also with the broader opportunity to embed trust, transparency, and smarter verification directly into their user journeys.
VOP checks whether the name of the payee matches the IBAN owner in the payment order. The PSP of the payee performs this check using its own customer records.
VOP applies to credit transfers in euros, both instant and regular, when the payer’s and payee’s PSPs are both within SEPA.
If the payment channel (like a mobile app or online banking interface) doesn’t request both name and IBAN, the payer’s PSP must still find a way to give the payer a chance to validate the payee’s identity before the payment is authorised. They also need strong internal processes to ensure the information is correct.
Only businesses making batch payments can opt out, and only by agreement with their PSP. They can also opt back in later.
This is a critical aspect because the payer will base the decision to authorise the payment on the VOP response. The payer should receive clear, real-time, and accurate information from their PSP.
If the PSP of the payer fails to properly offer the VOP check or doesn’t inform the payer of the outcome, the liability falls squarely on them. In this case, the PSP must refund the payer in full and restore the payment account to its previous state.
On the other side, if the PSP of the payee gives incorrect or outdated information during the verification process, for example, providing the wrong account name, they are expected to compensate the payer’s PSP for any financial damage caused.
But responsibility doesn’t lie with providers alone. If a payer receives a response indicating either no match or a close match between the name and IBAN, and still decides to proceed with the payment, the payer will not be refunded by any of the PSPs involved in the VOP.
The VOP check happens before the payer authorizes the payment, so if details are correct, there should be no delay.
Even if your PSP is compliant, platforms that don’t prepare may face: