API guide — Verify your payees with account assessment

Before you start

This guide walks you through an example of usage of the Memo Bank API – initiate and track a SEPA Direct Debit collection.

📑 For an in-depth understanding of the Memo Bank API resources and how you can interact with them, take a tour of our Memo Bank API Reference.

API authentication and signature

Each request to the Memo Bank API must be authenticated. See on API Reference | Getting started how to create and manage your API credentials, create and sign your authentication token.

Setup your webhooks

Memo Bank uses webhooks to inform your system on account assessments. Understanding how our webhooks function is essential for tracking the status of an account assessment, and managing any necessary follow-up after execution.

📑 Follow the API Reference | Webhooks to configure them for your API application and find all the details on the webhooks events structure.

Important information about counterparty assessments

The account_assessments API resource represents a request of account assessment, initiated for a given counterparty.

Account assessments are processed asynchronously: you need to listen toaccount_assessment_completed  and account_assessment_failed  webhook events to know when its time to retrieve the assessment results.

The assessment results provide valuable information for your internal counterparty validation workflows. The account assessment result does not represent a validation itself.

If one or more risk_indicators are present, we advise you to proceed to further verifications before initiating transactions towards the assessed account. Please note that an empty list does not necessarily mean the account does not pose any risk.

We may add new indicators over time.

Initiate a counterparty account assessment: hands on

You can initiate an assessment for given account by a POST to /account_assessments.

POST /v2/account_assessments HTTP/1.1
Authorization: Bearer ***

{
  "iban": "FR7617338000014606038580616",
  "identifications": [
    {
      "type": "name",
      "value": "John Doe Corp"
    },
	{
		"type": "siren",
		"value": "829226760"
	}
  ]
}

The iban  fields contains the account number to be assessed. Only SEPA accounts following the IBAN format are currently supported.

The identifications object contains the counterparty information that you would like to verify against the IBAN. In our example, we want to confirm that the John Doe Corp is the company owner of the account, and the company id of type SIREN associated to the account is 829226760.

Depending on your internal counterparty validation workflow, you may want to only check the name or only the company id.

If the POST request is accepted by Memo Bank, your system will receive a response similar to the example below:

HTTP 200 OK
{
	"id": "95c180f4-5559-43a3-b1e5-2ae235c76ba0",
	"iban": "FR7617338000014606038580616",
	"status": "pending"
}

The Memo Bank response contains a representation of your assessment request state. The 200 OK  response code indicates that Memo Bank acknowledges your request, while the "status": "pending"  indicates that it is about to be processed.

The id is a unique value that will allows you to keep track of the assessment request all along its lifecycle.

📑 See the API Reference | account assessments to have full details.

Assessments lifecycle follow-up

We encourage you to setup a webhooks URL to receive status updates for your assessments in real time.

POST your/webhook.uri HTTP 1.1

{
  "id": "ad8340e7-0675-4182-9c95-520e7c9a72a3",
  "date": "2025-09-27T09:30:00+00:00",
  "event_type": "account_assessment_completed",
  "resource_type": "account_assessment",
  "resource_id": "95c180f4-5559-43a3-b1e5-2ae235c76ba0"
}

The resource_id  allows you to understand which assessment a webhook notification refers to.

Once a given account assessment has been correctly executed by Memo Bank, you will receive a notification for a resource of type account_assessment and "event_type": "account_assessment_completed".

✔️ You can now go and consult the assessment results.

Find more details about the webhooks events structure in the API Reference | webhooks.

GET  assessments details

You can retrieve an assessment details with a GET /account-assessments/<assessment-unique-id>.

Polling strategy is not recommended. Webhooks eliminate the need for regular polling by enabling you to simply 'wait' for a notification when an operation’s status changes.

