VERI*FACTU System in Spain
The urgent need for the Spanish business fabric to adapt to the demands of digitalization together with society’s growing demand to obtain from Spanish tax authorities (hereinafter STA) a constant improvement in tax assistance and control, is imposing on it the need to standardize and modernize the IT or electronic systems and programs that support the accounting, invoicing and management processes of companies.
This modernization requires from STA on the one hand to ensure the interconnection of such IT systems, and their compatibility with the IT systems of customers, suppliers and public administrations but, on the other hand, it also requires ensuring the quality of information, confidence in the undue tampering of data, the traceability of data and the interdiction of the use of so-called sales suppression and manipulation software.
In this context Royal Decree 1007/2023 has come into force approving the Regulation that establishes the mandatory requirements to be adopted by the IT or electronic systems that must support the invoicing processes of companies that are tax resident in Spanish territory or companies not resident in Spanish territory that act through a Permanent Establishment. It should be noted that the deadline for companies to comply with this obligation is 1 July 2025.
In turn, Royal Decree 1007/2023 exempts companies covered by the SII (Immediate Information Supply) system and companies not established in Spain, which do not have a Permanent Establishment in Spain, from complying with this obligation.
However, it should be noted that Royal Decree 1007/2023, by reforming the Invoicing Regulation with regard to formal invoicing requirements at the same time foresees new formal requirements for deductibility of input VAT on received invoices (which will be explained later), is a regulation that affects all companies operating in Spain which receive invoices subject to the Spanish Invoicing Regulation.
Pursuant to Royal Decree 1007/2023, an invoicing IT system is understood to be the set of hardware and software used to issue invoices by carrying out a series of actions detailed below. In the first instance, admitting the entry of invoicing information by any method. The second of the actions that this system will have to carry out is to store the invoicing information, either by storing it in the invoicing IT system itself or by sending it outside the system on a physical medium of any type and nature, or by sending it telematically to another IT system, whether or not it is an invoicing system. Finally, it is important that the system is able to process the invoicing information by means of any procedure to produce other derived results, regardless of where this process is carried out, which may be in the invoicing IT system itself or in another system after the information has been sent to it by any direct or indirect means.
With regard to the requirements of these invoicing IT systems, RD 1007/2023 establishes that they must guarantee the integrity and inalterability of the invoicing records so that, once generated and recorded, they cannot be altered without the IT system detecting and alerting them. The second requirement is the traceability of the billing records, they must be linked in such a way that they can be traced from the first to the last in the sequence in which they were created.
For this purpose, the IT system shall provide functionalities that allow the traceability of the recorded data in a clear and reliable way. The last requirement is that all billing records generated by the IT system itself must be accessible and readable. Not only that, they must be kept for 4 years in accordance with the statute of limitations established by the general tax regulations.
As for the entity that provides the invoicing IT system, it is obliged to certify, by means of a responsible declaration, that the invoicing IT System guarantees, in accordance with the general tax regulations, the integrity, conservation, accessibility, legibility, traceability and unalterability of the records, without interpolations, omissions or alterations that are not duly noted in the systems themselves. The responsible declaration will have to be in writing and visible in the invoicing IT system itself in each of its versions, as well as for the customer and the marketer at the time of purchase of the product. In this sense, RD 1007/2023 states that the producers and marketers of IT systems will have to offer their products fully adapted to the regulation within a maximum period of nine months from the entry into force of the ministerial order that develops this regulation, which has not yet been approved and which we will inform you about.
Another of the major new features included in RD 1007/2023, is that the STA may go to the place where the invoicing IT system is located or used, and may request full and immediate access to where the billing records reside, as well as their downloading, dumping or copying and consultation, always in legible format, obtaining where appropriate, the user code, password and any other security key that may be necessary. In addition, STA may require and obtain copies of the billing records kept, having to be provided in electronic format on physical media or by automatic and secure electronic transmission by electronic means to its electronic headquarters.
