In a payout scenario, as a Requesting PSP, Mangopay will be carrying out VOP checks on recipients and payouts and returning the result in the API response.

Scope

VOP applies to EUR Recipients and Payouts using SCT or SCT Inst, and for users holding User-Owned Accounts. In terms of Recipient properties, this means:
  • Currency is EUR
  • PayoutMethod is LocalBankTransfer
  • Country is a SEPA country
VOP does not apply to non-EUR payouts in SEPA countries, such as SEK payouts to a bank in Sweden (which uses the local scheme RIX). VOP also does not apply to international payouts, such as EUR to a non-SEPA country or, for example, SEK to a SEPA country that isn’t Sweden, both of which use SWIFT.
Note – Only applies to User-Owned AccountsIn the first instance, VOP will only be carried out for users who hold a User-Owned Virtual Account. In 2026 Mangopay will make VOP available for all platforms for anti-fraud purposes.If your platform does not offer User-Owned Accounts to your users, your payouts are not impacted by Verification of Payee.

VOP result API fields

The following endpoints will be enriched with the Verification of Payee in the API response: These endpoints will return a new object parameter, RecipientVerificationOfPayee, containing:
  • RecipientVerificationId – A unique identifier of the VOP check performed by Mangopay.
  • RecipientVerificationCheck – The outcome of the VOP check performed by Mangopay, using the details in the Recipient or Bank Account object referenced in the BankAccountId field.
  • RecipientVerificationMessage – The explanation of the check outcome.
The fields will give the result of the VOP check:
RecipientVerificationCheckRecipientVerificationMessageScenarioRecommendation
MATCHAccount name fully matches account identifier.The account is valid and the account name matches the IBAN.Proceed with the payout or recipient.
CLOSE_MATCHAccount name partially matches account identifier. Name returned by check: FirstName LastName. Payment made to this account may not reach its intended counterparty.The account is valid but the name doesn’t match exactly.Confirm details with your user before proceeding. Reregister the Recipient if required.
NO_MATCHAccount name does not match account identifier. Payment made to this account may not reach its intended counterparty.This account likely belongs to a different owner.Do not proceed until you confirm the account details with the user.
MATCH_NOT_POSSIBLEResponding PSP’s verification service unreachable. Payment made to this account may not reach its intended counterparty.The check could not be completed.Retry later, or proceed only after confirming the account details with the user.
Caution – Risk of misdirected payoutsFor any result other than MATCH, there is a risk of the funds not reaching their intended destination. Funds sent to the wrong account may not be recoverable.

Implementation recommendations

  1. Retrieve and display the RecipientVerificationCheck and RecipientVerificationMessage to your users. These data points are both returned in the RecipientVerificationOfPayee object on GET View a Recipient, POST Create a Recipient, and POST Create a Payout.
  2. Check the VOP result of Recipients using GET View a Recipient before initiating payouts, to avoid funds being sent to the wrong account.

Recipients

If the user has a User-Owned Account, Mangopay performs a VOP check on the endpoints: VOP is only performed on Recipients where:
  • Currency is EUR
  • PayoutMethod is LocalBankTransfer
  • Country is a SEPA country
The GET View a Recipient and POST Create a Recipient endpoints will return the VOP result in the RecipientVerificationOfPayee parameter of the API response:
API response - 200 OK
{
    "Id": "rec_01K3V3GWJQBZXQ3HKNWCQCJRXF",
    "Status": "ACTIVE",
    "CreationDate": 1756477551,
    "DisplayName": "ExampleBusinessName EUR FR account",
    "PayoutMethodType": "LocalBankTransfer",
    "RecipientType": "Business",
    "Currency": "EUR",
    "Country": "FR",
    "UserId": "user_m_01JH2Z9GXCCHGFN65T5HDZG4GB",
    "Tag": "Created using the Mangopay API Postman collection",
    "RecipientScope": "PAYOUT",
    "BusinessRecipient": {
        "BusinessName": "ExampleBusinessName",
        "Address": {
            "AddressLine1": "3929 Dickinson Streets",
            "AddressLine2": "Stamm Tunnel",
            "City": "Paris",
            "Region": "Ile de France",
            "PostalCode": "75001",
            "Country": "FR"
        }
    },
    "LocalBankTransfer": {
        "EUR": {
            "IBAN": "FR7630004000031234567890143",
            "BIC": "BNPAFRPPXXX"
        }
    },
		"RecipientVerificationOfPayee": {
			  "RecipientVerificationId": "123456789",
			  "RecipientVerificationCheck": "MATCH",
			  "RecipientVerificationMessage": "Account name fully matches account identifier."
    }
}
The GET View a Recipient endpoint returns the latest VOP check performed for that account. If no check has ever been performed (for existing Recipient objects and Bank Account objects), then a new check will be carried out. The GET View a Bank Account endpoint will not trigger a VOP check nor return any VOP result. Ensure your platform uses GET View a Recipient object to retrieve account information. The Recipient endpoint can be used to retrieve legacy Bank Account objects by using the Bank Account Id as the RecipientId path parameter.

