eInvoicing is a digital solution that enables public sector contractors and companies to receive and process electronic invoices that comply with the European standard.
Despite the EU Commission’s announcement that the eInvoicing Directive was coming into force in April 2019, many businesses are still unaware of the Directive’s requirements. Many companies may already have certain processes or an invoicing solution in place; however, unless they are closely following specific business regulations, compliance should be questioned, as some companies may be in breach.
Background on the eInvoicing Directive 2014/55/EU
The processing of invoices across borders was hampered by the use of different standards across borders. As a result, a European policy was put in place, resulting in a new European Standard for invoicing. What this means is that, from April 2019, EU public entities should have electronic invoicing in place and suppliers doing business with these entities in the EU should ensure that their electronic invoices meet the standards set forth by the Directive.
Companies trading within the EU must comply with various regulations every day, and this very much includes the eInvoicing Directive as well as the EU VAT Directive.
The role of the VAT Directive
The EU VAT Directive was introduced in 2006 with one main objective - to harmonise the VAT law across the EU, providing clear guidance (article 233) on what must be included in invoices as well as key conditions and requirements around authenticity of origin (the identity of the invoice issuer) and integrity of the content of the invoice (proving that the content of the invoice has not been changed from the moment of issuance).
One of the core methods the VAT Directive suggests is to use advanced electronic signatures - the details within the invoices can be verified using electronic signatures on a case-by-case basis or by bulk signing through automated workflows;
1. Invoices sent or made available by electronic means shall be accepted by Member States provided that the authenticity of the origin and the integrity of their content are guaranteed by one of the following methods:
Invoices may, however, be sent or made available by other electronic means, subject to acceptance by the Member States concerned.
2. For the purposes of point (a) of the first subparagraph of paragraph 1, Member States may also ask for the advanced electronic signature to be based on a qualified certificate and created by a secure-signature-creation device, within the meaning of points (6) and (10) of Article 2 of Directive 1999/93/EC.
3. For the purposes of point (b) of the first subparagraph of paragraph 1, Member States may also, subject to conditions which they lay down, require that an additional summary document on paper be sent.
Although the Directive specifies the methods that can be used (see above), it is worth noting that some countries, such as Portugal, have now regulated the exchange of electronic invoices between private companies by mandating the use of digital signatures in order for electronic invoices to be considered valid.
Electronic invoicing (eInvoicing) eliminates the need for businesses to keep a paper trail in order to comply with Value Added Tax (VAT) laws. For all jurisdictions with eInvoicing requirements, there are two concepts that are fundamental to compliance; the authenticity of the invoice (where the invoice is from) and its integrity (the content of the invoice has not been altered).
Invoices sent via pdf with electronic signatures are VAT compliant
Invoices that are digitally signed by the seller can then be verified by the buyer. The digital signature method of compliance is a preferred option of the tax authorities and provides an unequivocal technical guarantee of the authenticity and integrity of the invoice.
Utimaco as a Qualified Trust Service Provider
According to Regulation EU 910/2014, known as eIDAS, Utimaco can operate as a qualified trust services provider in any EU country.
Utimaco has the certifications and technology to issue electronic time stamps, binding the date and time to data in such a way that the date cannot be changed undetectably. It is based on an accurate time source, and it is signed using an advanced electronic signature.
Utimaco HSMs are certified under eIDAS standards in order to achieve higher levels of data security, trust and legal assurance, whilst also maintaining high service levels and business agility. They provide a scalable and FIPS-compliant hardware solution for secure key storage and processing inside the boundary of the HSM.
On July 1, 2016, our solution became the first certified qualified trust service for issuing electronic timestamps in accordance with the European eIDAS Regulation. This means that our timestamps offer the legally recognized highest levels of protection in the form of qualified electronic timestamps.
Blog post by Dawn Illing.