Info can be found back in Decree No. 2022-1299 of October 7, 2022 relating to the generalization of electronic invoicing in transactions between persons subject to value added tax and the transmission of transaction data
- The decree outlines the terms of application for electronic invoicing and transmission of data to tax authorities for taxable persons, public persons, dematerialization operators, and platforms.
- The decree specifies that electronic invoices must be issued and transmitted between taxable persons, with data transmitted to tax authorities.
- The obligation to receive electronic invoices applies to all companies from July 1, 2024.
- The decree defines the missions of the public invoicing portal and minimum functionalities required of partner dematerialization platforms, registration procedures, and data transmission requirements.
- The decree takes effect progressively, with different dates for large, medium-sized, small, and microenterprises.
- The Prime Minister issued the decree on the report of the Minister for the Economy, Finance and Industrial and Digital Sovereignty. Various regulations and directives are referenced in the decree.
Art. 242 nonies B.-I.
To obtain the registration number mentioned in article 290 B of the general tax code , the dematerialization operator produces in support of its application submitted to the tax administration
Summary
- The dematerialization operator must provide certain documents to obtain the registration number required by the general tax code.
- These include
- identification numbers
- tax compliance certificates
- a document outlining data security measures
- proof of compliance with ISO/IEC/27001 certification
- a declaration agreeing to provide and update user information
- use a central directory for electronic invoices.
- They must produce a conformity audit report within one year and provide technical documentation on authentication systems, sending and receiving electronic invoices, and procedures for extracting and transmitting billing data.
- The secure communication protocol used to transmit invoices must meet specified conditions.
- The application for registration must be presented by the legal representative of the operator.
Text of the legislation – Unofficial translation
1° Its identification number mentioned in the first paragraph of Article R. 123-221 of the Commercial Code and, for operators not established in France, a document equivalent to the registration extract from the Trade and companies less than three months old.
“When the competent authorities of the applicant’s country of origin or establishment do not issue the supporting documents mentioned in the preceding paragraph, they may be replaced by a sworn declaration or, in countries where such a procedure does not exist not, a solemn declaration made by the interested party before a judicial or administrative authority, a notary or a qualified professional body in his country of origin or establishment;
“2° When he is not established in France, a certificate of less than three months issued by the administration of the place of establishment justifying compliance with his tax reporting and payment obligations;
“3° A document presenting precisely the means implemented to ensure the security of personal data pursuant to Article 32 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 relating to the protection of individuals with regard to the processing of personal data and the free movement of such data;
“4° When the dematerialization operator uses a hosting provider, the reference or copy of the “SecNumCloud” qualification decision issued by the National Agency for the Security of Information Systems currently valid concerning it . If the qualification procedure is in progress, these elements can be provided at the latest when submitting the audit report mentioned in c of 6° of this I;
“5° The valid ISO/IEC/27001 certification certificate relating to its information system, including all the infrastructures, tools, services and IT organizational elements that contribute to carrying out its issuing activity , transmission and receipt of invoices and transmission of invoicing, transaction and payment data, together with the dematerialization operator’s commitment to operate its information system from the territory of a Member State of the European Union.
“He also undertakes to ensure that no transfer outside the European Union of the data hosted by the service he operates is possible and to this end provides the supporting elements allowing this to be verified.
“These requirements apply to the operator himself as well as to all third parties on whom he may choose to rely when they have the technical possibility of obtaining the data operated by the service;
“6° A declaration by which it undertakes to:
“a) Provide and update information relating to its users to ensure the operation of the central directory provided for in III of article 289 bis of the general code taxes ;
“b) Use the central directory for the sole purpose of ensuring the addressing of electronic invoices to the partner dematerialization platforms of their recipients;
“c) Produce, at the latest within one year from the notification of the issue of the registration number, a conformity audit report carried out by a specialized organization or any other natural or legal person complying with a audit method ensuring an impartial and exhaustive examination, presenting guarantees of independence, integrity and good repute and accomplishing its mission while avoiding any conflict of interest. This report covers the points of compliance, the list of which is drawn up by order of the Minister responsible for the budget. It also includes in appendix the conclusions of the audits carried out during the current year relating to the “SecNumCloud” qualification and the ISO/IEC/27001 certification;
“7° A technical documentation consisting of the following elements:
“a) A description of the authentication system for its users which specifies the means implemented to verify the identity and quality of the user and secure the conditions of access to the platform and its services under the conditions provided for in article 242 h F;
“b) A technical description of the process for sending and receiving electronic invoices, receiving billing, transaction and payment data, specifying the formats offered by the platform and the security measures implemented to ensure authenticity. the origin, the integrity of the content and the readability of electronic invoices from their issue until the end of the retention period;
“c) A description of the procedures for extracting and transmitting billing, transaction and payment data and the guarantees provided to transmit this data within the time limits required by the tax authorities;
“d) Reports of technical tests establishing the interoperability of the platform in emission, reception and transmission with, on the one hand, the public invoicing portal and, on the other hand, another partner dematerialization platform within the framework a bilateral interoperability agreement or its adherence to a network information exchange protocol;
“e) The secure communication protocol used to transmit invoices and invoicing, transaction and payment data and meeting the conditions specified by order of the Minister responsible for the budget.
“The application for registration is presented by the legal representative of the dematerialization operator or his representative and includes, in the latter case, the documents allowing his status to be established.
“The application and all the supporting documents mentioned in this I are produced in French or, failing that, accompanied by a certified translation into French.
“II.-Only a dematerialization operator who meets his tax reporting and payment obligations can obtain a registration number.
“III.-The tax administration issues, within two months of receipt of the complete application presented to it, a registration number registered in the central directory to the dematerialization operator who satisfies the conditions provided for in I and II for the duration provided for in Article 290 B of the General Tax Code subject to the production of the document mentioned in c of 6° of I within the time limit, or, failing that, notifies him of a refusal motivated.
“IV.- In the event of failure to produce the report mentioned in c of 6° of I within the time limit, the tax administration informs, within two months of the expiry of the aforementioned period, the operator dematerialization platform of the expiry of the validity of the registration number which takes effect within two months of this notification.
“When the audit report produced by the dematerialization platform operator finds one or more non-compliances, the latter is required, when it is transmitted to the tax administration, to inform it of the corrective measures taken to to remedy and the timeframe for their implementation. The latter cannot exceed three months after the date of submission of the audit report to this administration. In the absence of this information or if it appears that the corrective measures envisaged by the operator are insufficient, the provisions of the first paragraph apply.
Source Legifrance