THE FISCAL SYSTEM:

SECURING PUBLIC REVENUE

A White Paper by:

Tony Aidinis, ELPOS SA / MALIPONET Ltd
2011

Contents
1. Introduction: The problem of securing public revenue..............................2
2. The Fiscal System: What is it?...................................................................3
3. What Economic Sectors can be covered?..................................................4
4. The History & Evolution of Fiscal Systems.................................................5
5. Kenyas Example: A big step forward for Africa.........................................8
6. Technical Specifications for Fiscal ECRs / ETR Terminology.......................9
6.1 ETR Terminology...................................................................................9
6.2 ETR Specifications..............................................................................15
7. The Electronic Signature Device (ESD) Technology.................................16

THE FISCAL SYSTEM: Securing Public Revenue

page 1

2011

1. Introduction: The problem of securing public

revenue
Paying your taxes is something nobody can argue against. Citizens must
contribute to the society they live in the taxes required by the law. No society can
survive on foreign funds and no society can survive unless its members contribute
for its welfare in a fair way.
How and on what the tax money are spent is a totally different story. Governments
must, of course, spend the money on supplying the society with better
infrastructure, better hospitals, better schools and create a social safety net to
protect the poor and underprivileged. There can be no argument against paying
taxes on the excuse that a corrupt government does nothing with that money to
actually help the society. In a democracy there can be no arguments like this: if a
government does not perform as expected, it loses power and is replaced by one
that will live up to the expectations of the people. In a democracy there are no
dead ends and no excuses for a citizen to deny paying taxes.
Unfortunately, societies are not made of angels. And, of course, you get to have
villains on both sides of the fence: you can have corrupt tax evaders on one side,
but you can also have corrupt government officers on the other, too. This is reality.
In every country in the world, in every civilization, there is always a mix of people:
you have law abiding citizens and you have people that will always show a
complete disregard of law, order and sense of duty. You have people that the only
sense of duty they have is the duty to make the most profits for themselves.
To make things even worse, the modern economic environment is a complicated
network of complex computers, networks, relationships, opportunities and
legalities that make proper tax verification and collection a very difficult task
indeed.
So, how can a government go about securing public revenue?
Every tax authority in the world, in any country, be it developed or not, faces the
same problem. Admittedly some countries with very developed economies can
rely on their huge industries to provide the public revenue they want. Germany
can rely on its huge industries to provide sufficient revenue and does not need to
worry controlling a great number of small businesses. But countries like Greece,
for example, where one has a huge number of small businesses and very little big
ones, one has to find cost efficient ways in securing the public revenue.

THE FISCAL SYSTEM: Securing Public Revenue

page 2

2011

Today a great number of both developed and developing countries come to rely on
the so called fiscal system which we will examine in detail in the following
pages.

THE FISCAL SYSTEM: Securing Public Revenue

page 3

2011

2. The Fiscal System: What is it?

The basic idea behind the fiscal system is this:
Create a trusted device that will record all economic activity and
provide evidence of this in a technically easy and undisputed way. Make
everyone use such devices and use that data to control revenue. Use
advances in technology (GPRS - Internet) to automate the process.
The so-called fiscal solution to the problem of securing public revenue, either in
the form of income tax or VAT tax, must be viewed as a whole system with legal,
technical and auditing aspects of equal importance.
Key components in a fiscal system:
i)
ii)
iii)

iv)

v)

vi)

A clear and specific law is in place

Detailed technical specifications for
the devices that are to be trusted
with tax information
The tax authority must control
conformance to the specifications
and issue approval before any device
can be sold
There has to be an active
enforcement via controls, inspections
and legal adjustments so that
everyone will use the device
the tax authority should plan all
future audits so as to make
maximum use of the tax reports
stored in fiscal devices
NEW TOOL: Use of GPRS Modems
to automate (iv) and (v) above

Key benefits of a fiscal system:

i)
ii)

iii)

iv)
v)
vi)

A clear line of liability is created so

nobody can evade the system
without assuming too much risk
Because of this line of liability and
the embedded security features of
any approved device the data coming
from the device can be trusted
Proper enforcement and stability of
the system make everyone realize
that there is an objective reporting
system in place
Objective data means less corruption
Objective data means a fair economic
environment
Objective data means increased
public revenue

THE FISCAL SYSTEM: Securing Public Revenue

page 4

2011

THE FISCAL SYSTEM: Securing Public Revenue

page 5

2011

3. What Economic Sectors can be covered?

Building a fiscal system means that you target to control specific economic
sectors. The concept of having a trusted fiscal device to record economic activity
and helping the auditors examine objective data to decide about the tax liability of
a person can be applied to virtually any kind of economic activity. Usually
governments try to target the most important economic sectors and then build on
that experience to expand control in more sectors.
For example, you target the retail activity in all kinds of shops and then you can
take that experience to initiate control on public transport or gasoline stations or
taxis or entertainment markets.

