Verification of Payee (VOP)

Overview

Verification of Payee (VoP) is a real-time verification service that confirms whether a provided name or company identifier matches the actual bank account holder of a given IBAN. By validating beneficiary identity before payment execution, VoP helps prevent fraud, reduce payment errors, and build trust in financial transactions.

Want to explore the API right away? But don't skip the rest of this guide that contains important information. No TL;DR is accepted! 😉

Key Benefits

Prevent fraud and misdirected payments before they occur Reduce operational costs by eliminating manual document collection and verification Increase trust and transparency in financial transactions Automate IBAN verification within your existing workflows Improve payment success rates and reduce exception handling Ensure regulatory compliance with the EU Instant Payments Regulation (when applicable)

Regulatory Context

As of October 9, 2025, VoP verification becomes mandatory for regulated entities (banks and payment institutions) under the EU Instant Payment Regulation. However, VoP's value extends beyond compliance—it's a powerful risk mitigation and automation tool for any organization handling payments, onboarding processes, or sensitive financial flows.

How It Works

Verification Process

Request: Your system calls our VoP REST API with:
- Payee's name OR an identifier (e.g., VAT number)
- IBAN to verify
Routing: we call our supplier who route the request to the relevant financial institution via the Routing & Verification Mechanism (RVM)
Verification: the IBAN-issuing financial institution performs the verification
Response: you receive one of four possible results:
- MATCH - Perfect match found
- CLOSE_MATCH - Near match found (minor differences)
- NO_MATCH - No match found
- NO_AP - Verification not applicable/available

Each response includes:

Our unique internal id of the request for tracking/support
The remote id of our supplier
Timestamp header for audit trails/support
Bank name and BIC of the verifying institution

Integration points

VoP can be integrated at various stages of your payment lifecycle:

During Onboarding or Data Capture

Validate account ownership immediately when customers, suppliers, or beneficiaries provide their IBAN. This prevents incorrect or fraudulent data from entering your systems.

Before Payment Initiation

Execute a final verification before releasing funds, especially critical for:

High-value payments
Bulk payment runs
Updates to existing beneficiary details

As a Regulatory Control Layer

Regulated entities: Automatic execution before instant payments
Non-regulated entities: Voluntary adoption of bank-grade verification standards

Within Automated Decision Flows

Build intelligent workflows based on VoP responses:

MATCH → Proceed automatically
CLOSE_MATCH → Request confirmation or apply internal rules
NO_MATCH → Block payment or trigger manual review

Use Cases

SEPA Direct Debit Mandate Verification

Verify in real-time that the provided IBAN belongs to the customer creating a SEPA mandate. The verification runs silently in the background without disrupting the user experience.

Customer and Supplier Onboarding

Confirm IBAN ownership during onboarding or when payment details are updated. This reduces fraud risk and avoids costly corrections later.

Beneficiary Verification for Payouts

Ensure IBANs belong to intended beneficiaries before executing:

Refunds
Payroll
Insurance claims
Loan disbursements
Compensation payments
Other allocations

Technical integration

This service is integrated in our Docker API. No need to connect to another API. You simply have to call the "/ob/vop" endpoint.

curl --location 'https://<your docker address>/ob/vop' \
--header 'X-Request-ID: 4408e740-e27d-4cf2-bc80-ef7a774dc704' \
--header 'Content-Type: application/json' \
--data '{
  "vop": {
    "iban": "BE12345678901234",
    "name": "John Doe"
  }
}'

Verification Methods

Name-Based Verification (Recommended)

Verify account ownership using the account holder's name.

Match example response

curl --location 'https://<your docker address>/ob/vop' \
--header 'X-Request-ID: 4408e740-e27d-4cf2-bc80-ef7a774dc704' \
--header 'Content-Type: application/json' \
--data '{
  "vop": {
    "iban": "BE12345678901234",
    "name": "John Doe"
  }
  }'

Response

{
    "id": "12345678-a78c-4df9-8166-019c08c3f312",
    "remoteId": "12345678-ee40-4e6d-ba15-f7f843256fdb",
    "vopResult": {
        "vopMatchResult": {
            "result": "MATCH"
        },
        "bankAccountHolder": {
            "name": "John Doe",
            "identifier": null
        },
        "bank": {
            "bic": "GEBABEBB",
            "name": "BNP Paribas Fortis"
        }
    }
}

Close match response

curl --location 'https://<your docker address>/ob/vop' \
--header 'X-Request-ID: 4408e740-e27d-4cf2-bc80-ef7a774dc704' \
--header 'Content-Type: application/json' \
--data '{
  "vop": {
    "iban": "BE12345678901234",
    "name": "Jon Doe"
  }
  }'

Response

{
    "id": "12345678-a78c-4df9-8166-019c08c3f312",
    "remoteId": "12345678-ee40-4e6d-ba15-f7f843256fdb",
    "vopResult": {
        "vopMatchResult": {
            "result": "CLOSE_MATCH"
        },
        "bankAccountHolder": {
            "name": "John Doe",
            "identifier": null
        },
        "bank": {
            "bic": "GEBABEBB",
            "name": "BNP Paribas Fortis"
        }
    }
}

