Antifraud Law software audit.
We audit the adaptation of the software until its approval.

Penalties of more than 150,000 EUROS.
AEAT Regulation — draft — already available.

Audit software Antifraud Law. We accompany you until the final approval, according to the AEAT. It has the guarantee of a specialized and experienced team in experts and software approvals before Organisms.

Recurso 15

Process validation

In our Anti-Fraud Law Software Audit we analyze the processes and use cases that affect the new law, especially the billing, accounting…

Recurso 16

Audit dimensions

We analyze the controls applied to the different dimensions, such as traceability, determining their sufficiency.

Recurso 14

Degree of compliance

We determine the level of compliance with all the controls that must be applied, including proposals for improvements.

What does our audit include

Since there is still no formal certification procedure, as CISA auditors by ISACA and experts collaborating with the justice, we propose the preparation of an audit report that includes the best practices of the industry aligned with the description of this Law , such as regulations TICKETBAI (Government of Navarra and Basque Government) or the NF525 standard of France, among others, proposing the following structure of the report:

  • Analysis of architecture, functionality and software processes that affect or apply to this law.
  • Verification of the different points of good practices selected, including some of other internationally accepted standards in terms of Confidentiality, Availability, Integrity, Traceability and Identity of ISO27001, ISO27002 or ISO27017, among others.
  • Report of gaps and recommendations, as well as proposal of an action plan for improvement.
  • Adhesion documents that end customers must recognize.
  • All this signed by a CISA auditor for ISACA and expert collaborator with justice.
  • Follow-up and accompaniment until certification in technical controls and requirements.

Anti-fraud law software audit in 5 phases.

As CISA auditors (Certified Information System Auditor), our method for software audit Antifraud Law includes the phases accepted in other information security standards and good practices that start from the understanding of the case to be audited to the recommendations for improvement and action plan, in a series of very different phases.

Software understanding

The definition of the use cases of the audited software that generally allow CRUD operations (Create, Read, Update, Delete) to be carried out on any record or transaction related to invoices, accounting, budgeting, stock movements, etc. is essential in order to understand the operation of the computer system, sometimes closely linked to the sector or sectors where it operates, to determine the key points that will mark the start of the next phase.

Compliance Dimensions

Once the sensitive use cases of being affected by the new anti-fraud law Article 201 bis Law 11-2021 have been determined, analyzed and understood, we determine the mapping of the dimensions required by this law (traceability, availability, etc.) and the controls that at the time of the audit they have been implemented for compliance.

Compliance controls

Assessing the risks, with a method based on risk scenarios, we determine the necessary controls to improve or implement, based on the good practices of the most important security and cybersecurity management standards, taking into account how it impacts the business model ( on-premise, cloud,…) both to the manufacturer and to the client and their obligations regarding the law. In this case we present a complete gap analysis.

Specification of the degree of compliance

Determined by the results previously obtained, we propose an analysis of the degree of compliance, including an action plan agreed upon with the client that ensures, before third parties, not only active concern for compliance with the law, but also an approach to resolving those gaps that arise. have been able to find, including our recommendations.

document signing

Finally, our report, signed by a judicial expert, CISA auditor, is delivered to our client offering a series of advantages, shown in the following block.

independent report

Have an independent report signed by a CISA auditor (Certified Information System Auditor) by ISACA and an expert collaborating with the justice system on the degree of compliance with the New Law.

Offer to third parties

Offer to third parties, clients and others, a report that objectively evaluates the good practices of the industry that apply to this law, the degree of compliance and, if applicable, an action plan for any gaps that may exist.

Official certificate

With this service, the client will be very close to complying with the official certification that will be published shortly, since the good practices for compliance with it are audited and evaluated.

MK Tools

As a marketing and strategic tool, you will be able to inform your clients and third parties of the audit that has been submitted, transmitting to your clients a level of professionalism and concern for the applicable regulations under this law, differentiating yourself from the competition.

Warranty And experience.

Signature and certifications
International validity

  • Auditor CISA by ISACA.
  • Auditor ANECA in the EURO-INF program.
  • ISO27001 by SGS.
  • Computer and telecommunications engineer.
  • Master MBA, PDD, Cybersecurity and Cybercrime (Deloitte).
Luis Vilanova Auditor CISA

We collaborate with Justice and AEAT.

  • AEAT Certified Digitization Auditors.
  • Digital advisor at
  • Member Association of Experts Collaborating with the Justice of the Communities of Madrid and Valencia.
  • Certified judicial computer auditor expert.
ley antifraude software. Auditor CISA

Luis Vilanova

Offices in Madrid and Valencia

+ 0
years of experience
+ 0
  • Leaders in the Spanish market.
  • Budget without commitment.
  • We audit, advise and accompany until the final certification.
  • Phases and methodology, audit and final report.
  • We accompany you throughout the entire process until your software complies.
  • Private area with documents of interest, regulations, for your company and clients.
Naji S.
Naji S.
Read More
Thanks to Luis Vilanova's team, we are successfully adapting our restaurant POS management software, with several thousand implementations, to Article 201 bis Law 11-2021.
Ignatius T.
Ignatius T.
Read More
Concerned about the new legal framework of the anti-fraud law Article 201 bis law 11-2021, we are carrying out the compliance audit with Luis Vilanova's team.
Read More
The audit of this software is key to adapting to the controls of traceability, availability, inalterability, legibility, etc. required by law.

are you interested


Please enable JavaScript in your browser to complete this form.
It affects you as:
How do we help you?

Informative clause Privacy Regulations


Please enable JavaScript in your browser to complete this form.
It affects you as:
How do we help you?

Informative clause Privacy Regulations