- 30 October, 2024
- Category: Companies
The publication of this Ministerial Order marks the start of the maximum nine-month period within which manufacturers and vendors of billing systems for businesses and professionals must market products that comply with the new regulations. It implements Royal Decree 1007/2023, dated December 5, by specifying and detailing the technical aspects and content required for the design of billing software, as well as the formats for submitting information to the AEAT Electronic Office (Veri*Factu System).
On October 28, 2024, Order HAC7/1177/2024, dated October 17, was published, which completes the regulatory development of Article 29.2.j) of Law 58/2003, of December 17, the General Tax Law, specifically regarding Billing IT Systems for Business Owners and Professionals.
The publication of this Ministerial Order marks the start of the maximum nine-month period within which manufacturers and vendors of billing systems for businesses and professionals must market products that comply with the regulations. This maximum period does not prevent the early commercialization of adapted billing systems, given that system manufacturers and developers have been consistently informed of the technical annexes of this Ministerial Order during its drafting.
The publication of this Ministerial Order fulfills the development requirements established in the Third Final Provision of Royal Decree 1007/2003, of December 5, whose key objectives are:
- Strengthening the obligation to issue invoices for all transactions carried out by business owners and professionals.
- Ensuring that all transactions are recorded in the IT system in a secure, non-manipulable, accessible manner with a standard structure and format to facilitate record readability, automated analysis, and simultaneous submission to the Tax Administration.
- Facilitating tax compliance, as evidenced in countries where data submission is required before, immediately following, or shortly after transactions are carried out.
Royal Decree 1007/2023 sets requirements that reinforce the security and integrity of billing records. This regulation specifies the attributes that billing systems must ensure concerning data integrity, retention, and readability. It also introduces the obligation to include QR codes and specific phrases on invoices issued by these systems. The aim is to ensure the traceability and authenticity of electronically issued invoices, enabling better supervision and verification by the tax administration.
Use of a Billing System for Multiple Taxpayers
When the same billing system is used by multiple taxpayers, it must operate as if it were a separate system for each user. This implies independently managing each taxpayer’s records, creating individual record chains, functioning autonomously as a “VERI*FACTU” system for each, and clearly displaying the taxpayer’s identity in each active transaction. Additionally, when the system supports multiple users, it must show its current status (active, inactive, etc.) with explanatory messages.
VERI*FACTU System Features
The “VERIFACTU” system allows direct connection with the Tax Agency’s electronic office, automatically sending billing records upon issuance. This method provides the administration with real-time access to the economic activity of businesses, and systems labeled as “VERIFACTU” are presumed to comply with legal requirements.
Requirements for Information Submission to the State Tax Administration Agency (AEAT)
For IT systems to send billing records to the AEAT, they must meet the following specifications:
- Be connected to the Internet to communicate with AEAT’s electronic services.
- Manage electronic certificates for the authentication and signature of records.
- Submit records in the required format with stipulated security guarantees, either automatically or in response to requests.
- Properly process responses received from the AEAT.
Integrity and Immutability Guarantees for Records
The regulation requires systems to ensure the integrity and immutability of records by generating a “hash” or digital fingerprint for each record, enabling quick verification. Records must be electronically signed, and the system must verify both the signature and the record chain when records are stored. If an integrity breach is detected, the system will trigger an alarm and generate an event log detailing the incident.
Sending Billing Records to the AEAT
When sending billing records to the AEAT, IT systems must identify themselves electronically using valid certificates and meet the minimum authentication requirements established for Public Administration. Submissions may be made directly by the taxpayer or by an authorized representative.
Responsible Declaration for IT Systems
Each billing system must include a responsible declaration prepared by the producer, ensuring compliance with current regulations. This declaration must contain structured information about the system, including its name, identifier code, specific version, components, and functions, specifying whether it complies with the regulations and if it is compatible with “VERI*FACTU.” It must also include contact information and identification of the producing entity.
Starting and Opting Out of the VERI*FACTU System
Systems can begin operating as “VERIFACTU” at any time but must maintain this status until the end of the calendar year. To opt out of using “VERIFACTU,” the taxpayer must notify the AEAT of the final operating date, submitting this information before the last day of the year in which they wish to opt-out.
Effective Date
The regulations come into effect on October 29, 2024. However, both providers and taxpayers must adjust their systems to comply with these regulations by July 2025.
JDA/SFAI