Why EU payment firms must act now on Verification of Payee requirements

The October 2025 Verification of Payee deadline poses major challenges but tackling them now can unlock long-term opportunity.

In brief

• Payment service providers must act swiftly to meet the EU's Verification of Payee deadline, ensuring enhanced security in payment transactions.
• Real-time checks and continuous service are vital for PSPs to build and maintain trust with their customers in the evolving payments landscape.
• With a large number of institutions facing the same deadline, proactive planning and integration are crucial for successful compliance and operational stability.

As the October 2025 deadline approaches, payment service providers (PSPs) across Europe face mounting pressure to comply with the European Union's Verification of Payee (VoP) requirements. This initiative, set forth by the European Payments Council (EPC), is not merely a regulatory obligation; it is essential for safeguarding operational integrity, fostering customer trust and maintaining a competitive edge in the rapidly evolving payments sector.

Drawing on our extensive experience with clients over the past year, we outline key insights and best practices for achieving timely VoP compliance. This proactive approach is vital not only for regulatory adherence but also for ensuring the robustness of payment operations in an increasingly complex landscape.

Understanding Verification of Payee (VoP)

VoP is a critical initiative aimed at enhancing the safety and reliability of payments within the Single Euro Payments Area (SEPA), including SEPA Instant Credit Transfers. It aligns with similar efforts in other regions, such as the UK's Confirmation of Payee (CoP), all of which are intended to strengthen the security of the global payments ecosystem.

Key VoP requirements for PSPs

All PSPs operating within the European Economic Area (EEA), including banks, payment institutions and electronic money institutions, are mandated to implement a VoP service by 9 October 2025. This requirement encompasses both SEPA Credit Transfers (SCT) and SEPA Instant Credit Transfers (SCT Inst).

EPC Verification of Payee scheme rulebook: Key insights

The EPC has established a comprehensive VoP regulations to standardize the implementation of these requirements across SEPA.

• Speed of verification: The rulebook stipulates that the entire VoP process — from sending a request to receiving a response — must be completed within five seconds, ideally within one second. This requirement aims to minimize friction in the payment process while ensuring security. Some PSPs may need to modernize their systems to comply with this timeframe.
  
  
• EPC Directory Service (EDS): The EDS serves as a centralized database crucial for VoP interoperability, storing essential data such as PSP identification and supported identifiers. All PSPs participating in SEPA SCT and SCT Inst schemes must register with the EDS and contribute funding for an initial three-year period starting in October 2025.
  
  
• Interoperability and standards: The VoP scheme employs API-based technology with ISO 20022 elements to facilitate consistent data exchange. PSPs must adhere to the EPC’s VoP API specifications, and those utilizing an RVM provider must ensure compliance with the EPC API Reference Toolbox.

Compliance timeline and strategic considerations

Approximately 3,000 banks and PSPs across the Eurozone must implement the VoP service by 9 October 2025. Unlike the phased rollout of the UK's CoP, all PSPs must be ready simultaneously, intensifying the urgency for compliance.

Key strategic actions for PSPs:

• Selecting a Routing and Verification Module (RVM): Many PSPs will depend on RVMs for routing and verification of VoP requests. With the EDS not available for testing until June 2025, swift identification and integration with a compliant RVM are essential.
  
  
• Aligning with the EPC VoP scheme: PSPs must ensure their systems are compatible with the EPC VoP scheme, including adopting the necessary APIs and maintaining 24/7 availability for VoP checks.
  
  
• Registering with the EDS: Mandatory registration with the EDS is essential for cross-border reachability and interoperability.
  
  
• Conducting industry testing: With EDS specifications still being finalized, PSPs must allocate time for rigorous industry testing to ensure compliance and system reliability.
  
  
• Integrating with IT infrastructure: Effective integration with existing IT infrastructure and customer channels is crucial for seamless delivery and minimizing client impact.
  
  
• Raising customer awareness: Educating customers about these upcoming changes is vital, as their experiences will evolve once VoP is implemented.

Looking ahead

The EU IPR and EPC VoP requirements represent a significant advancement toward safer, faster and more reliable cross-border payments. By mandating rigorous name and IBAN checks, leveraging the EDS and enforcing strict timelines, this initiative aims to reduce fraud, enhance user trust and support the growth of Europe’s digital economy.

However, the journey to October 2025 is likely to pose challenges for the more than 3,000 banks and PSPs involved. Strategic planning, early RVM selection, and proactive integration efforts will be critical to navigating this landscape successfully.

As we approach this pivotal milestone for the future of payments in Europe, we remain committed to supporting payment services providers in overcoming these challenges.

Simon Spencer, Partner, Payments Business Transformation, Ernst & Young LLP have also contributed to this article.