A new law in France is threatening to cause major headaches for e-commerce platforms.
First off, thanks to Olivier Karfis for the heads up on this, and the links that helped me understand what's going on.
This started two years ago because French politicians decided to combat VAT fraud.
As part of this clampdown, they ruled that all transactions need to be temper-proof. In other words, whether you are taking payment online or offline, you should not be able to modify a transaction after it has occured.
How does this help fight VAT fraud? According to WPFR, some cash register vendors included a secret feature allowing merchants to cancel sales after the fact. By doing this, they didn't report the sales, and didn't have to pay VAT.
Couldn't this be done by PayPal / Stripe / Braintree? No, because there are possible loopholes there. For example, you could easily just process payments as "Check" or "Cash on Delivery" and then cancel the payment later.
Doesn't this impact just Point of Sale systems and not ecommerce? That's what everyone thought, until October 2017 when the French government decided not to exclude online platforms.
Who could feel the impact of this law?
To be honest, most of the burden will fall on e-commerce platforms.
- B2B companies are exempt because they send invoices to customers.
- Companies that don't collect VAT are exempt.
- Self-employed people are exempt if they make under €82,800 annually.
2018 is a grace period. But starting in 2019, non-compatible systems will suffer a €7500 fine every 30 days. Apparently the software code has to be "validated" by an institution and that inspection costs an average of €6000 and takes 4 months to complete.
How are software platforms responding?
Not very well so far.
WooCommerce did issue some guidance, but that was back when everyone expected ecommerce platforms to be exempt. The current WooCommerce plans seems to be to rely on Jetpack and record every single transaction from your store to a locked/unmodifiable backup so that you can show a log of all transactions.
This will likely be done on the Vaultpress system (soon to be renamed Jetpack Backups). Apparently WooCommerce are planning on offering this for free, but there are many potential complications including refunds, multi currency stores, etc. Automattic have a legal team working on possible solutions and workarounds.
Prestashop is a French company so they may feel the full force of this law. They seem to be the only other solution working on a fix.
As with many of these onerous laws, it's one thing to issue a law like this, and its another issue to force compliance. ECommerce platforms are already working hard to adapt for the Europe-wide GDPR rules that will arrive in May.
There's very little available on this law in English yet, and most of what I've learned is from a Google Translate version of this article by WPFR.
If you know any more about this new law, please leave a note in the comments. I'll update this post as we learn more.