In addition, Royal Decree 1007/2023 grants taxpayers the possibility of voluntarily sending, automatically and securely by electronic means, all the invoicing records generated in the invoicing IT systems. This procedure with the STA is known as the Sistema de emisión de facturas verificables (Verifiable invoice issuing system) or Sistema VERI*FACTU (VERI*FACTU System). In this sense, a taxpayer will be understood to opt for a VERI*FACTU System when it effectively sends all the invoicing records by electronic means, continuously, securely, correctly, integrally, automatically, consecutively, instantaneously and reliably. It should be noted that, as a result of RD 1007/2023, the development of the VERI*FACTU System is pending regulation by ministerial order. However, what is certain is that, as soon as the ministerial order is approved, STA are obliged to make the VERI*FACTU System available to taxpayers within a maximum period of nine months from the entry into force of the ministerial order.
As far as invoicing requirements are concerned, the entry into force of Royal Decree 1007/2023 means that invoices issued by IT systems must include a graphic representation of the partial content of the invoice by means of a QR code. Moreover, in the case of electronic invoices, the graphic representation may be replaced by the content of the QR code. Additionally, in cases where the taxpayer voluntarily opts for the VERI*FACTU System, invoices whether electronic or not, must also include the phrase Factura verificable en la sede electrónica de la AEAT (Verifiable Invoice at the STA´s IT system) or VERI*FACTU. Consequently, in cases where received invoices do not comply with these formal requirements, the STA will object the deductibility of the corresponding input VAT. This implies that, as mentioned above, this regulation affects all companies operating in Spanish territory that receive invoices subject to the Spanish Invoicing Regulation whether they operate in Spain via a Spanish Permanent Establishment or not and whether they are subject to the SII reporting system or not since all incoming invoices will have to be checked with regard to the fulfillment of the mentioned formal requirements.
In accordance with Royal Decree 1007/2023, the invoice recipient, regardless of their status as an entrepreneur or end consumer, may voluntarily provide STA with certain information about the invoice by making available the data contained in the invoice’s QR code. In those cases, in which the issuer of the invoice has opted for the VERI*FACTU System and consequently, the invoice contains the phrase Factura verificable en la sede electrónica de la AEAT (Verifiable Invoice at the STA IT system) or VERI*FACTU, this remission by the invoice recipient will allow it to verify that the invoice received has been previously sent to STA.
Under the penalty system of RD 1007/2023, the using of invoicing IT system that do not comply with the requirements of RD 1007/2023, when they are not duly certified or when the certified devices have been altered or modified, constitutes a serious infringement. The penalty foreseen for this infringement is 50.000 euros for each financial year in which a non-compliant computer system has been used.
It is important to stress that the obligations imposed by RD 1007/2023, should not be confused with Law 18/2022 called CREA Y CRECE, by virtue of which all companies operating in Spain must issue, send and receive electronic invoices in their commercial relations. Although it is true that STA have not yet approved the regulation implementing electronic invoicing, Law 18/2022 itself provides that in case of companies whose annual turnover exceeds 8 million euros, the obligation will become effective one year after the regulatory development has been approved. In all other cases (i.e. below 8 million in turnover), such obligation will come into effect 2 years from the approval of the regulation. In this regard, it should be noted that, as far as we have been informed, the Draft Regulation on electronic invoicing is currently being processed by the Ministry of Economy, Trade and Enterprise in conjunction with STA.
In conclusion, the digitalization obligations of IT and electronic invoicing systems embodied in Royal Decree 1007/2023 imply the necessity of investments or at least the establishment of new controls by all entrepreneurs operating in Spain before July, 1st 2025, not only for the Spanish tax resident or non-resident entrepreneurs acting through a Permanent Establishment in Spain which are not subject to the SII reporting system, but for all entrepreneurs operating in Spain that receive invoices subject to the Spanish Invoicing Regulation.
Leave a Reply
Want to join the discussion?Feel free to contribute!