The timing of fiscal deployment and the sectors it will cover is decided by the tax
authority taking into account the countrys specific situation. Targeting most high
volume or profit sectors comes usually first, and sensitive geographical areas (for
example, extremely poor zones) are usually either exempt or fiscalized last.
NOTE: The Fiscal Electronic Signature Device (ESD) is not only used for B2B
sectors. It is a most flexible device and today is widely used to fiscalize any PC
based retail installation.
THE FISCAL SYSTEM: Securing Public Revenue
page 6

2011

4. The History & Evolution of Fiscal Systems

1983

Italy introduces fiscal law

Italy was the first European country
to introduce a law about secure
storage of VAT and turnover data for
the retail sector.
Italy pioneered the fiscal law in an
effort to control its high number of
small to medium size businesses and
secure public revenue coming from
VAT and income tax. Today over 1
million fiscal devices are in use in
the country covering

1989
Greece introduces fiscal law
Greece followed Italys example soon
after.
Greek
economy
is
characterized by a very large
number of small businesses and the
most cost effective way of securing
public revenue from small tax payers
is the use of fiscal devices which
became mandatory in the retail
sector. Today more than 300,000
fiscal devices are in use.
In 2003 Greece expands the fiscal
law to include Electronic Signature
Devices to control Business to
Business (B2B) commerce. Today
120,000
businesses
issue
all
financial documents using ESD
technology.
All technologies are approved by
European Union.

2006

Central East Europe is fiscalized

Today almost every east / central
European developing country has
adopted one kind or other of fiscal
system.
Latest country to introduce the
system is Sweden in 2010 using a
highly advanced Electronic Signature
Device for all tax payers.
THE FISCAL SYSTEM: Securing Public Revenue
page 7

2011

Italy, Greece, Sweden, Poland,

Bulgaria, Romania, Hungary, Serbia,
Macedonia, Bosnia, Ukraine, Cyprus,
Malta, Latvia, Lithuania, Russia,
Turkey

What happens in the rest of the world?

Apart from Europe, a lot more countries around the world are already fiscalized.
Most important examples are Brazil and China!
Is there a global fiscal standard?
No. The countries we call fiscal have adopted different approaches to suit their
specific economies.
By calling a country fiscal we are actually saying that the key components of a
fiscal system, as described above, are present in a country. That is to say you
have a specific law, special security specifications, supplier and device approval
and clear enforcement / auditing procedures.
A country can chose different specifications from another, so there is no universal
fiscal system that can be accepted by different fiscal countries.
For example, in China a fiscal cash register must use government supplied paper
only and must have a smart card connection through which an auditor can get
direct access to tax data.
These features are unique for China as no other country places such requirements.
Nevertheless, we call China a fiscal country because it has the key components of
a fiscal system in place. This does not mean that you can take a Chinese fiscal ETR
and get approval for it in Czech Republic, for example.
Different specifications apply and to get a license in a country you have to follow
the specifications put forward by that countrys authorities.
What is the technological framework of a fiscal system?
A fiscal system attempts to create a trusted, secure device for tax data
collection, storage and reporting. So, common to all variations of fiscal
systems, you find specifications that make use of the following:

a non-volatile, permanent memory, independent of power supply, must

be provided in the fiscal device
a host of security features: mechanical, such as the fiscal seal,
electronic, such as the separate non-volatile secure memory,
software, such as the inherent stability and safety of the software
THE FISCAL SYSTEM: Securing Public Revenue
page 8

2011

running in fiscal devices and organizational such as the approved

service engineers
the fiscal devices communicating with PC or other electronic systems
have intrinsically safe protocols with no back-doors that will allow
external commands to alter secure data
service operations by a technician are time and date stamped,
recorded in secure memory and have strict limitations so they can not
be performed more than a few times
The time and date of the fiscal ETR is secure and trusted as it can not
be changed by the operator. A change of date or time requires a
service code only a registered and authorized technician know and the
operation is recorded in secure memory

What are the results of a fiscal system implementation?

