Verification of Payee (VoP): The New Obligation

16/10/2025

Verification of Payee (VoP): The New Obligation under the IPR Regulation and the Key Role of QWAC PSD2 Certificates

The European Union continues to strengthen its security framework for digital payments. With the adoption of the new Instant Payments Regulation (IPR), Payment Service Providers (PSPs) will be required to implement the Verification of Payee (VoP) service by 9 October 2025.

This requirement represents a substantial change in the operation of SEPA transfers—both instant and regular—and has a direct impact on the technical and regulatory architecture of financial institutions.

What is Verification of Payee (VoP)?

The Verification of Payee (VoP) is a new beneficiary verification process designed to ensure that the account holder’s name matches the IBAN to which a transfer is directed. Before executing the operation, the system cross-checks both data points and returns a confirmation—or an alert if there is a discrepancy. The goals are clear:

Reduce fraud caused by errors or deception in transfers.
Increase transparency and trust in electronic payments across the European Economic Area.
Standardize payment services under a common technical framework promoted by the European Payments Council (EPC).

The Change Introduced by the IPR Regulation

The IPR Regulation directly amends SEPA regulation by mandating the provision of instant euro payments 24/7, all year round, and, in addition, requiring the integration of the VoP process for all SEPA transfers, not just instant payments.

This means that each PSP must:

Allow users to verify the beneficiary’s name before authorizing payment.
Implement an interoperable VoP service based on standardized APIs.
Secure communications between PSPs using qualified digital certificates.

The Key Technical Component: The PSD2 QWAC Certificate

At the heart of this new architecture lies the PSD2 Qualified Website Authentication Certificate (QWAC).

This certificate—issued by a Qualified Trust Service Provider (QTSP) under eIDAS—authenticates the identity of the PSP during communications between entities in the VoP process.

Specifically, the PSD2 QWAC:

Ensures the authenticity of entities exchanging information.
Secures the communication channel through encryption and mutual validation.
Identifies the PSP with its National Authorisation Number (NAN), as required by PSD2.
Complies with the EPC’s technical specifications for the VoP scheme.

Without a valid QWAC certificate, a PSP will not be able to operate within the VoP infrastructure or comply with regulation.

How ANF AC Helps PSPs Comply with VoP

As a Qualified Trust Service Provider with extensive experience in the PSD2 ecosystem, ANF AC issues PSD2 QWAC and QSealC certificates recognized across the European Union, fully compliant with eIDAS Regulation and the EPC’s technical requirements.

Our offer for PSPs:

Fast, 100% online issuance of PSD2 QWAC certificates.

Full compatibility with VoP APIs and existing integration environments.

Guaranteed compliance with PSD2, eIDAS, and IPR.

Specialized technical support throughout the entire implementation process.

Thanks to our qualified infrastructure, PSPs can obtain their PSD2 QWAC certificates within hours, ensuring a smooth transition to the new VoP scheme.

In Summary

Verification of Payee marks a decisive step towards a more secure and transparent payments environment in the EU.

Its success depends on the proper authentication of participants—and this is precisely where PSD2 QWAC certificates are indispensable.

At ANF AC, we help institutions comply with VoP requirements under the IPR Regulation quickly, securely, and in full alignment with European standards.

Is your institution ready for VoP?

Request your PSD2 QWAC certificate with ANF AC and ensure compliance.

Solutions

Products

Sectors

Solutions

Products

Sectors