Confirmation of Payee

UK banks have been rolling out a new confirmation of payee system recently.

The idea is relatively simple - when paying someone using your bank app or web site, you put not only the sort code and account number, but also payee name (the name of the person or business you are paying). The system can then advise if you have that right, or a "close match" which can then let you confirm the exact name.

As I have said before I think this is problematic at best - banks usually have shortened (18 characters) names for accounts, but companies and people have longer names, trading names, may use initials, or have joint accounts, and so on. It means a match may not work.

It may help typos, but then that is what check digits are for, but what concerns me even more is that scammers will simply change their tactics - telling their marks a different payee name, perhaps justifying as the holding or parent company, etc. That will then match. Indeed, I expect scammers to be slick and make paying them really easy, but normal businesses and individuals to run in to problems.

Just to highlight how stupid this is - I sent a payment from Barclays to Monzo, and Barclays set the payer name in that case to KENNARD AJ. I then sent payment back on Monzo, and it went through confirmation of payee on the (pre-filled) details, and Barclays failed to validate KENNARD AJ as my account name, not even a suggested alternative, even though it is what they sent!!!

This type of stupidity, where you have pre-filled or known correct details totally failing, will get people just doing "click through" of errors and warnings as a matter of course, just like cookie warnings. Some people will have so much trouble they tell payers "just ignore any errors". However, the fraudsters will know exactly how to make it work perfectly and what to tell people. This almost makes it worse than before!

Of course, as you may know, my company is Andrews & Arnold Limited, and like other companies with an ampersand in the company name, we have the occasional issue. Some times it is silly things like a delivery address on a parcel saying Andrews & Arnold Ltd or some such, but some times it is more severe, such as BTs back end systems simply not working for us initially as they forgot to escape the ampersand in XML.

I should not have been surprised, obviously, that the new confirmation of payee system would have issues. I am however shocked at quite how bad it is, and how it seems that several different banks are broken in different ways.

First off, the good guys - Lloyds bank. The app allows me to enter Andrews & Arnold Ltd as the company name, and confirms it is correct - yay!


Well done Lloyds, but other banks are more of a challenge!

Barclays web page was OK, but the app does not allow you to even type an ampersand in the name. This is crazy as an ampersand is not some new fangled unicode emoji, but something that is valid in ASCII, BACS, Fast Payments, even old fashioned mechanical typewriters. Apparently it dates back to the 1st century AD!

It seems Nat West mobile app allows an ampersand but then does not match, and we have reports of the same from Co-op bank.

The other odd issue is that when the account does not match, in some cases, the actual account name is advised, and you can pick that. The problem is that what gets advised is ANDREWS ARNOLD LIMITED,ANDREWS ARNOLD LTD

Of course, this long string with something like our name (missing ampersand) twice, does not then match even though it is what was suggested.

The solution?

Update1: By the end of the day of reporting this, Monzo had made a change that helps. The suggested name is now just ANDREWS ARNOLD LIMITED, and using the suggested name now works. This should stop customers having problems as they don't have to ignore the warning now.

Monzo are still working on the ampersand in the suggested name.
Barclays have not said any more, but obviously they need to allow ampersand to be typed.

P.S. It will be fun if ever Companies House allow unicode... Andrews ⅋ Arnold, anyone?


  1. This has so many potential pitfalls. Just some of the ones I can think of:

    1) For one single bank account all of the following can possibly be different:

    name on bank's system
    name shown on debit card
    name shown on cheque book
    name shown on bank statements
    name shown to recipient when sending money out of the account
    account holder's name versus true beneficial owner of the money (Trusts and Power of Attorney scenarios)

    2) Paying sole traders who may be set up as John Smith t/a Smiths Plumbing. Or they may be using just their own personal current account with no mention of Smiths Plumbing.

    3) On (2) the slash symbol often doesn't work on banking systems. It's shown as "t/a" on our Metro Bank cheque book but as "TA" on the account itself at the bank.

    4) "Ltd" versus "Limited" versus "Ltd." versus the more old fashioned "LD".

    5) Is the system really going to cope with all these variations of the same name?

    Mr John Robert Smith
    Mr John Smith
    John Smith
    J Smith
    J. R. Smith
    J.R Smith
    J.R. Smith
    Mr J R Smith
    JR Smith
    John R. Smith
    Smith, Mr John
    and on, and on, and on. Some accounts that have existed for years still use "Esq.".

    1. It's crazier than that.. always worth reading 'falsehoods programmers believe about names'.

      This system has basically zero chance of working well.

  2. Already run into problems with this - trying to pay insurance through HSBC. Entered the payee as XXXXXX (where XXXXXX is the name on all of their paperwork). HSBC said "No match" and "You can click pay if you want to, but on your own head be it". Turns out that the account is in the name "XXXXXX Ltd" - why on earth didn't that match?
    The way I see it is that this is an attempt to solve the problem whilst letting foolish people remain foolish. As you say, the only people this will adversely effect are the genuine businesses - scammers will make damn sure it works for them.
    Surely the money spent on implementing this idiotic system would have been better spent on education or, God forbid, better account setup and management security.

  3. There will also be false positives or vice versa with names that can "work both ways". I am thinking of John Hannah. Or Hannah John. Two different people. Hannah and John can each be both forenames and surnames. Or Steven Hayley vs Hayley Steven. Confirmation of Payee system could potentially decide that they are the same person and say "go ahead and make this payment, all is good". When actually it is not.

  4. And I've got payees set up with e.g. "Mat Monzo" / "Mat NatWest" because they have accounts with each and I need to know which I'm sending to..

  5. Already hit this issue with Barclays.

    Making a payment to The Scout and Guide Shop which is what's shown on their invoice and website. Barclays online give no match.

    Finally after searching their website found that the charity running the shop is Sheffield Scout Resources and putting that in the field got a match.

    The actual account name i later found out was Sheffield Scout Resources Charity T/A The Scout and Guide Shop so how come Barclays couldn't match The Scout and Guide Shop?

    I can give sort code/account no. if others want to try

  6. I had a problem the other day trying to transfer money between my first direct account and a joint account at Lloyds (both mine). Even when I entered the exact joint account name as printed on the cheque book it came back with "No match" - not even a near miss.

    I went into the branch to ask them what exactly was the name of the account but they couldn't tell me!

  7. Hi,
    This is all fantastic information, just the sort of anecdotal evidence I'm interested in! I am voluntarily setting up an independent group of individuals and participants dedicated to Confirmation of Payee because I can see this is going to be a big issue over the next year or so. The website I've built is www.confirmationofpayee.net/index.php

    You can find out more about me as well on my LinkedIn profile https://www.linkedin.com/in/anthony-evans-nf-testing/

    Please contact me!


  8. Hope you guys don't mind, but I have just posted the URL for this thread to my LinkedIn account. Any objections, just give me a shout and I'll withdraw it but I haven't seen a better anecdotal description of the sort of issues that arise.


Comments are moderated purely to filter out obvious spam, but it means they may not show immediately.

ISO8601 is wasted

Why did we even bother? Why create ISO8601? A new API, new this year, as an industry standard, has JSON fields like this "nextAccessTim...