The Belgian financial news paper "De Tijd" published an opinion by Bruno Lowagie: Sensibiliseren tegen factuurfraude kan overboord. In English, it reads like this:
Electronic invoices are legally binding in Belgium since 1 January 2013, but it frustrates me that the legislator didn’t define a standard format for invoices. Germany introduced the ZUGFeRD invoice. This is a PDF document that is compliant with the PDF / A-3 standard (which means that the text can read by humans) but that also has an XML attachment with the same information (so that it can be consumed by a machine).
This German example is being adopted in countries that are traditionally plagued by fraud. Thailand for instance, introduced the e-Tax invoice which was derived from the ZUGFeRD standard to improve the IRS’ processing of invoices.
We could go one step further. The government could require that a fingerprint of every invoice is stored there in the blockchain. Such a fingerprint is obtained using a 'cryptographic hash function'. That fingerprint —which we typically call a 'hash' in technical terms— doesn’t contain any usable data; the privacy of the customer is guaranteed. The identity of the seller however, is added by letting the seller digitally sign the hash value upon registering the invoice in the blockchain.
Such a system has several advantages. Suppose that we store the address of the blockchain of the Belgian IRS in the metadata of every invoice, then the software we use to open that invoice could tell us: 'I see that this document has been registered in the blockchain of the Belgian government . Should I check this invoice for you?’ If you hit the “Yes” button, you get the answer to the following questions:
- Does the invoice really exist? If the invoice is not registered in the blockchain, then there is a chance that it is a ghost invoice: do not pay!
- Was the invoice altered after it was sent? If the fingerprint of the invoice that you received differs from the fingerprint stored in the blockchain, then you might be facing invoice fraud.
- Who sent the invoice? Since the seller digitally signs the fingerprint when registering his invoices in the blockchain, you can perfectly check whether the seller is a party you know.
Does this sound too complicated? No problem! Consumers don’t need to worry. They can send their invoices to the bank, and the bank can use a simple blockchain tool to carry out these tests for you as a condition for the payment to be executed. It the invoice complies with the ZUGFeRD standard, you don’t even need any manual intervention to process the invoice.
In addition to benefits for the consumer, there are also huge benefits for the government. If every company registers all of its outgoing invoices in the blockchain, the government can count the number of invoices. A company that declares only 800 invoices, while there are a 1,000 invoices known in the blockchain, will be easily detected.
Incoming invoices can also be checked. A company could try to declare false incoming invoices, to lower its profits or get VAT refunds. That won’t work either, because those fake invoices won’t be found anywhere in the blockchain.
Why throw money at campaigns to warn companies of the dangers of invoice fraud, when there’s a perfect solution to avoid such fraud? What are we waiting for to implement this?