Payouts

Mangopay is introducing VOP checks when your platform requests a payout using POST Create a Payout only if the owner of the payout’s BankAccountId has at least one User-Owned Virtual Account. If the user doesn’t have at least one User-Owned Virtual Account, or if the payout does not use the SCT or SCT Inst rails, then VOP is not performed.
The steps are as follows:
  1. Your platform calls POST Create a Payout.
  2. Mangopay performs Verification of Payee (VOP) using the associated Recipient or Bank Account data (reference in the BankAccountId) by checking the IBAN and account holder name with the Responding PSP (which is the Payee’s bank).
  3. Mangopay returns the VOP result in the API response.
  4. Mangopay proceeds with the payment, unless it is blocked as described in the scenarios below.

Payout scenarios

Match or close match

When Mangopay performs the VOP check with the Responding PSP, if the result is MATCH or NO_MATCH, then the payout will continue as before.
The POST Create a Payout endpoint will return an HTTP 200 result containing the RecipientVerificationOfPayee fields:
API response - 200 OK
{
    "Id": "po_b_01K3GM8HWNCVDMACCRA0ZZPH02",
    "Tag": "Created using Mangopay API Postman Collection",
    "CreationDate": 1756126005,
    "AuthorId": "user_m_01K075ZBVXGFYAXM7529W2ZS5W",
    "CreditedUserId": null,
    "DebitedFunds": {
        "Currency": "EUR",
        "Amount": 1000
    },
    "CreditedFunds": {
        "Currency": "EUR",
        "Amount": 900
    },
    "Fees": {
        "Currency": "EUR",
        "Amount": 100
    },
    "Status": "CREATED",
    "ResultCode": null,
    "ResultMessage": null,
    "ExecutionDate": null,
    "Type": "PAYOUT",
    "Nature": "REGULAR",
    "CreditedWalletId": null,
    "DebitedWalletId": "wlt_m_01J9KQE9Z2S4G4R867C5H6W5ZV",
    "PaymentType": "BANK_WIRE",
    "BankAccountId": "rec_01K1ZWF7RJG9MEY8VQ0QE2RQ4D",
    "BankWireRef": "Example123",
    "ModeRequested": null,
    "ModeApplied": "PENDING_RESPONSE",
    "FallbackReason": null,
    "EndToEndId": "3b891fba337d45ec874646ac48565964",
    "PaymentRef": null,
    "RecipientVerificationOfPayee": {
      "RecipientVerificationId": "123456789",
      "RecipientVerificationCheck": "MATCH",
      "RecipientVerificationMessage": "Account name fully matches account identifier."
    }
}

No match or match not possible

If the result of the VOP check is NO_MATCH or MATCH_NOT_POSSIBLE, then the behavior will be as follows.

Before Oct 9, 2025

Before Oct 9, 2025, the payout will continue as normal. The NO_MATCH or MATCH_NOT_POSSIBLE result will be returned in the RecipientVerificationOfPayee object. This behavior serves as a warning: NO_MATCH result means your platform should inform the user that their payment may not reach its intended payee. In these cases, the user should check their account details and re-register the Recipient if necessary.

After Oct 9, 2025

Mangopay has sent a contract amendment to platforms that offer User-Owned Accounts to their users.

If amendment signed

If the amendment is signed, from Oct 9, 2025, the behavior will stay the same: the payout will continue and the NO_MATCH or MATCH_NOT_POSSIBLE result will be returned in the RecipientVerificationOfPayee object.

If amendment not signed

Until the amendment is signed, from Oct 9, 2025, payouts will be blocked if the VOP result is NO_MATCH or MATCH_NOT_POSSIBLE. The POST Create a Payout endpoint will return a 400 error:
API response - 400 Bad Request
{
    "Id": "44312c27-c681-4240-8df9-a2507bcf30d6",
    "Message": "Payout not allowed because Verification of Payee result is NO_MATCH", // or MATCH_NOT_POSSIBLE
    "Type": "invalid_action",
    "Date": 1747666655.0,
    "errors": null
}
Once the amendment is signed, the block will be lifted.
Note – Block only applies to UO account holdersThe block will be applied to users who hold a User-Owned Account. For these users, all payouts will be blocked regardless of which wallet they are debited from (determined by the owner of the payout’s BankAccountId).The block will also only apply to EUR payments via SCT and SCT Inst.Payouts authored by users without User-Owned Accounts will not be VOP checked and not be blocked because of VOP.