Audit-proof storage of documents in the Fabasoft Cloud
In Germany, Austria and Switzerland, commercial and tax legislation demand that bookkeeping be kept in a way as to allow an informed third party to gain insight into an organisation’s business transactions, documents and overall situation within a reasonable period of time. In addition to that, Germany requires since 1 January 2017 that the “principles for properly maintaining and storing books, records and documents in electronic form and for data access” (GoBD) also apply to the archiving of emails that are relevant to business.
The Enterprise edition of the Fabasoft Cloud allows for the revision-safe and GoBD-compliant archiving of documents, in particular of invoices and personal documents. The electronic format of these records is therefore equivalent to an original record on paper. Furthermore, emails from specified mailboxes can automatically be imported into the Fabasoft Cloud to perform archiving in full recognition of legal requirements. In using the Fabasoft Cloud legal requirements are fully met, bookkeeping efforts are significantly reduced, and processes are automated in a revision-safe manner allowing for traceable archiving. Printed documents no longer need to be stored.
To activate the revision-safe archiving of business documents in the Fabasoft Cloud, several configuration steps need to be carried out. On the basis of an example, this Whitepaper describes how you can configure the Fabasoft Cloud to store invoices in a revision-safe manner.
Using the Fabasoft Cloud to electronically store and archive business documents offers the following benefits:
- Usually more cost-effective than traditional paper archiving with its requirements on space and organisational effort, primarily in the case of longer retention periods (such as for invoices)
- Considerably higher accessing speed and comprehensive search options for archived documents
- Decentralised access on data – also for mobile end devices (smartphones) via secure connections
- Avoiding media disruptions and printing or copying costs
- Improved revision safety (GoBD-compliant)
- Higher transparency and full traceability through the auditing of any access, the administration of user rights and processes
- Reduced personnel expenses
Certification according to IDW PS 880
In April 2016, KPMG Advisory GmbH certified the Fabasoft Cloud according to IDW PS 880. Following the audit on revision safety by German, Austrian and Swiss commercial and tax legislation, KPMG awarded the certification according to IDW PS 880. The Fabasoft Cloud thus complies with the retention obligations required in Germany, Austria and Switzerland (GoBD-compliant archiving) – in particular with regard to the archiving of and the controlled data access on business documents, invoices and personnel files. In an IDW PS 880 audit, an independent auditor checks whether and to what extent a software solution supports the retention obligations of the valid commercial and tax legislation (revision-safe or GoBD-compliant archiving) of the respective country to meet the compliance required for electronic document management.
With regard to German legislation, the following standards were applied:
- The statutory provisions of German commercial and tax legislation (in particular Art. 238 ff. HGB as well as Art. 140-148 AO),
- Art. 14 UStG (Value Added Tax Act),
- Principles for properly maintaining and storing books, records and documents in electronic form and for data access (GoBD), the Federal Ministry of Finance’s circular letter regarding the “generally accepted principles of computerised accounting systems (GoBS)“ of 7 November 1995,
- The Federal Ministry of Finance’s circular letter on the “Principles of data access and the auditability of digital records” (GDPdU) of 16 July 2001 taking into account the modifications of the Federal Ministry of Finance’s circular letter of 14 September 2012,
- The pronouncement “Principles of Proper Accounting When Using Information Technology” (IDW RS FAIT 1) by the Technical Committee on Information Technology (FAIT) of the Institut der Wirtschaftsprüfer in Deutschland e.V. (IDW, Institute of Public Auditors in Germany),
- The pronouncement “Principles of Proper Accounting When Using Electronic Archiving Procedures” (IDW RS FAIT 3) by the Technical Committee on Information Technology (FAIT) of the Institut der Wirtschaftsprüfer in Deutschland e.V. (IDW),
- IDW auditing standard 330 “Closing Operations Check When Using Information Technology“ (IDW PS 330) by the Main Technical Committee of the Institut der Wirtschaftsprüfer in Deutschland e.V. (IDW) and
- IDW auditing standard 880 “Examination of Software Products” by the Main Technical Committee of the Institut der Wirtschaftsprüfer in Deutschland e.V. (IDW) in its version of 11 March 2010.
The following Austrian retention obligations were reviewed:
- the Austrian Commercial Code (UGB, in particular Art. 190 and 216),
- the Federal Fiscal Code (BAO, in particular Art. 131 and 132),
- the Generally Accepted Accounting Principles (GoB),
- the Data Protection Act (DSG, in particular Art. 14),
- the expert opinion “Generally Accepted Principles in EDP Accounting“ (KFS/DV1) and
- “Closing Operations Check When Using Information Technology” (KFS/DV2) by the Technical Committee for Data Processing of the Institute for Business Economics, Tax Law and Organisation of the Austrian Chamber of Public Accountants
The following Swiss retention obligations were reviewed:
- the statutory provisions of the Swiss Code of Obligations (OR Art. 957 ff.) and
- the Swiss Business Records Ordinance (GeBüV)