Verification of payee (VoP) in the SAP system

The new regulation of the European Payments Council came into force on October 9, 2025. It includes the so-called Verification of Payee and is intended to ensure payment security for SEPA payments. What this means for your SAP system.

What is die Verification of Payee?

Electronic payment transactions are increasingly the focus of cyberattacks and fraud attempts, which is why a new European Payments Council (EPC) regulation has been in force since October 9, 2025 (for countries outside the eurozone from July 2027). This directive includes the so-called Verification of Payee (VoP) and is intended to ensure a standardized framework for improving payment security for SEPA payments within the eurozone between payment service providers. Collective payments and express payments (CCU) are excluded from this directive. Specifically, the aim is to reduce the number of cases of fraud and misdirected payments by validating the recipient's name with the specified account number before executing the payment. To this end, the sender's payment service provider sends a VoP request to the payee, which is then checked and returned with a message (in pain format). The VoP request must contain the IBAN number and the name of the payee. The recipient's payment service provider responds to the sender's payment service provider, who can then decide whether to proceed with the payment.

Why is the Verification of Payee so important?

The EPC Regulation aims to create a standardized framework to reduce fraud and misdirection of payments. The focus here is on payment diversion fraud in particular. This refers to the diversion of payments through manipulated account details. This represents a considerable risk for companies in the payment process, as payment media from the SAP system are often not subsequently checked. As a result, manipulation of the bank master data usually remains undetected unless a master data governance process is in place. This is precisely where VoP comes in: It checks the payment recipients before the payment is executed.

What relevance does the VoP have for SAP users?

The master data of suppliers and customers is maintained in SAP Business Partner. In addition to the names, the bank details are also recorded in the Business Partner. This data forms the basis for the automated payment process such as the payment run (transaction F110). The payment media are then processed in the Treasury Management System (TMS) or in the banking tool and the payment is executed. Up to now (before October 9, 2025), the payee and the account number have not been checked. This is now changing with the VoP. The source of payment rejections often lies in SAP and is based on incorrect master data in the Business Partner, such as an incorrect account number or company name, which must be checked and updated if necessary.

How can feedback be checked and processed in the SAP system?

SAP currently only offers a solution for SAP cloud systems. On-premise customers and ECC customers do not have the option of implementing a VoP process. For cloud systems, the connection can be made via Multi Bank Connectivity instead. The prerequisite for this is, of course, that the additional license for the multi-bank solution is available.

Companies that use neither SAP Multi Bank Connectivity nor the SAP cloud systems and instead use a TMS as an interface between the SAP system and the payment service providers must currently forward the VoP results to Accounts Payable and, if applicable, Accounts Receivable or the master data team for processing.

What could a solution for ECC or on-premise customers look like?

As the connection can only be made with cloud systems, on-premise customers and ECC customers are currently excluded. However, there is a workaround.

Image shows stacks of coins in the background and a trend chart in the foreground

Thanks to online validation, the master data is entered correctly in the system when it is created and can also be checked at regular intervals. Finally, it should be noted that this solution only applies to the European Economic Area and cannot be implemented for customers in countries outside the EU single market.

Summary

Even though SAP has so far only created a solution for cloud customers via multi-bank connectivity and only via an additional license, it will be interesting to see how SAP acts in this area. The topic is currently very present in the treasury departments of companies. However, the workaround presented is limited to the European economic area. This will become a problem for companies in July 2027 at the latest, as the EPC will then extend the VoP directive to non-European areas.