No match response

curl --location 'https://<your docker address>/ob/vop' \
--header 'X-Request-ID: 4408e740-e27d-4cf2-bc80-ef7a774dc704' \
--header 'Content-Type: application/json' \
--data '{
  "vop": {
    "iban": "BE12345678901234",
    "name": "Jane Doe"
  }
  }'

Response

{
    "id": "12345678-a78c-4df9-8166-019c08c3f312",
    "remoteId": "12345678-ee40-4e6d-ba15-f7f843256fdb",
     "vopResult": {
        "vopMatchResult": {
            "result": "NO_MATCH"
        },
        "bankAccountHolder": null,
        "bank": {
            "bic": "GEBABEBB",
            "name": "BNP Paribas Fortis"
        }
    }
}

Identifier-Based Verification

🚧
Identifier-based verification shows varying results and consistency across different banks. We recommend using name-based verification when possible.

Verify account ownership using standardized identifiers.

Supported Identifier Types

Type	Description	Example
LEI	Legal Entity Identifier	9845000A44AB9CA60605
BIC	Bank Identifier Code	DIGEBEB2
TXID	Tax Identification Number (VAT)	BE0630675588
CINC	Certificate of Incorporation Number	Company registration number
DUNS	Data Universal Numbering System	D-U-N-S number
SREN	SIREN (France)	French business ID
SRET	SIRET (France)	French establishment ID

View all supported identifier types

Verification Example (VAT)

curl --location 'https://docker.bankingsdk.com/ob/vop' \
--header 'X-Request-ID: b5db3df5-88b1-4467-b261-752ffcd3df3a' \
--header 'X-GwRoute: preprod' \
--header 'Content-Type: application/json' \
--data '{
  "vop": {
    "iban": "BE03130000000184",
    "identifier": {
      "type": "TXID",
      "value": "BE0630675588"
    }
  }
}'

Response

{
    "id": "12345678-a78c-4df9-8166-019c08c3f312",
    "remoteId": "12345678-ee40-4e6d-ba15-f7f843256fdb",
     "vopResult": {
        "vopMatchResult": {
            "result": "MATCH"
        },
        "bankAccountHolder": {
            "name": null,
            "identifier": {
                "type": "TXID",
                "value": "BE0630675588"
            }
        },
        "bank": {
            "bic": "DIGEBEB2",
            "name": "DIGITEAL SA"
        }
    }
}

Response codes

Result	Description	Recommended action
MATCH	Perfect match between provided data and account holder	Proceed with payment
CLOSE_MATCH	Minor differences detected (e.g., missing suffix, typos)	Review differences or request confirmation
NO_MATCH	Significant mismatch	Block payment or require manual verification
NO_AP	Verification not available for this account	Apply alternative verification methods
ERROR	Technical or processing error	Retry or contact support

Error handling

If an error happens, be sure to save the information to share it with our support.

🚧
In any case, please save the headers to be able to go to support with it:
Date: Thu, 29 Jan 2026 08:39:37 GMT X-Request-ID: 496437e1-698a-4493-8fef-947301ef5cd4 X-BSDK-VERSION: 4.0.60.0 X-Operation-ID: d238bc62e04a1495c355b8bb2341c0b6,preprod;rev=1,info02:False X-GWAPI-VERSION: 4.0.60.0 X-Correlation-ID: 6edad987-f7fd-4398-b33b-019c08e87677,preprod;rev=1

Note that the X-Request-ID is the one you sent us.

Validation error

{
    "exceptionType": "ValidationException",
    "message": "{\"Property\":\"Vop.Iban\",\"Message\":\"The Iban field is required.\"}",
    "userContext": null,
    "log": null,
    "innerException": null,
    "statusCode": null,
    "callId": null,
    "sdkStatus": null,
    "innerMostMessage": null,
    "innerMostErrorType": null,
    "referenceId": null
}

Error coming from the supplier

{
    "exceptionType": "GatewayException",
    "message": "THE MESSAGE OF THE SUPPLIER",
    "userContext": null,
    "log": null,
    "innerException": null,
    "statusCode": null,
    "callId": "12345678-a78c-4df9-8166-019c08c3f312",
    "sdkStatus": null,
    "innerMostMessage": null,
    "innerMostErrorType": null,
    "referenceId": null
}

TppContext

Here also you can add the TPP Context in all the calls. They will be saved in our storage. You can find explanation of it in this article.

curl --location 'https://<your docker address>/ob/vop' \
--header 'X-Request-ID: 4408e740-e27d-4cf2-bc80-ef7a774dc704' \
--header 'Content-Type: application/json' \
--data '{
  "tppContext": {
    "tppId": "xx",
    "app": "xx",
    "flow": "xx",
    "transaction": "xx",
    "unit": "xx"
  },
  "vop": {
    "iban": "BE12345678901234",
    "name": "John Doe"
  }
}'