Sign in 

GoBD in Germany: What you need to know

  1. Introduction
  2. What does GoBD refer to?
  3. Who do the GoBD regulations apply to?
  4. What documents are covered by the GoBD?
  5. What is GoBD compliance?
  6. What are the principles of the GoBD?
  7. How does GoBD-compliant process documentation work?
    1. Example: Scanning documents
  8. How does GoBD-compliant archiving work?
  9. What software is GoBD-compliant?
  10. What are the consequences of GoBD breaches?
  11. Get started with Stripe 

All businesses that operate in Germany are subject to the obligations associated with the GoBD. To avoid heavy penalties and back payments, businesses should become very familiar with the statutory provisions relating to bookkeeping. Our article explains what the GoBD is, who it applies to, and what principles it covers. We also explain what GoBD compliance means and how businesses can document their processes and archive documentary evidence in keeping with the GoBD.

What’s in this article?

  • What does GoBD refer to?
  • Who do the GoBD regulations apply to?
  • What documents are covered by the GoBD?
  • What is GoBD compliance?
  • What are the principles of the GoBD?
  • How does GoBD-compliant process documentation work?
  • How does GoBD-compliant archiving work?
  • What software is GoBD-compliant?
  • What are the consequences of GoBD breaches?

What does GoBD refer to?

The abbreviation GoBD stands for “Grundsätze zur ordnungsmäßigen Führung und Aufbewahrung von Büchern, Aufzeichnungen und Unterlagen in elektronischer Form” (or, principles for the proper keeping and retention of books, records, and documents in electronic form). The GoBD is an administrative regulation from the German Federal Ministry of Finance. It sets out the basic principles that businesses need to observe and comply with in terms of digital accounting. The main areas covered are the recording, processing, and archiving of tax-relevant documentary evidence.

When first published in 2014, the GoBD replaced the “Grundsätze zum Datenzugriff und zur Prüfbarkeit digitaler Unterlagen” (or, principles of data access and auditability of digital documents—abbreviated to GDPdU) and the “Grundsätze ordnungsmäßiger DV-gestützter Buchführungssysteme” (or, principles of orderly computerized bookkeeping systems—abbreviated to GoBS). An updated version of the GoBD was published at the end of 2019, which has been in force since January 1, 2020.

Who do the GoBD regulations apply to?

The GoBD applies to businesses of all sizes—from small businesses to major corporations. Self-employed individuals and freelancers are also obliged to comply with the GoBD. According to the GoBD, all taxpayers must comply with the provisions in question—regardless of whether they have to keep records. The responsibility remains with the taxpayer, even if they outsource some or all of their bookkeeping and recordkeeping activities to third parties such as tax consultants.

What documents are covered by the GoBD?

The GoBD essentially applies to all data of relevance to taxation. According to Section 147 paragraph 1 of the German Tax Code (AO), this covers things such as books, records, management reports, annual reports, inventories, business and trade-related correspondence, and any kind of accounts-related documentary evidence. This means not just a business’s own outgoing accounts-related documentary evidence, but also incoming documentary evidence. Besides incoming invoices, this may include business correspondence or also emails that contain references to tax-relevant matters.

As a basic principle, businesses need to retain the data concerned for 6 or 10 years—the period will depend on the document type (see Section 147 paragraph 3 of the German Tax Code). Within these periods, auditors must be able to gain a full overview, within a reasonable time, of electronic bookkeeping at the business concerned. In any given case, the data in question will depend on the industry and the business itself. Generally speaking, the following are relevant for tax purposes:

  • Bank accounts
  • Financial accounting and payroll
  • Cost accounting
  • Accounts-related documentary evidence
  • Data from cash register systems
  • Asset accounting

What is GoBD compliance?

Businesses must ensure they are GoBD-compliant. This means that GoBD rules must be complied with for the entire duration of any retention periods. This applies to all tax-relevant data and documents—regardless of whether these are in digital or paper form. All business processes must be represented and retained in a manner compatible with completeness, accuracy, fidelity, traceability, orderliness, and timeliness.

What are the principles of the GoBD?

The main principles of the GoBD are:

  • Traceability and verifiability
  • Completeness
  • Accuracy
  • Timely entries and records
  • Orderliness
  • Unalterability

The principles of traceability and verifiability are paramount in the GoBD. It obliges businesses to keep comprehensive process documentation. The content, structure, sequence, and results of any data processing must be documented in a way that can be understood and can be traced back. No accounting entry may be made without corresponding documentary evidence. Process documentation is also imperative for GoBD-compliant cash management. The process described in the documentation must be fully consistent with the process adopted in practice. Any amendments in terms of process documentation must be recorded to ensure traceability from a history perspective.

Completeness means every business transaction, without exception, must be documented within the scope of the retention periods. All documents that need to be retained must be backed up individually along with any component parts. In relation to both income and expenditure, documentary evidence must feature things such as a unique document number, a date, an amount, quantities, and both the issuer and recipient.

Accuracy is achieved if all business transactions are documented in a truthful manner and archived in the form of documentary evidence. This also includes assigning business transactions to the correct accounts, so deciding which business transaction is to be entered on which account is important.

