Tag: Compliance

EN 16931 is being updated ERP providers and software vendors in the Peppol network need to be ready.

The revised EU e-invoicing standard is expected mid-2026, bringing stricter validation rules, expanded data requirements, and new implications for Peppol and e-invoicing platforms. Read the blog to understand what’s changing and how to prepare.

The UK’s mandatory e-invoicing mandate starts on 1 April 2029, but software vendors need to prepare now. Businesses that invoice UK companies should assess Peppol readiness, Access Point and SMP infrastructure, and build-vs-buy options well ahead of compliance deadlines.

The days of emailing a PDF invoice to French business partners are numbered. We break down the mandate, the five-corner model, and how to get compliant before the deadline.

As tax reporting moves into real time, identity can no longer be assumed. In a world of continuous transaction controls and outsourced compliance, tax authorities must instantly know who is submitting a report, on whose behalf, and under what authorization. Without verifiable identity, automation breaks and trust with it.

Belgium’s B2B e-invoicing mandate is now law. From 1 January 2026, nearly all Belgian VAT-registered businesses must send and receive structured electronic invoices using Peppol BIS Billing 3.0, aligned with EN 16931. PDFs and paper invoices will no longer suffice. The framework also prepares Belgium for near real-time VAT e-reporting by 2028, with penalties for non-compliance already defined.

Understanding the difference between a Peppol Certified Service Provider and an Accredited one is key to scaling across jurisdictions. Certification proves technical compliance with Peppol standards, while accreditation is local legal approval. Arratech helps you simplify both with pre-certified, pre-accredited infrastructure.

The OpenPeppol PKI migration is a mandatory, breaking change that moves the Peppol network from G2 to G3 certificate authority chains. Service Providers must support both G2 and G3 by February 2026, with all G2 certificates revoked on 1 April 2026. The migration increases security but adds technical complexity, making dual-PKI support, testing and timely cut-over essential to avoid service disruption.

OpenPeppol is introducing mandatory security updates for the Peppol network. From 1 February 2026, all Service Metadata Publishers (SMPs) must operate exclusively over HTTPS, and CNAME-based SML lookups will be fully replaced by NAPTR records. These changes improve security and scalability but require Access Point and SMP providers to update certificates, DNS records and software in line with strict transition timelines.