Latest Payments News: European Payments Council Releases Verification Of Payee API Specifications, and more

Catch up on six of the stories our payments compliance analysts have covered lately, and stay up-to-date on the latest news.

European Payments Council Releases Verification Of Payee API Specifications

The European Payments Council (EPC) has published the Verification of Payee (VoP) API Specifications.

This establishes the guidelines for implementing VoP-related APIs per the VoP Scheme Rulebook version 1.0, which was released by the standard-setting organisation earlier this month.

The specifications, which will come into force on October 5, 2025, focus on facilitating secure and reliable VoP messaging between payment service providers (PSPs), something that will be necessary once new rules for VoP come into effect via the Instant Payments Regulation (IPR) next year.

MoneyGram Replaces CEO Following Customer Data Hack

MoneyGram has announced the appointment of a new CEO only weeks after the company was hit by hackers who stole large amounts of customers’ personal information.

Anthony Soohoo will step in as CEO, effective immediately, with Alex Holmes, CEO and chairman since 2016, stepping down and retaining only an advisory position to the board of directors.

Soohoo joins MoneyGram from Walmart, where he served as executive vice president of the retailer’s home division, having previously worked for CBS, Yahoo and Apple.

MoneyGram said the appointment of Soohoo was driven by the company’s digital innovation strategy.

At the end of September, as covered by Vixio, hackers accessed an internal MoneyGram database and stole customer details, including names, email and postal addresses, dates of birth and copies of government-issued ID certificates.

Persons with knowledge of the situation internally told Vixio that the customer information was bundled together in a single, unencrypted database. MoneyGram did not respond when contacted by Vixio.

Singapore Establishes New Network For Fintech Growth

The Monetary Authority of Singapore (MAS) has announced the formation of the Global Finance & Technology Network (GFTN), which aims to spur fintech growth and innovation in the financial services hub.

Building on Singapore's early fintech initiatives, including a regulatory sandbox, cross-border payment frameworks and digital asset experiments, GFTN will support collaboration on payments, asset tokenisation and advanced technologies such as artificial intelligence (AI) and quantum computing.

GFTN will work alongside the MAS to facilitate industry and policy discussions and will further the MAS' efforts to grow the annual Singapore FinTech Festival (SFF) into the premier global event for financial technology.

Online Payment Platform (OPP) Secures UK EMI Licence

Online Payment Platform Ltd (OPP), a specialised payment service provider (PSP) for platforms and marketplaces, has been granted a licence to operate as an electronic money institution (EMI) in the UK.

Under the EMI licence, OPP will expand its capabilities to facilitate consumer-to-consumer (C2C), business-to-consumer (B2C) and business-to-business (B2B) payments for platforms and marketplaces in the UK. This includes the ability to split payments between different types of platform users.

“The EMI licence allows OPP to add to its product stack with a much-demanded wallet solution, so that users will be able to receive and store funds for future purchases,” said Steve Lavington, commercial director at OPP.

Launched in 2013 from its HQ in Delft, Netherlands, OPP has processed transactions for PayPal, IKEA and Gumtree. It is a subsidiary of French payments firm Worldline.

Greece To Mandate Instant Payment Acceptance By Spring 2025

Greece's Ministry of National Economy and Finance has confirmed that it will mandate that all businesses are able to accept instant payments using the IRIS payment system by Spring 2025.

Kostis Hatzidakis, minister of national economy and finance, said the move is part of the government's ongoing efforts to promote the use of electronic transactions and to crackdown on tax evasion. He added that 3.3m out of 6m IBANs are already connected to the IRIS network.

The ministry has also been engaged in an effort to ensure that businesses' cash registers are connected to their point of sale (POS). Since the beginning of 2024, more than 407,000 businesses have complied with the directive, with only a 4 percent non-compliance rate.

Finally, in 2025, and following an approval from the EU, Greece plans to introduce mandatory electronic invoicing — another step towards transparency in transactions and tackling tax evasion.

Spanish Data Protection Watchdog Fines Key Retail Bank

The Spanish Data Protection Agency (AEPD) has fined Ibercaja Banco, S.A. €300,000 for failing to comply with the General Data Protection Regulation (GDPR).

The GDPR violations were identified after a complaint was lodged against the bank.

The claim, filed by an individual seeking access to their personal data following a contract cancellation, led to the AEPD's decision.

The regulator found that the bank accessed personal data linked to Experian up to 47 times, from March 2022 to January 2023.

Ibercaja Banco responded by making a voluntary payment of €180,000 after utilising two penalty reductions available under the Commence Agreement, which marks its admission of liability.

‍

Want to know more?

‍Request a demo with one of our experts today to gain full access to the stories we cover - and much more - and start learning how you can make compliance a competitive advantage for your organisation.