Webinar Transcript: EDI + e-Invoicing = Compliance

Below is a transcript of the “EDI + e-Invoicing = Compliance” webinar which can be found here »

Electronic invoicing is beginning to realise its potential. It has been around for quite some time now but for different reasons it has not ‘crossed the chasm’ and become a mainstream finance activity. With many European governments and large corporates adopting e-Invoicing in 2012, some even mandating, there is increasing momentum for companies to update their business-to-business communications and send and receive invoices electronically.

One of the reasons e-Invoicing has not been widely adopted so far has been the confusion around tax compliance. There are certain rules and regulations that must be adhered to and companies doing business in Europe must be sure their e-Invoices are compliant. But many companies are already sending and receiving electronic invoices through Electronic Data Interchange the question arises – is EDI an appropriate framework for tax compliant e-Invoicing?

Have You Spoken to Your CIO Lately?

It is surprising how many finance teams are not aware that their “EDI” invoices are, in fact, electronic invoices, and CIOs and EDI program managers are often unaware that their finance teams are looking to capture the same efficiencies that their B2B e-commerce/integration teams have already achieved. So it is necessary to clarify the EDI story, and to provide an alternative e-Invoicing landscape, that has not been widely discussed.

Over time, the physical supply chain, particularly in the “direct spend” category, has benefited from EDI efficiency gains, but within the financial supply chain, the documentation that ultimately ensures payment for the supplier, this is not yet the case. Businesses in Europe exchange approximately 16 billion paper invoices every year. The receipt, capture, processing and approval of invoices tends to be a largely manual process, with multiple department touch points, all of which  costs organisations in lost productivity and lack of visibility.

e-Invoicing is proven to reduce costs and provide efficiency savings for finance teams, it takes paper out of the process, removes the need to manually capture data and provides both internal and external real-time visibility. e-Invoicing also speeds the review process reducing the turnaround time for payment approval, which in turn helps capture contractual discounts and avoids late payment fees.

So why does EDI seem to be missing from the e-Invoicing picture? If you consider that of the 10 billion transactions flowing across the OpenText network annually, 500 million of these are electronic invoices, it seems confusing that EDI is not highlighted as a compliant form of electronic invoicing.

The EDI Story

This seems an obvious question, but what exactly is Electronic Data Interchange? In its simplest form, EDI is the computer to computer exchange, between two companies, of standard business documents in electronic format.

There are three elements in basic EDI. First, trading counterparties establish an electronic trading relationship. Second, the exchange of documents takes place in a standardised format, within a secure environment. And third, electronic documents replace paper based ones.

EDI is essentially a secure data processing concept which is independent of communication protocols or transmission media. What does this mean? Electronic data interchange is a framework, it is not tied to any single message formats, and there are different methods and protocols for transmitting data.

EDI messaging started over 40 years ago and blossomed during the eighties and nineties, large trading partners captured the benefits of removing paper from the process, in particular within the direct spend category. EDI has evolved as a logical outgrowth of the standard electronic communication within companies over the last few decades. With EDI, data exchange between departments within a company is extended, to reach out to external trading partners.

In the past this was an expensive project, and only the largest companies participated. However, EDI has matured and its reach has extended to SMEs. It is now widely adopted and therefore has become an inexpensive method of electronic B2B communication.     

Over the last 10 years EDI companies recognised the need to provide value add B2B services and solutions that overlay their messaging platforms, so they developed software as a service solutions, including e-Procurement and e-Invoicing solutions, to provide business value along the physical and financial supply chains, for all trading partners.

In parallel, the alternative e-Invoicing solution providers, many in the form of internet ‘exchanges’ started to appear in the early 2000s, focusing on providing web-based enablement solutions, such as web-forms and PO-flips, which leveraged the internet as a global network. These companies focused on the indirect spend category, which was less developed in most businesses.

Since that time, there has been increasing overlap between the value that the alternative e-invoicing solution providers and EDI solution providers offer.

European Compliance Challenges

A key factor in electronic invoicing, and one not clearly understood within EDI circles, is ensuring that each invoice is compliant with local tax authority regulations. This can be a complex challenge within Europe.

VAT is the chosen indirect taxing method in Europe. The VAT system ensures a constant flow of tax revenue to government, and while not without fraud issues, discourages tax avoidance. This is a serious matter for tax authorities in Europe as, on average, VAT revenues represent a third of a countries’ GDP.

During a tax audit each invoice can be required to prove a company’s accounts, and it is because of the importance placed on this document that electronic invoicing regulations for VAT are designed to encapsulate an end-to-end compliant process. Each individual company is tasked with ensuring their electronic invoicing program is tax compliant, so which different process elements need to be in place?

First, each invoice data file must meet the requirements for country-specific rules. Each country’s tax authority has a set of minimum fields that are required, and define, exactly what constitutes an electronic invoice. Most data fields are common, but inevitably there are differences for each country and it is important to ensure that the correct fields are used.

