LAF_LOGO_BN_1

Deadline October 2021. Anti-fraud Law Article 201 bis Law 11-2021

These days we are helping a software development company, which includes, among other billing and accounting functionalities, for its audit in relation to the Anti-Fraud Law Article 201 bis Law 11-2021, regarding dimensions of inalterability, traceability and other issues. that ensure that the software does not allow, among others, the use of box B.

Deadline October 2021. Anti-fraud Law Article 201 bis Law 11-2021

In our collaboration with this client we have carried out the following phases:

1. Analysis of the software in all cases of use that allow the creation, modification, consultation or elimination of information regarding delivery notes, invoices and accounting.
2. Study of technological design, understanding the architecture and implementation modalities. Let us remember that the anti-fraud law article 201 bis law 11-2021 not only transfers responsibility and sanctions to software manufacturers and providers but also to the companies that use it. For this, we detect all the issues that the client should accept through an adhesion document, such as backup policies in on-premise installations.
3. Analysis of control points that the development company has implemented in the different dimensions of confidentiality, integrity, identity, availability, traceability,… in the different use cases. This question allows us to understand the degree of compliance as well as the main gaps that the developer company has in complying with the law.
4. Risk analysis and evaluation. Based on the use cases, we detect the different scenarios that could be applicable and recommend improvements to reduce or avoid these situations.
5. Finally, our report will contain not only the fit with the new law, but also the recommendations, policies and adherence document that allow our clients to be proactive in complying with this new law.

Conclusions

The adaptation of a software that allows invoicing or accounting to the new anti-fraud law is not a simple matter since it requires not only interpretation of the law, but also adaptation to the good practices of systems auditing and software engineering, going through the measures of information security and cybersecurity recommended in good practices such as standards ISO27701, ISO27017, ISO27025… among others. That is why we recommend to all software manufacturers, given the deadline that ends in October 2021 for its adaptation, that they go to experts like us to have an independent report, signed by a certified auditor, legal expert, that demonstrates and explain not only the degree of adaptation and improvement plan but also the proactivity that the development company has had regarding this matter.

READY TO HELP YOU!

Please enable JavaScript in your browser to complete this form.
It affects you as:
How do we help you?

Informative clause Privacy Regulations

¡TE AYUDAMOS!

Please enable JavaScript in your browser to complete this form.
It affects you as:
How do we help you?

Informative clause Privacy Regulations

READY TO HELP YOU!

Please enable JavaScript in your browser to complete this form.
It affects you as:
How do we help you?

Informative clause Privacy Regulations