Confirmation of Payee: more firms adopt security checks to reduce fraud

Virgin Money and Cambridge Building Society latest to join initiative but millions still unprotected
Chiara CavaglieriSenior researcher & writer

Virgin Money and Cambridge Building Society have become the latest providers to implement Confirmation of Payee (CoP), an important anti-fraud measure. 

This name-checking service helps banks and building societies protect customers against authorised push payment (APP) fraud, where victims are tricked into sending money to criminals, as well as accidentally misdirected payments. 

However, millions of customers are missing out on these security checks because hundreds of payment firms are yet to implement this vital layer of security, including Bank of Ireland UK, Metro Bank and PayPal.

Be more money savvy

free newsletter

Get a firmer grip on your finances with the expert tips in our Money newsletter – it's free weekly.

This newsletter delivers free money-related content, along with other information about Which? Group products and services. Unsubscribe whenever you want. Your data will be processed in accordance with our Privacy policy

Which banks and building societies offer Confirmation of Payee?

After many delays, the six biggest UK banking groups – Barclays, Lloyds Banking Group, NatWest Group (including RBS), Santander, HSBC (including First Direct) and Nationwide Building Society – were forced to implement CoP by the end of June 2020. 

Monzo and Starling were the first banks to sign up for CoP voluntarily, while the likes of Revolut, The Co-operative Bank, Triodos and TSB followed suit later. 

Virgin Money and Cambridge Building Society have become the latest firms to adopt CoP. The Cambridge is the first of the smaller building societies to join the service, although this only applies to incoming payments. 

Most building societies were initially unable to implement CoP due to technical restraints but the system designed for banks has since been adapted to support accounts that rely on additional data, such as a building society account number, to make payments. 

Nick Warner, programme manager at The Cambridge, told Which?: 'For outbound we have nominated accounts for making Faster Payments and don’t offer payments to third parties. Nominated (current) accounts are verified before being activated – just not using CoP. There is a much greater need on inbound payments, whether it’s moving a large amount into a bond, making a payment to your mortgage or topping up savings, there is real value there so it’s where we chose to invest.'

Customers missing out on protection

Many big names have yet to sign up including current account providers AIB Group (UK), Bank of Ireland (UK), Citibank and Metro Bank. 

The Payment Systems Regulator (PSR) has included these banks in a list of 50 firms it wants to adopt CoP by 30 June 2023. This list also includes PayPal, Sainsbury’s Bank, Skipton Building Society, Tesco Personal Finance and Yorkshire Building Society.

In the meantime, if you make a payment to a firm that doesn't make CoP checks, be extra careful to avoid mistakes and consider the possibility that a fraudster could be trying to trick you into sending them money.

How does Confirmation of Payee work?

Without CoP, providers take no notice of the name entered and process payments using the account details you enter and nothing else. This makes it too easy to accidentally enter the wrong digits and can be abused by criminals who trick fraud victims into transferring money to accounts in their control. 

With CoP in place, your bank warns you if the name entered doesn’t match, or only partially matches, the account details. To make a payment you will be asked to enter: the full first and last name or business name; the sort code and account number; and the account type ie, if it’s ‘personal’ or ‘business'. 

There are four possible CoP messages, although not all banks use identical wording:

  1. Match - the name on the account matches. Proceed with the payment if you’re happy to do so
  2. Close match - the name on the account is not an exact match. It could be an abbreviated name or perhaps a spelling mistake. If you recognise the closely matched name, you can choose to continue or double check the payee details before continuing with the payment
  3. No match - the payee’s name details don’t match the name on the account. Cancel the payment until you’ve made further checks, including for possible fraud
  4. Unavailable – it has not been possible to check the name. This could be because the receiving bank doesn’t offer CoP. Double check the payee’s details and consider whether someone is trying to scam you

CoP checks payments using the Faster Payments System (including standing orders) and CHAPs (high-value payments), whether they are made online, via your mobile banking app or in a branch. It doesn’t apply to payments that are not in pounds sterling or BACS payments (including direct debits). 

More on this

Related articles

About Us

Which? Limited is registered in England and Wales to 2 Marylebone Road, London NW1 4DF, company number 00677665  and is an Introducer Appointed Representative (FRN 610689) of the following:


1. Inspop.com Ltd for the introduction of non-investment motor, home, travel and pet insurance, who are authorised and regulated by the Financial Conduct Authority (FCA) to provide advice and arrange non-investment motor, home, travel and pet insurance products (FRN310635). Inspop.com Ltd is authorised and regulated by the Financial Conduct Authority (FCA) to provide advice and arrange non-investment motor, home, travel and pet insurance products (FRN310635) and is registered in England and Wales to Greyfriars House, Greyfriars Road, Cardiff, South Wales, CF10 3AL, company number 03857130. Confused.com is a trading name of Inspop.com Ltd. 


2. LifeSearch Partners Limited (FRN656479), for the introduction of Pure Protection Contracts and Private Health Insurance, who are authorised and regulated by the FCA to provide advice and arrange Pure Protection Contracts and Private Health Insurance Contracts.  LifeSearch Partners Ltd is registered in England and Wales to 3000a Parkway, Whiteley, Hampshire, PO15 7FX, company number 03412386.


3. HUB Financial Solutions, for the introduction of equity release advice and an annuity comparison service, who are authorised and regulated by the Financial Conduct Authority (‘FCA’) to provide advice and guidance on financial products for those who have retired or are approaching retirement (FCA Firm Reference Number: 455713). HUB Financial Solutions is registered in England and Wales to Enterprise House, Bancroft Road, Reigate, Surrey RH12 7RP, company number 05125701.


4. Alan Boswell Insurance Brokers Ltd (FRN 301), for the introduction of non-investment landlord insurances, who are authorised and regulated by the Financial Conduct Authority to provide advice and arrange insurance contracts. Alan Boswell insurance brokers Ltd is registered in England at Prospect House, Rouen Rd, Norwich NR1 1RE, company number 02591252.


Other financial services:

Mortgage service provided by London & Country Mortgages (L&C), Unit 26 (2.06), Newark Works, 2 Foundry Lane, Bath BA2 3GZ. London & Country are authorised and regulated by the Financial Conduct Authority (registered number: 143002). The FCA does not regulate most Buy to Let mortgages. Your home or property may be repossessed if you do not keep up repayments on your mortgage.


We do not make, nor do we seek to make, any recommendations or personalised advice on financial products or services that are regulated by the FCA, as we’re not regulated or authorised by the FCA to advise you in this way. In some cases, however, we have included links to regulated brands or providers with whom we have a commercial relationship and, if you choose to, you can buy a product from our commercial partners. 


If you go ahead and buy a product using our link, we will receive a commission to help fund our not-for-profit mission and our campaigns work as a champion for the UK consumer. Please note that a link alone does not constitute an endorsement by Which?.