Confirmation of Payee - Protecting customers against APP and misdirected payment frauds

Confirmation of Payee - Protecting customers against APP and misdirected payment frauds


One of the leading UK Banks was looking to implement Confirmation of Payee to decrease levels of fraud and improve their customers’ banking experience. With no in-house capacity to undertake such a project, they looked to the market for a supplier who could deliver a fully managed service for both inbound and outbound CoP requests.

With accounts from multiple legacy systems, and no common naming conventions, the Bank knew they would need a supplier with a proven track record in complex name matching. The key success criteria were to decrease fraudulent transactions and maintain the highest level of user experience by making the process of payee validations quick and efficient.

The bank receives and needs to process:
485K - inbound CoP requests services per month
410K - outbound CoP requests routed per month


The Bank was impressed with Exela’s long history in providing name matching services to financial institutions across Europe and Exela’s track record in delivering key components for critical payments infrastructure, such as the Image Clearing System for Vocalink.

Exela provided an internet-facing web service, adhering to the latest specification by Pay.UK, and conforming to the security requirements of Open Banking. Drawing on experience gained from serving over 400 financial institutions across Europe, Exela successfully launched a best-of-breed CoP service.

Exela CoP fully manages both inbound and outbound requests seamlessly for the Bank.
When an Inbound CoP request is received, Exela’s intelligent request pre-processor performs the following sequence of checks, ensuring the correct results are returned as efficiently as possible:

  1. Exception account database - The application maintains a database of accounts where a CoP check should not be performed, either due to fraudulent activity or due to customer out-out.
  2. Global cache – The application maintains a global cache of hashed requests that have recently been responded to, increasing efficiency in responding to equivalent requests.
  3. Payee account name fuzzy match – It retrieves the actual name(s) stored against the account and performs a fuzzy match, comparing against the name submitted in the CoP request. The result is returned to the Payer’s Bank and the global cache updated.

Key to the success of Exela’s name matching service is using Exela’s proprietary artificial intelligence to process the Levenshtein distances between the names being matched. In order to ensure the best possible results, the names are first pre-processed to remove extraneous components, such as honorifics, titles, or diacritics from letters. The system then identifies the most critical components of the name and identifies the surname. Finally, the Levenshtein distances are processed on both the names as provided, as well as with all known valid nicknames or alternative spellings. This enables valid comparisons of names such as Bill Brown and William Brown.

For outbound CoP requests, Exela’s routing module establishes a secure connection to the Payee’s bank’s API endpoint and fully manages the process of submitting the request and receiving the response. The system protects the payer from “mis-keyed” payments and Authorised Push Payment (APP) fraud, providing greater assurance that the payment will reach its intended recipient. It stores all requests and responses, providing a complete audit trail and keeping the process transparent, not only of every request serviced, but also complete reasoning from the artificial intelligence detailing how the results were attainted.