Treasury, Tax Control Plan 2022. It focuses on the control, sanction and surveillance of dual-use software in the self-employed, SMEs…

Hacienda, Plan de Control Tributario 2022

In this post we want to break down some issues that are cited in this good article in relation to the use, marketing and development of software that violates the software anti-fraud law article 201bis, in relation to double billing and box B of billing and collection systems .

This article underlines that in 2022 the focus will be on the use of this type of computer solutions and comments on a series of issues regarding sanctions and compliance with technical measures. Next we want to comment on some of the key issues discussed in this post:

“…The Tax Agency has already said that it will once again focus the Inspection on…controlling dual-use software and cash….”

“…Sources from the Ministry of Finance and Civil Service told this newspaper that the publication of the Tax Plan will be “imminent… monitor, for example, dual-use software”.

“…For several years, the Tax Administration has been vigorously pursuing the use of these digital programs that allow B accounting for businesses and, therefore, a smaller declaration. However, it was not until just three months ago that strong dissuasive measures were implemented. Since it was last October when the sanctions of up to 50,000 euros came into force for the self-employed who used or simply had in their possession this type of fraudulent programs…”

As we have been saying in our presentations -recently at the Madrid Chamber of Commerce – the law applies from October 11, 2021- and for months we have been helping dozens of companies -generally computer development- to comply with said law of their solutions.

“… it is still early to know how the control that has been carried out in recent months in which the sanctions have been in force has worked…”

“… it is pending to develop part of the regulations that will allow 100% control of the use of this type of program. As he said, “the Law establishes a regulation regarding the fraudulent use of these programs, with penalties for use or possession of up to 50,000 euros. But now there is a lack of regulatory development regarding the manufacture, marketing and distribution of the same ” said the expert…”

The sanctions that may have been carried out since October 11, 2021 have not been published, despite the lack of regulatory development, our recommendation is that all software that generates invoices and collections ensure their levels of compliance with the law through our audit so that it prevents Any operation that can be used as parallel billing or B box.

“… The objective of the standard will be to develop “technical specifications that must be met by electronic devices and computer or electronic systems and programs that support the accounting, billing or management processes of those who carry out economic activities, as well as the requirements to be duly certified and their standardized formats for their legibility. […] For an assurance of the quality of the information, the trust in the undue inalterability of the data, the traceability of the same and the prohibition of the use of the so-called sales suppression and manipulation software”, as reported by the Ministry in the Annual Regulatory Plan….”

As we work in our audits, the dimensions of integrity, legibility, traceability, conservation, etc. are key to secure all software that generates invoices. Our audit increases the level of compliance with the law and brings us closer to future certification in compliance with security measures.

“…Regardless of the development of this future regulation, what is clear is that since last October 11 the self-employed can be fined up to 50,000 euros for using or simply possessing dual-use software. The experts consulted by this newspaper proposed a simple example to understand the fraud that is carried out with these programs: a self-employed worker who is in charge of a bar wants to pay less VAT on his quarterly return, so he makes the bad decision of stop registering some of your customers’ drinks. As most of them ask for a ticket or pay by credit card, the self-employed worker is forced to enter ‘too many’ amounts in the register, so they make the second bad decision: buy dual-use software. With this program you can eliminate as many money entries as you want so that, if there is a Treasury inspection, they are not reflected and the technicians cannot detect the money that has entered, but has not been declared…

Months ago, in our post we talked about the 3 levels or categories that billing software can have:

Level 1 punishable. Intentional.

Functionalities that could be interpreted by the sanctioning body as intentionally allowing bad practices that in turn enable situations of fraud or B-box. For example, suppose that the creation and deletion of a company leaves no trace in the software, allowing work with accounting in parallel, among others…

Level 2 punishable. Bad practice by design.

That software that allows manipulations not strictly designed for fraud, but that could be used by the user, such as deleting an invoice that has already been sent or printed, in a state of already issued and registered, among others…

Level 3 punishable. due to lack of controls.

Suppose that a facility can be accessed directly and bypassing all the security of the data stored in the database and modifying the amounts in an invoice, without leaving a trace or alert of that alteration of a transaction already carried out, among others…

What the expert comments on in that article is set to what we call Level 1 Punishable Intentional. Precisely a level that most of the software that we audit and help to comply with the new anti-software fraud law does not have. Levels 2 and 3 are especially those that require more effort and should be the focus of the Tax Agency in our opinion.

“…However, as of today, it is no longer necessary for the inspection to detect the possible hidden accounting of a self-employed person, since the new anti-fraud law introduces a specific sanctioning regime for the mere possession of these fraudulent programs in the business. This means that it is no longer necessary to find the hidden and undeclared accounts.

Indeed, and as established in article 201 bis, the sanction can start directly from the possession of this type of software that violates any of the 3 levels mentioned.

“Next, the reasons included in the new law for which a program can be considered dual-use and the inspection could impose a sanction on the self-employed person for having it in his business:

That allow different accounting.

That allow not to reflect, totally or partially, the annotation of transactions carried out.

That allow recording transactions other than the entries made.

That allow altering transactions already registered in breach of the applicable regulations.

That they do not comply with the technical specifications that guarantee the integrity, conservation, accessibility, legibility, traceability and inalterability of the records, as well as their legibility by the competent bodies of the Tax Administration. For what is lacking, as mentioned above, a regulatory development

That the manufactured, produced or marketed systems are not certified, being obliged to do so by regulatory provision.

Other aspects that the Tax Plan will monitor this 2022”

Sections all treated in our audit report that already enjoy dozens of success stories, being able to see some of them in this link through a complete evaluation of risk scenarios based on use cases, controls and action plan as well as subsequent monthly follow-up of the progress.

We congratulate this publication of the portal and we invite all our clients and potential clients to follow us on our website or contact us to be able to collaborate in increasing the security of their systems and compliance to the maximum possible of the new anti-fraud law.


Please enable JavaScript in your browser to complete this form.
It affects you as:
How do we help you?

Informative clause Privacy Regulations


Please enable JavaScript in your browser to complete this form.
It affects you as:
How do we help you?

Informative clause Privacy Regulations


Please enable JavaScript in your browser to complete this form.
It affects you as:
How do we help you?

Informative clause Privacy Regulations