Account Holder Verification

📘

This page documents version 2 of the endpoint. Refer to Account Holder Verification (v1) for version 1, including a guide to migrate to version 2.

The Account Holder Verification (AHV) endpoint allows you to verify an account holder's identity before initiating a payment.

This helps reduce fraud and prevents payments from being misdirected, ensuring that payments are sent to the correct recipient or debited from the correct payer account before processing.

The AHV supports two verification types depending on the payment method:

  • Confirmation of Payee (CoP): used for GBP payments via Faster Payments
  • Verification of Payee (VoP): used for EUR payments via SEPA

How it works

After you submit an AHV request, we verify the provided details through either the VoP scheme or CoP service. You can receive the verification result via the Webhook service using the AccountHolderVerification event type, or by calling the AHV GET endpoint. The result will indicate whether the provided details generate a Match, Close Match, No Match, or Error.

See the request example and response example for implementation details.

The response also includes a reason code that provides further details on the verification result.

Request Rules

When making a request, the following rules apply:

  • verificationName must be provided
  • verificationType must be either Personal or Business
  • verificationAccount must be provided and must include:
  • account: IBAN (for VoP) or UK account number (for CoP)
  • financialInstitution: optional BIC (for VoP) or Sort Code (for CoP)
  • country: country code of the account

Routing rules:

  • If you provide Account Number + Sort Code (GB), the request is processed as CoP
  • If you provide an IBAN (including GB-IBANs), the request is processed as VoP

Invalid or mixed combinations (e.g. IBAN + Sort Code) will result in a validation error.

Verification results

When the result of the VoP or CoP is available (status is succeeded or failed), the result object will be populated in the AHV GET endpoint and in the webhook payload.

Details of each property in the result object

PropertyPopulation Logic & Format / Possible Values
createdAlways populated. Format: YYYY-MM-DDTHH:mm:ssZ
matchLevelAlways populated. Possible values: Match, Close match, No match, or Error
reasonCodeOnly populated for VoP if matchLevel = Error
descriptionOnly populated for VoP if matchLevel = Error
detailedDescriptionOnly populated for VoP if matchLevel = Error
accountHolderOnly populated if matchLevel = Close match

Reason Codes (CoP Only)

The following reason codes apply only to Confirmation of Payee (CoP) requests. They are defined by the UK CoP scheme and provide additional context on the verification result, indicating the level of match or any issues identified during the verification process.

Note: VoP (Verification of Payee for SEPA) does not provide the same set of granular reason codes as CoP.

Reason CodeCode DescriptionDetailed DescriptionAccount Name Passed Back
ANNMAccount Name does Not MatchThe CoP Responder has performed the matching and confirms it is not a matchNo
MBAMThere may be a match on the Account NameThe CoP Responder has performed the matching and it is a close matchYes
BANMBusiness account, name matchesThe CoP Requester indicated that the Payer intends to pay a personal account, but the actual account is a business account and the name matchesNo
PANMPersonal account, name matchesThe CoP Requester indicated that the Payer intends to pay a business account, but the actual account is a personal account and the name matchesNo
BAMMBusiness account, name may be a matchThe CoP Requester indicated that the Payer intends to pay a personal account, but the actual account is a business account and the name is a close matchYes
PAMMPersonal account, name may be a matchThe CoP Requester indicated that the Payer intends to pay a business account, but the actual account is a personal account and the name is a close matchYes
AC01Incorrect Account NumberAccount does not exist in the CoP Responder's booksNo
IVCRInvalid Customer ReferenceThe CoP Responder was unable to locate the customer account based on the secondary reference data contained within the SecondaryIdentification fieldNo
ACNSAccount type Not Supported for CoPAccount not supported for CoP by the CoP ResponderNo
OPTOOpted out of CoP SchemePayee has been opted out of the CoP service by the CoP ResponderNo
CASSAccount has been switchedThe Payee's account has been switched using the Current Account Switch Service (CASS)No
SCNSSort code not supported at endpointThe CoP Responder has incorrectly received a CoP request for a sort code that does not belong to themNo
Error400 Bad requestRequest has malformed, missing or non-compliant JSON body or URL parametersNo
Error401 UnauthorisedAuthorization header missing or invalid tokenNo
Error403 ForbiddenToken has incorrect scope, or a security policy was violated, used when a CoP Requester tries to access a resource that it does not have permission to access.No
Error404 Not FoundCoP API is not supported by the Payee ASPSPNo
Error405 Method not allowedThe CoP Requester tried to access the resource with a method that is not supportedNo
Error406 Not acceptableThe request contained an accept header that requested a content-type other than application/JSON and a character set other than UTF-8No
Error429 Too Many RequestsThe CoP Responder should include a Retry-After header in the response indicating how long the CoP Requester must wait before retrying the operationNo
Error500 Internal server errorSomething went wrong on the API gateway or micro-serviceNo
Error503 Service UnavailableThe CoP Responder’s service is down for maintenance. The CoP Responder should include a Retry-After header in the response indicating how long the CoP Requester must wait before retrying the operationNo