Seamless integration
with any ERP/POS
Seamless integration with any ERP/POS
Get 100% ZATCA Phase II compliant with ClearTaxGet 100% ZATCA Phase II compliant with ClearTax
E-invoice generation in
a fraction of a second E-invoice generation in a fraction of a second
a fraction of a second E-invoice generation in a fraction of a second
PDF/A3 E-invoices with
XML embedded PDF/A3 E-invoices with XML embedded
XML embedded PDF/A3 E-invoices with XML embedded
RELATED ARTICLES
- E-Invoicing in Saudi Arabia
- ZATCA e-Invoicing Phase 2: Applicability, Requirements, Rules and Regulations in Saudi Arabia
- ZATCA Announced Wave 2 Under Phase 2 of e-Invoicing in Saudi Arabia
- ZATCA Announced Wave 3 Under Phase 2 of Saudi Arabia e-Invoicing
- ZATCA Announced Wave 4 Under Phase 2 of Saudi Arabia e-Invoicing
- ZATCA Announced Wave 5 Under Phase 2 of Saudi Arabia e-Invoicing
- ZATCA Announced Wave 6 Under Phase 2 of Saudi Arabia e-Invoicing
- ZATCA Announced Wave 1 Under Phase 2 of e-Invoicing in Saudi Arabia
- How to Validate ZATCA e-Invoice Using QR Code?
- FAQs on Phase 2 of KSA e-Invoicing
- ZATCA Announced Wave 7 Under Phase 2 of Saudi Arabia e-Invoicing
- ZATCA Announced Wave 8 Under Phase 2 of Saudi Arabia e-Invoicing
- KSA VAT Number Verification: How to Verify a VAT Number in Saudi Arabia?
- Impact of ZATCA e-Invoicing on Saudi Arabia Businesses
- ZATCA Announced Wave 9 Under Phase 2 of Saudi Arabia e-Invoicing
- ZATCA Announced Wave 10 Under Phase 2 of Saudi Arabia e-Invoicing
- ZATCA Announced Wave 11 Under Phase 2 of Saudi Arabia e-Invoicing
- ZATCA Announced Wave 12 Under Phase 2 of Saudi Arabia e-Invoicing
Prohibited Functionalities for an e-Invoicing Solution in KSA
Updated on: Apr 17th, 2023
|
4 min read
Switch Language
To generate e-invoices, as mandated under newly ruled out guidelines by Zakat, Tax and Customs Authority (ZATCA), the taxpayers need to adopt an e-invoicing solution. An ideal e-invoicing solution should not have some prohibited functionalities, as listed below:
Functionalities prohibited from phase 1: Generation phase (w.e.f. 4th December 2021)
Anonymous access
Access to e-invoicing solutions should be secured using a login ID and password or biometrics. This is mandatory to prevent any unauthorised person from having access to the confidential data of e-invoicing. Also, the taxpayers are advised not to share such login details with any external party and should preserve the same securely.
Ability to operate with the default password
The e-invoicing solution can not be continued upon the default password. The user needs to set a new password after the first login. This is prohibited, again, to ensure the security and confidentiality of the data.
Absence of user session management
The e-invoicing solution must track and store all the details regarding login and invoice generating activities. This ensures that any malicious activities that a user comes to know about at a later stage can be tracked using historical data that gets trapped in the solution.
Allow alteration or deletion
The e-invoicing solution should not permit alteration or deletion of the already generated invoices and their related Credit and Debit Notes (CDNs). In the event of the wrong issue of an e-invoice, the taxpayer is advised to cancel the same by issuing CDNs. However, deletion or alteration is strictly not allowed.
Allow for log modification or deletion
The taxpayer should ensure that their e-invoicing solution does not allow any modifications in system logs that store the data related to the system’s activities. Only access should be allowed to logs, but any alteration or modification should be prohibited in the solution.
Modification to time or date
The e-invoicing solution should not allow the user to change the time or date on the generated e-invoice as per their convenience. This may lead to e-invoices carrying false information. Thus, the solution itself should generate time and date, and users should not be given any control over the same.
Non-sequential log generation
The e-invoice generated by the solution should be in sequence with the previously generated e-invoice. This is ensured by making all the log entries in the system time-stamped to track the generation of e-invoices. Also, the e-invoice to be generated should be linked with the previous invoice by placing the previous invoice’s hash in the current invoice’s associated field.
Invoice counter reset
The invoice counters should generate the invoices in a sequence. Resetting the invoice counter leads to a new sequence for invoices. Hence, the taxpayer’s e-invoicing solution should not contain the feature of resetting the invoice counter.
Functionalities prohibited from phase 2: Integration phase (w.e.f. 1st January 2023)
Generation of more than one invoice sequence at the same time
This functionality is particularly prohibited to ensure the e-invoice to be generated the hash of the previous invoice. If the taxpayer has more than one invoice generating unit, then separate invoice sequences can be followed at each unit.
Also, the e-invoicing solution generates an invalid e-invoice or its related CDNs, they should not be deleted but preserved to ensure sequence.
Time changes
The e-invoicing solution must be sufficiently equipped so as to avoid any changes in time in the related software. This is to, again, prevent time changes in the generated e-invoice.
Export of stamping keys
Every e-invoice needs to contain a cryptographic stamp on it. For this, every e-invoicing solution has a cryptographic private stamping key, enabling it to generate the same. The ZATCA has imposed a prohibition under which the e-invoicing solution should not share/export this stamping key.
Index
Follow us on