For the purposes of GoBD compliance, both the entry and when it is recorded are important. To meet the requirements of a “timely entry,” each business transaction must be entered promptly after it occurs. However, a distinction is made between transactions with and without cash: incoming and outgoing cash register monies involving cash must be recorded daily, and cashless transactions must be recorded after 10 days at the latest.

The principle of orderliness obliges businesses to keep orderly accounts that allow tax consultants and auditors to quickly get their bearings. In order to ensure traceability for third parties at all times, certain aspects of orderliness must be observed and entries must be recorded in a systematic manner. For example, cash and cashless entries must be documented separately. The same applies to any taxable, tax-free, and nontaxable revenue. All documentary evidence must be available in its original format and be both read-only and machine-readable.

Unalterability means it must be possible to identify the original content of each document at any time during the retention period. If any content is altered or deleted in documents, this must be fully documented in a transparent manner. Items need to be logged in an end-to-end chain, in which every step is traceable and signposted. Documents that have been altered must be stored in a new version. It must also be impossible to alter the version history after the event.

How does GoBD-compliant process documentation work?

Businesses are obliged to record not only their documentary evidence, but also the processes adopted—for example, the scanning of documents. In terms of process documentation, the entire process is described from both an organizational and a technical perspective.

Process documentation covers information on:

  • Sources of information
  • Indexing
  • Processing
  • Storage
  • Retrievability
  • Machine-readability
  • Data security against loss and falsification
  • Reproduction
  • Process for recording, processing, and retention of documentary evidence
  • IT used
  • Establishment of security measures
  • Logging of access authorizations
  • Internal checks of compliance with rules

Example: Scanning documents

Businesses must make digital backups of all documentary evidence—this also applies to paper documents such as incoming invoices. Just like invoices sent by email, these need to be both recorded and filed away. Paper documentary evidence is scanned for this purpose as part of process documentation.

The GoBD stipulates that the scanned version must match the appearance of the original document. It is important, among other things, to ensure colors are fully replicated so any pointers and markings are also visible on the scanned version. The original document in its original form must no longer be altered (e.g., through additions or comments). If amendments are made to the original, the document will need to be scanned again. A clear link to the first version must also be created. Businesses are obliged to document both the scanned versions and the guide for the scanning process. This guide must define the following points:

  • Who is authorized to scan documents?
  • What content is scanned?
  • When does scanning occur?
  • Does the original document need to be retained even though it has been scanned?
  • What is done by way of quality control to ensure the scanned version is complete and legible?
  • What does the error log need to contain?

How does GoBD-compliant archiving work?

Businesses should use special software for archiving purposes. Documents stored on USB drives, hard drives, or in the cloud do not meet the high requirements of the GoBD since—unlike with archiving software—amendments cannot be logged on, say, local data carriers, so there can be no protection against falsification. This means documents are easy to manipulate. In addition, it is impossible for tax offices to check compliance with retention periods unless archiving software is used.

With the help of the software, all documents can be stored in a traceable manner and protected against amendments—particularly as a result of unauthorized access. Strict legal requirements apply to the transfer of documents to the archiving software. These include data protection as per the General Data Protection Regulation (GDPR) and the “Gesetz zum Schutz von Geschäftsgeheimnissen” (German Trade Secrets Protection Act—abbreviated to GeschGehG). The underlying IT must also guarantee secure operation.

Tax-relevant emails from business correspondence may also be stored using a special archiving software. Here too, a simple backup option—such as in an email mailbox or on a hard drive—is not sufficient.

What software is GoBD-compliant?

There are several providers of GoBD-compliant software. These must fully satisfy all GoBD principles. Neutral service providers test the programs and award a label accordingly to indicate GoBD compliance. This certification can help businesses find the right software. But any decision for or against any specific program should also take the business’s own circumstances into account.

The software should offer the flexibility of tailoring internal business processes to current requirements.

What are the consequences of GoBD breaches?

Businesses proven to have breached the GoBD may face heavy penalties from the tax office. The financial authorities may conduct audits at any time in principle. These will involve checking both financial accounting data and any process documentation for irregularities. Breaches of the GoBD are regarded as shortcomings in accounting terms. This is equivalent to a transgression of statutory obligations relating to bookkeeping and retention.

In the event of any shortcomings in terms of bookkeeping, the relevant tax office may estimate a business’s tax base in accordance with Section 162 of the German Tax Code. This will prove expensive for businesses in most cases as the authorities tend to overestimate rather than underestimate the figure. Other possible tax consequences include back payments or the imposition of interest on back payments. However, the breach itself does not automatically entail a penalty. In other words, the tax office does not punish every single error. There is only a risk of penalties if the error leads to further shortcomings in terms of bookkeeping, the financial position is distorted, or individual items are concealed.

A breach of the bookkeeping obligation may also have consequences in criminal law. These include investigations into the following matters:

  • Insolvency offenses
  • Suppression of documents
  • Breaches of rules
  • Other matters involving tax and administrative offenses

More articles

Ready to get started?

Create an account and start accepting payments—no contracts or banking details required. Or, contact us to design a custom package for your business.