Verification of Payee is mandatory, so the question is never whether — only how. Two routes exist: build adherence to the scheme yourself, or buy a ready service from a provider. Both are legitimate. The mistake is comparing them on licence price alone, when the real difference is the ongoing operational work each one leaves on your plate.
What 'build' really includes
- Connecting to an RVM and maintaining reachability across SEPA.
- Consuming the EPC Directory Service and keeping it in sync.
- Issuing, presenting, validating and renewing QWAC certificates.
- Tracking rulebook versions (v1.1, v2.0…) and updating to stay compliant.
- Meeting the sub-5-second timing and running the service 24/7, with monitoring.
What 'buy' trades away — and keeps
Buying does not remove all work: you still integrate an API, handle outcomes in your UX, and manage a vendor. But it moves the routing, directory, certificate and rulebook burden to someone whose whole job is keeping it current — usually getting you live in a fraction of the time.
- 1 Estimate time-to-live for each route against your regulatory deadline.
- 2 Cost the total picture: engineering, certificates, ongoing rulebook maintenance and on-call, not just licences.
- 3 Be honest about internal capacity — who owns VoP at 3am when a certificate expires?
Compare total cost of ownership, not sticker price
The cheapest option on paper is often the most expensive once you count the engineering and the years of maintenance.
RoxPay is the buy path done well: one integration that carries routing, the directory, certificates, rulebook updates and 24/7 operation — so your team ships VoP fast and keeps shipping the rest of your roadmap.