No matter how good a system may look in theory, we all know that the ultimate
test is the result it produces. Fiscal legislation is about creating a tool of auditing
targeted to eliminate tax evasion. So the ultimate test of the system is what
results it produces in terms of decreasing the number of tax evaders and in
increasing total tax revenue for the state.
According to data collected the first five years of fiscal law implementation in
Greece in 1989 - 1994, the fiscal law implementation achieved an immediate 18%
increase in revenues by first year of implementation and a steady 5% increase
(over and above the 3-4% normal increase in the size of the economy) in VAT tax
revenue for every consecutive year. This number, when viewed over the whole of
the economy makes a really big difference in state revenue and the fact that
remained steady for many years proves that such a measure is a long term
success if followed properly.
But the increased state revenue is by no means the only benefit coming from
fiscal adoption:
For the law abiding citizens, fiscal adoption means a step towards a
more fair society since everybody is forced to pay his share of taxes.
For the businesses alike competition loses any unfair advantage under
fiscal scrutiny.
For the tax authorities it means less time and effort wasted in futile
investigations.
In short, by going fiscal a country aims to achieve:

higher annual revenue from taxes (Greece: +18% first year)

a fair marketplace

streamlined tax auditing with less wasted effort

boost the level of technology used in business

THE FISCAL SYSTEM: Securing Public Revenue
page 9

2011

prepare the electronic commerce environment

The simple fact that, starting from a single fiscal country in Europe in
1983, we have more than 19 fiscal countries in 2010 nine of which are
members of the European Union and two of which are into the Euro zone,
proves beyond doubt that this system not only provides true benefits but
is also hard to replace with something more efficient.

5. Kenyas Example: A big step forward for Africa

2005

Kenya introduces fiscal law

Kenya is the first of the African
countries to investigate the
possibilities of fiscal tools for
improving public revenue.
KRA officials did a thorough research
on European legislature and arrived
at establishing a Kenyan fiscal law
with the most up to date technical
specifications.
Kenya is in a totally different
economic phase than the European
countries. The fiscal reform is not
just another effort in collecting
money: it profoundly changes the
business environment, fights
corruption, creates adequate
technical infrastructure and
enhances employment of technically
competent people.

THE FISCAL SYSTEM: Securing Public Revenue

page 10

2011

Such a reform obviously touches on

every tax evader. Tax evasion within
a fiscal environment becomes much
more risky than before. This explains
why the reform was met with fierce
opposition during 2005 early 2006,
with traders going to court against
KRA over fiscalization.
Every government was met with
resistance when trying to enforce
fiscal regulations but whenever there
is political will the project goes
through. So far not a single country
in the world was stopped by the
opposition from implementing these
regulations.

THE FISCAL SYSTEM: Securing Public Revenue

page 11

2011

6. The Electronic Tax Register (ETR) Technology

Fiscal Cash Registers are designed to work on most retail outlets in a standalone
fashion, without the need of any connection with a PC or other systems.
Fiscal Electronic Cash Registers (or Fiscal ECRs) are also referred to as Electronic
Tax Registers (ETR) to reflect the fact that are specially designed equipment and
not normal, non-trusted and non-fiscal Electronic Cash Registers.
Modern ETRs come with the capacity to be connected in networks with other IT
equipment or even be part of a GPRS wireless network so that they can supply
real time data to centralized servers for auditing or business reporting.
Because ETRs play a central role in any fiscal system, we present here ETR
Terminology and Technical Specifications that must form the basis of any
good fiscal implementation:

6.1 ETR Terminology

Here are some fundamental concepts and terms used today in all Fiscal Systems:
Fiscal Memory Module (or simply FM):
This is an electronically and physically secure non-volatile
memory where all tax totals are stored in the form of
specific records (Z records) per day. It follows that a FM
must have the capacity to store daily Z records for as many
years as are necessary by each countrys Tax regulations.
For a 5 year data retention, 5 X 365 = 1825 records are
needed. Each record holds separate totals per VAT category
used in the country.
The FM is a separate electronic module that is covered with
epoxy resin in such a way as to be virtually impossible to
separate the module from the bottom plastic casing of the ETR.
Fiscal Memory Reading Port:
All ETRs should have an Input/Output port that the tax authorities can use to gain
access to the FM data by simply plugging in a standard PC. This port may be any
of the standard PC industry types: Serial RS232, USB or Ethernet. All types are
accepted as long as the manufacturer supplies the Tax Authority with proper
software to enable such FM reading.
Fiscal Seal:
The most common and basic form of physical protection for all ETRs / ESDs is the
Fiscal Seal. The Fiscal Seal is a chemical sealant (wax or other) that covers one
screw in such a way that the plastic case cannot be opened unless someone
breaks the seal.

