I would like to know the standard practice companies use when it comes to audit requirements for EDI invoices?


Q. (con't.) Meaning, I retain hardcopy invoices for a period of 10 years. Since EDI transmitted invoices basically consist of a file with the invoice data reflected in it, does this meet the audit requirement?

A. My first question is, are you referring to internal audit or IRS audit? And secondly, what countries do you do business with, as this effects the answer? Here are some general thoughts, however.

You say you are keeping paper for 10 years. The purpose of “e” invoices is to eliminate the paper so that the electronic document becomes the original and only source. Keeping multiple copies adds to the complexity of the audits.

For internal and government audits —you must obtain the requirements of the audit and only give the auditors access to exactly what they asked for. For example, for the month of March, all invoices over XXX dollars for XXX location.

What you need to maintain as an “e” original document depends on your country and the countries you do business with, as VAT, GST and SUT are very different. Here are some general requirements for electronic records:
• A unique invoice number
• Proof that the document integrity has not been tampered with, such as how the document was delivered, use of digital signatures, approved government systems
• Specific data fields (these are government controlled, VAT requiring the most)
• Approved archival of the invoice
• Assurance that protection laws are adhered to (concerning access to the data)

For the U.S., here are two IRS websites you can go to for more information:
• What kind of records should I keep: https://www.irs.gov/businesses/small-businesses-self-employed/what-kind-of-records-should-i-keep.
Publication 583, Starting a Business and Keeping Records: See page 12 for information on electronic recordkeeping.

Have more questions? Submit a request