Second, the “authenticity of the seller” and the “integrity of the electronic invoice document”, must be guaranteed for each electronic invoice. Currently this is achieved consistently throughout Europe in two ways. The first is through networked EDI, and the second is through digital signatures, where the invoice document is electronically signed and time stamped using digital certificates.

Third, is the archiving and auditability of the electronic invoices for the period defined by the local tax authority. Whether you are sending or receiving invoices you must store them as you would for paper invoices, the length of time they are stored varies by country, and the location of storage must adhere to local rules. Added to this, these stored invoices must be retrievable in a human readable format if a tax authority audit occurs.

These three elements are the core pillars of compliance, and you will find that every country will have slightly different requirements in each area.

EU Directives – Legal Stuff

There are plenty of EU rules and regulations to help us understand what constitutes a compliant electronic tax invoice. EDI as a means to exchange electronic invoices is long-established and proven since 1994 (1994/820/EC), but in some countries there has been confusion around how EDI provides tax compliance. In the past, companies would run an EDI program to gain business benefits but accounts payable/receivable would also process paper invoices, to ensure tax compliance.

While there have been different VAT rules and regulations in different member states since 1990, it wasn’t until 2001 (2001/115/EC) that clear VAT rules for e-Invoicing were issued by the EC, and mapped out how paper could be completely removed from the invoicing process, in a tax compliant manner. The 2001 legislation later harmonised in 2006 (2006/112/EC), set out the rules for data validation, authenticity and integrity, and archiving.  

One country in particular seized on these new regulations to provide explicitly clear rules on how both digital signatures and EDI can provide compliant e-Invoicing. In July of 2003 the French tax authorities new rules on e-Invoicing came into force. The French legislation combined each of the three core pillars of compliance into a single EDI process and since that time there has been little confusion around compliant EDI. This has resulted in a thriving EDI industry in France whereas elsewhere, only the “authenticity and integrity” element for EDI has been used.

According to the current EC VAT Directive the authenticity of the origin, the integrity of the content and the legibility of an invoice, whether on paper or in electronic form, shall be ensured from the point in time of issue until the end of the period for storage of the invoice.

EDI achieves this by conforming to 1994/820/EC where the data is transferred within a secure network and messages sent and received are identical. This may be supported by interchange agreements, summary lists and sometimes by a trading partner list. A well-managed EDI process will store the different evidence components, including evidence that the chosen security and other controls are complied with, in such a way as to convince an auditor quickly that the archived invoices messages are authentic and unchanged since issuance.

When networked EDI is combined with data and archiving compliance, it can both provide an end-to-end tax compliant process. The decision for your company is quite simple, is upgrading my existing EDI process the simplest, most cost-effective, and efficient e-Invoicing program to implement?

The Right Standards, the Right Framework

EDI documents cover the entire physical and financial supply chains -from procurement through to payment. EDI standards have been developed since the 1970’s and can be configured to suit an individual industry’s business requirements. While many have predicted the demise of EDI file based standards, they remain as popular today as they were 10 years ago due to their customisation flexibility and proven strength when processing high volumes of data.

XML arrived after EDI and was touted as the replacement for file-based EDI standards due to the structured nature and configurability of the XML data structures; however, XML’s strengths may have proven to be its weakness as a multitude of different XML standards now exist covering different industry requirements.

Irrespective of the EDI versus XML standards argument, both EDI and XML standards can be used in a compliant EDI process but to be compliant, authenticity and integrity within an EDI framework is essential.

There are different ways in which an EDI framework can be implemented across your trading partner community and there are many EDI tools and connectivity options available to suit both you and your trading partners technical capabilities and budget constraints. But the key question is which methods are considered tax compliant?

Authenticity & Integrity

We know that for an invoice to be considered “original” its integrity must be maintained over connection and during transfer, therefore ensuring the message received is identical to the message sent and there must be processes in place to ensure the protection of EDI messages against the risks of unauthorised access, delay, destruction or loss.

Companies issuing invoices must ensure the authenticity of the origin of the document, essentially this means that the issuing company is who they say they are and they issue documents within a secure channel. Trading parties must implement and maintain different security procedures and measures, including the verification of the origin, the non-repudiation of origin, the receipt, and the confidentiality of EDI invoice messages.

Networked EDI

EDI networks are private, secure networks where EDI related information can be exchanged between companies. Connectivity to the EDI network must be over a secure channel to guarantee the “integrity” of invoices, for example FTPS, VPN,  AS2 or secure FTP within a secure shell protocol are all acceptable methods. Processes engrained within the EDI network ensure that the message transferred maintains integrity across the end to end process and any transfer errors are captured and dealt with.

To ensure authenticity within an EDI network, trading partners will typically require a secure account and connection with an EDI network provider to both send and receive electronic documents. A well-managed EDI network process maintains a trading partner list that identifies all trading partners exchanging invoices. This list validates the trading relationship between trading counterparties. The provider will also keep a record of all trading party interchange agreements and maintain a summary list of all transactions between trading counterparties verifying each message and indicating any anomalies detected at transmission.

