By Dr. Olaf Horst
Legal compliance is a regularly recurring topic, also in this blog, because poses companies with several challenges. A new policy from the Federal Ministry of Finance, the “Principles for proper management and storage of books, records, and documents in electronic form, and for data access,” known as GoBD, is one such challenge.
Rule of thumb #1: New beats old: Principles for proper management replace GoBS and GDPdU
The new principles for proper management have been in place since January 1, 2015 and replace the GoBS and GDPdU. The GoBD contains many regulations that have to be implemented on the IT side (IT compliance). We will give you an overview of the most important regulations and show you how they can be implemented pragmatically. It is best to ask your about the accounting regulations.
Rule of thumb #2: More clarity through more specific regulations
In contrast to the predecessor versions, some of which are decades old, the principles of proper management contain considerably more specific regulations concerning the treatment of accounting-relevant data in IT.
Rule of thumb #3: Simple data systems (file systems) are not enough
According to the provisions of the General Tax Code (§ 146 (4) AO), an accounting entry or recording must not be altered in such a way that the original content can no longer be ascertained. Derived from this, the GoBD now stipulates for IT that the electronic procedure must ensure protection of the accounting information. Data and documents may not be changed or deleted once they have been entered into the accounting process. Subsequent changes must be clearly recognizable as such. For example, this is not necessarily the case with open Office data. The GoBS also expressly points out that keeping the data in the file system does not meet these requirements.
»This is a clear argument for an ECM system: Here you always have an overview of your data and can reliably prevent subsequent changes or accidental deletion by using access restrictions. Subsequent changes (version management) or additions (notes) are clearly identifiable as such. Data can be stored according to the retention periods and securely archived.
Rule of thumb #4: Documenting goes beyond…: Obligation for procedure documentation
An essential part of the new regulations is the procedure documentation. The new principles for proper management specify in detail how the data processing of accounting entries and documents must be documented. Procedural guidelines must describe how the processing steps and storage of the data are organizationally and technically structured. According to the GoBD, the procedure documentation must be understandable and thus auditable “for a knowledgeable third party in a timely manner.”
»The procedure documentation usually consists of a general description, user documentation, technical system documentation, and operating documentation. (» Our “Digital archiving white paper” gives an overview of the most important aspects of digital archiving and procedure documentation.)
>More on “GoBD Explained – Part 2 – How it Works in Practice”
How GoBD-compliant are your document processes?