GET /v2/account-assessments/95c180f4-5559-43a3-b1e5-2ae235c76ba0 HTTP/1.1
Authorization: Bearer ***


HTTP 200 OK 

{
	"id": "95c180f4-5559-43a3-b1e5-2ae235c76ba0",
	"iban": "FR7617338000014606038580616",
	"bic": "MEMOFRP2XXX",
	"completed_date": "2025-10-23T13:08:22.027066Z",
	"risk_indicators": [frequent_returns],
	"identification_matches": [
		{
			"identification": "John Doe Corp",
			"status": "match",
			"matched_name": "John Doe Corp",
			"type": "name"
		},
		{
			"identification": "829226760",
			"status": "match",
			"type": "siren"
		}
	],
	"capabilities": [
		{
			"type": "instant_transfer",
			"can_debit": true,
			"can_credit": true
		},
		{
			"type": "standard_transfer",
			"can_debit": true,
			"can_credit": true
		},
		{
			"type": "b2b_collection",
			"can_debit": true,
			"can_credit": true
		},
		{
			"type": "core_collection",
			"can_debit": true,
			"can_credit": true
		}
	],
	"status": "completed"
}

The account assessment done in this example contains the iban that has been analyzed and the corresponding bic, as well as the analysis status.

The results of the analysis above are organized in risk_indicators, identification_matches and capabilities.

Risk indicators

We detected that the account just assessed received a number of transfer recall requests with Fraud reason.

It does not necessarily indicates that the account owner is a fraudster. In our example, the John Doe Corp may have recently received a higher number of customer complains than usual and still be the legit owner of this account.

Based on your internal validation policies, you may want to cross-check the ligitimacy of the counterparty account that you are assessing.

Identification matches

Great news! The MEMOFRP2XXX estabilishment, hosting the account that we just assessed confirmed that it matches with the company name and the SIREN number that were indicated in your request.

Capabilities

MEMOFRP2XXX supports and can receive/initiate SEPA Credit instant and standard transfers, as well as Core and B2B direct debits.

Use case: check Direct Debit capabilities

The capabilities object in the API response gives you additional information about the schemes supported by the bank holding the account that is being checked.

In the example, below the account iban : FR7617338000014606038580616 does not support SEPA Direct Debit collections as method of payment.

HTTP 200 OK 
{
	"id": "95c180f4-5559-43a3-b1e5-2ae235c76ba0",
	"iban": "FR7617338000014606038580616",
	"bic": "MEMOFRP2XXX",
	"completed_date": "2025-10-23T13:08:22.027066Z",
    [...]
    "capabilities": [
		{
			"type": "instant_transfer",
			"can_debit": true,
			"can_credit": true
		},
		{
			"type": "standard_transfer",
			"can_debit": true,
			"can_credit": true
		},
		{
			"type": "b2b_collection",
			"can_debit": false,
			"can_credit": false
		},
		{
			"type": "core_collection",
			"can_debit": false,
			"can_credit": false
		}
	],
	"status": "completed"
}

Important

The capabilities object shows whether the target bank accepts SEPA Direct Debit (SDD), based on its adherence to the SEPA scheme. This does not guarantee SDD success—it may be rejected due to insufficient funds, debtor refusal, or other reasons.

See our API guides for details on SEPA Direct Debit capabilities.

Use case: wrong beneficiary name

You may want to use the account assessment API to verify that a given account corresponds to the account owner that you registered in your system.

This feature can be useful if you registered the wrong IBAN by mistake for a given supplier, or if a debtor shared with you the wrong account number.

The example below shows the account assessment indicating that Donald Duck does not match the name linked to IBAN FR7617338000014606038580616. Likewise, the SIREN in the assessment request does not match the provided account.

In this case you may want to cross-check that the account in your system complies with your counterparties' validation policy.

HTTP 200 OK 

{
	"id": "95c180f4-5559-43a3-b1e5-2ae235c76ba0",
	"iban": "FR7617338000014606038580616",
	"bic": "MEMOFRP2XXX",
	"completed_date": "2025-10-23T13:08:22.027066Z",
	"risk_indicators": [frequent_returns],
	"identification_matches": [
		{
			"identification": "Donald Duck",
			"status": "no_match",
			"type": "name"
		},
		{
			"identification": "829226760",
			"status": "no_match",
			"type": "siren"
		}
	],
	"capabilities": [
    [...]
    ]
	"status": "completed"
}

Going further

Check our dedicated API guides if you want to find more details about the SEPA Credit Transfers and the SEPA Direct Debit capabilities. You can also refer to our FAQs for more information.