During an enrolment campaign, suppliers will typically be part of a customer’s vendor master list, inferring an element of trust between the two trading partners. In an EDI network each supplier goes through an enrolment process and credit check to authenticate the company and if successful they have a secure account and connection within the network and “authenticity” is assured.                  

Point-to-Point

Point-to-point connections can also ensure “integrity”, providing the protocol used is secure, again, the examples of FTPS, VPN, AS2, or secure FTP within a secure shell protocol are all acceptable methods. But it is a little more difficult to quantify “authenticity” for point-to-point connections, by using a secure connection between your company and your trading partners authenticity is “inferred”, but perhaps not guaranteed unless you mandate secure procedures. If your company is using point-to-point to directly connect to your trading partners you must ask yourself what process both trading partners have in place to ensure the “authenticity” of invoices. I would recommend talking to your tax advisor on best practise.

The elephant in the room on point-to-point is of course AS2. AS2 is perhaps the most commonly used protocol for point-to-point connections and deserves a separate mention as AS2 can provide both “authenticity” and “integrity” at the same time because a digital signature is embedded into the protocol. Because a digital signature is embedded over the protocol, this doubly ensures the “integrity” of invoices, but “authenticity of the origin” of the invoices is also ensured by the electronic certificate, so if your company is running a point-to-point EDI program the recommended method of ensuring a compliant process is using AS2 with a digital signature.

Web EDI

Web EDI has generated some controversy over its ability to be compliant but as far as ensuring “integrity” is concerned as long as invoices are issued over HTTPS they will be compliant. Web EDI provides “authenticity” as long as account security and enrolment process has the same controls as the EDI network enrolment process. Typically any web-form solution will require a secure log-on and therefore the trading party must have a secure account with the EDI network provider. The enrolment of web suppliers is driven from a vendor master list from the buyer, during the enrolment process the supplier is asked a set of validation questions and successful suppliers are given a secure account. This web EDI enrolment process is typical of many of the alternative e-Invoicing service providers.

Managed Services

Another option is EDI outsourcing, which is simply a method of using external resources to manage your EDI environment on a day to day basis. A company can choose to outsource part of an EDI process such as on-boarding a group of trading partners, or they could decide to outsource the management of the entire EDI process. Most EDI implementations need access to resources that can develop maps, on-board trading partners and implement new communication protocols. Many companies do not have the internal resources to undertake this type of work and prefer to outsource it. As long as the underlying EDI method used by the EDI outsource team assures authenticity and integrity, then outsourced EDI can ensure compliant invoices.

Summary

So we can see that as far as authenticity and integrity is concerned, EDI can provide a tax compliant process. Some methods have this engrained into the process and other methods require certain procedures to be in place alongside. But none of these methods include data validation or archiving.

EDI + e-Invoicing does equal Compliance as long as you combine each of the different elements of tax compliance into a single process.

GXS developed its e-Invoicing solutions to include the three core pillars of tax compliance. Our solutions combine the compliant elements of EDI with the other essential components of data validation and archiving into a single end-to-end process. OpenText solutions are inclusive of both digital signatures and EDI and the choice for our customers is simple, whether to upgrade their existing EDI process, or to leverage digital signatures where appropriate.

It should be re-iterated that EDI is not expensive any more. Suppliers can connect through cost-effective solutions, from web-forms for low-volumes through to integrated desktop solutions for mid-volumes.

So if you are considering an e-Invoicing program, why would you choose the EDI method? Your company may already be processing EDI invoices. If so, your company will be able to extend existing contracts and SLAs and leverage a solution that will overlay your existing EDI processes. Many of your suppliers are pre-connected to EDI networks and this will reduce your initial investment plus allow you to get to ROI quickly. Any suppliers that are not can easily connect through web-forms. Many EDI network providers are pre-connected, and interoperability across networks is well established which opens up trading counterparty connections across multiple networks.

GXS

As a business to business integration provider, OpenText automates the physical and financial supply chains from end-to-end, from procurement all the way through to enabling supplier financing. Our customers benefit from choosing a single solution provider, with a global reach and experience of implementing many complex projects.

We are providing the next generation of analytical capability that help our customers understand how they do business, automating the physical and financial supply chains reveals the information supply chain and our customers are gaining competitive advantage by intimately understanding their entire trade lifecycle.

We understand our customer’s global objectives, and we have become a trusted partner to many of the world’s largest companies. Our solutions process nearly a quarter of business to business transactions globally, with 6 trillion in spend passing over our network for the majority of Fortune 500 companies across industries such as retail, CPG, automotive, financial services, high-tech, logistics, pharma and banking.

One final thought to leave you with is that Billentis, an industry analyst, estimates that your company will save between 1-2% of its annual turnover by implementing an e-Invoicing solution, so this has to be worth considering seriously by you, and soon.