E-invoicing is now a reality in Colombia, with 58 companies volunteering to begin e-invoicing earlier this year in the pilot program. Eventually ~50,000 companies will be required to shift to e-invoicing in the next few years. Companies in Colombia are faced with creating a comprehensive compliance strategy to avoid the fines and penalties resulting from invoicing errors and keep their operations running smoothly. As they weigh these options, four potential solutions are likely to emerge: 1) build a solution in-house, 2) leverage solutions offered by their ERP, 3) use a local vendor or 4) partner with a comprehensive regional solution.
On this blog, we’ve extensively examined the magnitude of the challenges faced and the vast resources needed to manage compliance in-house. We’ve also discussed the limitations and compliance gaps found in using an ERP alone. So today, let’s turn our focus to evaluating a local vs. regional solution.
Below are the top 7 questions companies should ask as they evaluate potential compliance solutions in Colombia.
How many solutions are needed for all facets of compliance, particularly billing, accounts payable and tax reporting?
In the eyes of the DIAN, Colombia’s tax authority, e-invoicing, receivables, payables, logistics and libros reporting are all tied together for a holistic picture of your business transactions and tax liability. Yet all too often, businesses manage these functions a la carte – a local AP vendor, a local e-invoicing vendor, etc. These processes must be integrated to ensure error-free compliance, so companies should consider a full-service solution that offers complete compliance. Not only will this preserve your time managing your compliance efforts, it will also help to ensure that all of your records are accurate and accessible. If the government sees these functions as interdependent, so should your business.
What is the single source of truth for transactions?
Most local compliance solutions house critical data and documents outside of the ERP. This approach means there is no single source of truth, as data is replicated in different systems and can even be manipulated by local users. Resulting discrepancies between the ERP, these third-party systems and government records create huge tax and audit risks. Instead, all e-invoicing and reporting in Colombia should be managed through your ERP to create single source of truth.
What mechanisms are in place to protect against audits?
A single source of truth is the first line of defense against audits – protecting against manipulation and discrepancies between systems, as well as providing transactional records. However, this is only the first step, as there are multiple processes in which errors can occur. Look for a solution that links all documents related to a transaction – from purchase order to invoice to tax reporting, as well as any cancellations and amendments – to ensure your records and reporting are comprehensive. Also look for a solution that verifies data – not just serving as a transmission engine, but actually ensuring that your data is consistent and accurate – and reports back errors before they can be sent to the government. Finally, look for a system that automates processes and reporting to minimize error risk and serve as an audit defense.
How is the certification process handled?
The DIAN requires mandated companies to certify their e-invoicing process in order to protect its systems from receiving bad data and lower support and training calls. There are two options to achieve this certification: 1) use a third-party certified vendor, or 2) certify your own internal accounting process. The DIAN states it this way in Decree 2242, Article 10: companies “must directly or through an authorized electronic provider, satisfactory provide the technical testing samples that the organization establishes, aimed to demonstrate compliance of the technical conditions of sending the electronic invoice, reception, rejection, and the other technical and operational conditions established.
The DIAN clarified further in its 2016 technical specifications: “In order to develop the activities that enable you to comply with the law, you must know the process, procedures and technological requirements for electronic invoicing. The objective is for your organization to have a software that can replace your current electronic invoicing and paper billing systems of Decree 1929-2007, for a more automated process with the new electronic invoicing system.”
Relying on a third-party certification is an acceptable approach for small businesses, but this method is too risky for large enterprises. This is a similar model used in Chile. Using this approach means that you are transferring critical data outside of your system of record to the third-party instead of using your native ERP solution. Plus, no matter the compliance solution you select, you will need to test, verify and certify your accounts receivable, accounts payable and reporting functionality within your ERP, so there is no reason not to complete the full certification process. It comes down to this – in the event of an audit, do you want to be reliant on a third-party, or do you want to know that there is a single source of truth? The penalties are too high to risk it, and no matter what, you are ultimately responsible for your own compliance.
What is your approach to constantly changing requirements?
E-invoicing mandates are still relatively new in Colombia, and they are likely to undergo many transformations as the DIAN refines its processes and looks for new ways to maximize tax revenues. In fact, it’s not uncommon for requirements to change once to twice per year in other Latin American countries that require e-invoicing. It’s important to understand how your compliance solution will adapt to these changes. Will new mandates result in unbudgeted upgrades, or is compliance offered at a fixed, predictable cost? Likewise, will changes require significant adaptations to your ERP structure, or does the solution offer a hybrid cloud approach that delivers compliance directly into native applications, eliminating the need for constant ERP upgrades and maintenance?
What internal support is required?
One of the biggest costs of compliance is the internal resources that it takes to manage. Some third-party systems still require a significant amount of internal management when it comes to implementation, change management and support issues. It’s important to get a full understanding what will be required of your team during launch, maintenance, upgrades and when an issue arises. It’s also critical to understand what support your solution offers – is it 24/7, or just during business hours? Is it in Spanish only, or English as well? Who should be called in the event of an issue – is there one centralized process, or are multiple parties involved? Understanding these issues will help you get a true picture of the cost of compliance.
What are the biggest risks associated with compliance requirements right now, and where do you see compliance headed in the future?
While more of a philosophical question than one on solutions and capabilities, asking potential vendors this question will help you determine whether they grasp the full implications of compliance on your business and whether they approach compliance as a partnership or simply as a technological solution. If the answer is more technical in nature – discussions of transmissions, PDFs and folios, for example – it’s an indication that they don’t understand how requirements truly affect clients and their core business. Compliance errors and gaps result in severe fines and even operational shut downs, meaning they can have a significant impact on the bottom line. Vendors who understand this impact are more likely to be a true partner in ensuring seamless compliance.