Verification Of Payee Scheme Rulebook Updates

Verification Of Payee Scheme Rulebook Updates

16 March 26

Share This

Today, the European Payments Council (EPC) launched three key updates linked to the Verification Of Payee (VOP) scheme rulebook, Application Programming Interface (API) specifications, and API Security Framework which will become effective on 20 September 2026.

The VOP scheme provides a set of inter-payment service provider (PSP) rules, practices and standards in the Single Euro Payments Area (SEPA) to be complied with by participants who adhere to the scheme. Learn more about the VOP scheme.

VOP scheme rulebook version 1.1

Following a December 2025 public consultation on urgent change requests to the VOP scheme rulebook identified by the Verification Of Payee Working Group (VOP WG), the EPC is launching version 1.1 to support payment service providers (PSPs) in the Single Euro Payments Area (SEPA) that are required to comply with legal obligations on the verification of a payee in the case of SEPA (Instant) credit transfers as outlined in the  EU Instant Payments Regulation (IPR) amending the SEPA Regulation. 

Download VOP scheme rulebook version 1.1 or learn more about the updates.

VOP scheme API specifications 1.1.1

Version 1.1.1 of the VOP Application Programming Interface (API) specifications sets out the rules for implementing VOP-related APIs based on version 1.1 of the VOP scheme rulebook and includes:

  • One change in relation with the empty API fields which are no more allowed to be consistent with the standards.
  • Clarifications about the character set to be used in the VOP APIs.
  • Clarifications about the Timestamp.
  • Clarifications about the HTTP Headers, including content-type handling.

Any comments in relation with these EPC VOP Inter-PSP API Specifications can be shared by email to [email protected].

Download VOP scheme API specifications document version 1.1.1 or learn more about the updates.

VOP API Security Framework v2.1

The API Security Framework sets minimum API security requirements for VOP, SEPA Request‑to‑Pay (SRTP), and SEPA Payment Account Access (SPAA) scheme participants.

Following a public consultation on these urgent VOP scheme related change requests, the EPC is launching the version 2.1 of the API Security Framework (ASF) which includes additional clarifications on the use of the certificates for the VOP scheme.

This framework will become mandatory as of 20 September 2026 for the VOP, SRTP and SPAA scheme participants when using APIs.

Download VOP API Security Framework version 2.1 or learn more about the updates.

Your reactions

If you would like to comment on this article, please identify yourself with your first and last name. Your name will appear next to your comment. Email addresses will not be published. Please note that by accessing or contributing to the discussion you agree to abide by the EPC website conditions of use.

Related document
Verification Of Payee Scheme Rulebook
Verification Of Payee Scheme Inter-PSP API Specifications
API Security Framework
Latest News
EPC publishes SRTP Rulebook v4.0 clarification paper to guide SEPA Request-to-Pay implementation
Kick-off meeting of the Routing and/or Verification Mechanisms Multi‑Stakeholder Group (RVM MSG)
API Reference Toolbox (ART) v1.1 launch
Guidelines to support an optional exchange of data sets under the Verification Of Payee (VOP) scheme