The use of electronic signatures for the purpose of fulfilling legal requirements for authenticity and integrity (A&I) in electronic or e-invoicing has been discussed extensively in recent years and has resulted in high-quality signatures being either mandatory (e.g. in Latain America, Russia, Turkey and China) or a well-defined option (as in the European Union) for this purpose.
The freedom to choose A&I mechanism in the EU has resulted in a need to analyze the comparable strength and cost benefits of the different options. The legal benefit of a qualified electronic signature/seal – actual legal certainty – is well documented, however equally important architectural benefits are less known.
The basic requirement on any e-invoicing solution is to be able to evidence A&I from the time of issuance through the last day of the mandatory retention period. A typical technical implementation of a business process involves processing the invoice in a number of discrete technical components, such as creation, content checking, delivery, approval and archiving.
In a signature-based solution the data object itself (the invoice) carries bullet-proof evidence of A&I, readily available to be verified in any process step, the effect being that a change in the business process or the technical implementation of the document flow does not need to consider the implications for the A&I protection.
A solution not using signatures will have to ensure that appropriate A&I measures are always in place through each leg in a communication chain, processing in a system component or storing in an archive. The solution must also provide evidence of such mechanisms being in place historically, requiring proper control over documentation revisions, audit activities and corresponding audit reports. For an engineering team implementing a trustworthy e-invoicing solution the benefits of e-signatures are significant and should be considered before concluding on the comparable benefits of different legal options for compliance.