The Digital Operational Resilience Act (DORA) sets uniform rules for digital resilience in the financial sector — what does this mean for e‑invoicing providers?
EU Regulation 2022/2554 entered into force on 17 January 2025. An IT provider can be critical for one client but not for another — the assessment lies with the financial institution itself.
DORA sets uniform rules for digital resilience in the financial sector. Financial entities must manage ICT risks and reflect specific obligations in contracts with their IT vendors.
DORA distinguishes between standard ICT services and services supporting critical or important functions: if the failure of a service would materially impair a firm's financial performance or regulatory compliance, it triggers additional contractual obligations.
Must be included in every contract between a financial firm and an IT provider:
Additional requirements when a service supports a critical or important function:
In the CAL&F case study, e-invoicing is generally seen as an ancillary process:
Does not directly affect lending or factoring
Can be temporarily replaced by paper invoices
Many alternative providers available
Many financial firms deem e-invoicing non-critical and apply only basic Article 30(2) requirements. However, the final classification always rests with the bank or factoring company.
If a service provider considers its service non-critical, it sends a negative declaration — a statement that:
Even if a function is deemed non-critical, the contract must include mandatory Article 30(2) elements:
Provider agrees to give access to data and liaise with supervisory authorities.
Provider helps investigate and resolve ICT incidents at no extra cost.
Rules for retrieving data upon contract termination or provider insolvency.
Provider takes part in client's training and testing activities.
Invoice-Portal's logs and data enable clients to meet their monitoring and reporting duties: every event is recorded, documents are preserved in original form, and reports can be produced on demand.
New BMF Clarifications on Mandatory E‑Invoicing: What You Need to Know
/in eInvoice NewsThe Federal Ministry of Finance published new guidance on E‑Rechnung requirements, error handling, transition periods and validation — here’s what it means for your business.
DORA and e‑invoicing: assessing criticality
/in eInvoice NewsThe Digital Operational Resilience Act (DORA) sets uniform rules for digital resilience in the financial sector — what does this mean for e‑invoicing providers?
Greece: the e‑Invoicing mandate is pushed back
/in eInvoice NewsGreece is modernising the way companies issue and report invoices with structured electronic invoices validated via the myDATA platform, now with extended deadlines.
Mandatory E-Invoicing in Poland
/in eInvoice NewsPoland is moving forward with a major compliance change: mandatory electronic invoicing (e-invoicing) through the National e-Invoicing System (KSeF). This reform will transform how businesses issue and receive invoices.
Belgium Mandates PEPPOL ID 0208 for B2B e-Invoicing from 1 January 2026
/in eInvoice NewsStarting 1 January 2026, Belgium will require all B2B invoices between Belgian VAT-registered companies to be exchanged as structured electronic invoices via the PEPPOL network.
Christmas greetings from the Invoice Portal 2026
/in eInvoice News