THE FISCAL SYSTEM: Securing Public Revenue

page 12

2011

This protection has worked well over the years but it is now
complemented by a host of other, software based, features such
as technicians passwords and detailed records of every technical
intervention in the FM.

Fiscal Memory Map:

A Fiscal Memory Map is the structure in terms of
electronic records that are kept in the FM.
Details of every record are specified by Tax Authority
according to the specific needs.
An example of Fiscal Memory Map is shown here
depicting all obligatory records.
Note that there are separate record groups for:
a) Header Records that keep the Owners Data such
as VAT number, Address etc
b) CMOS Resets Records that keep the time and date
a Technician has performed CMOS (Hardware) Resets
c) Technician Service records that keep the time and
date a Technician has entered his passcode
d) VAT Rates keep records each time a change in VAT
rate was made
d) This is the main area of everyday Z records with all numerical totals recorded.
e) This area is specific to Ethiopian standards: the tax payers TIN number is
stored here
a) H

Communication Protocols:
Protocols here mean a specific set of commands and instructions that the ETR
can follow to transmit or accept data from an attached PC, GPRS Fiscal Modem or
other such device.
To ensure data protection and authenticity, the Manufacturer must declare that
there are no hidden commands in the ETR protocols that can perform actions not
documented in the literature.
ETR - GPRS Fiscal Modem Protocol:
This is a set of commands that are needed so that the ETR can connect and
transmit data via the GPRS Fiscal Modem. It needs to be defined so that external
GPRS modems can connect and operate correctly.
SERVER - GPRS Fiscal Modem Protocol:
This is a set of data structures and commands that the GPRS Modem needs to
understand in order to correctly connect and transmit data to the Tax Server.
VAT Categories:
THE FISCAL SYSTEM: Securing Public Revenue
page 13

2011

Each country uses different VAT categories: one country may use, for example,
VAT Category A with VAT rate 4% and one VAT Category B with VAT rate 18% and
another country may use 5 categories with VAT rates 4%, 8%, 18%, 36% and 0%.
As rates of VAT may change by government decision the VAT categories are used
as variables to hold VAT rates.
Any change in VAT rates cannot be entered into the ETR by the user (to avoid
meddling with the rates) but it needs an authorized technician to break the seal of
the ETR and change the rates after giving his password, while the whole change is
registered permanently in the FM.
Departments (DPT):
Departments are groups of similar products (Items or PLUs).
For example, the Department named BEVERAGES may include the specific items
0,5lt Water, Coca Cola, PEPSI and lemonade while the Department named MENS
SHOES may include Black Leather shoes of all sizes, sports shoes of all sizes etc.
In the Fiscal System it is obligatory to use AT LEAST as many departments as there
are VAT Categories.
The reason for that is that every VAT category is mapped and paired with at least
one Department.
In this way, the operator can sell all items that are taxed at VAT rate of Cat A
under DPT1 and all items that are taxed at VAT rate of Cat C under DPT3 etc.
See Examples in the User Instructional Leaflet
Price Look Up Tables (PLU):
PLU means simply an individual item (product) that is separately sold.
The name comes from old time use of non fiscal cash registers and simply means
a database stored in the ECR where the machine can look up at a table of items
and find the price of every item together with many other data like the
Department where this item belongs to, description of the item, quantity that is in
stock, barcode code for the item etc.
Under a fiscal system it is NOT necessary to oblige the user to use that level of
detail. Most small shops and small businesses do not have either the knowledge
nor the capability to use thousands of different entries in a PLU database.
What is of paramount importance in a Fiscal System is that the sale of an item to
be recorded under the proper for the item Department representing the proper
VAT rate.
See Examples in the User Instructional Leaflet
Barcode Coding:
Although detailed use of item coding may not be practical or even possible for a
small shop, all large shops that deal with thousands of items must use some form
of control and follow their sales on a per item basis.
For such organized recording the use of Barcode Codes on every item is
mandatory and usually is taken care of by the manufacturers of the individual
products.
As far as the ETRs are concerned, Barcode Coding is supported in the PLU
database and electronically by the availability of communication ports to which an
external Barcode Scanner is connected.
See Examples in the User Instructional Leaflet
THE FISCAL SYSTEM: Securing Public Revenue
page 14

2011

Legal Receipt:
This is the paper slip that the buyer is getting from the merchant that documents
the transaction.
In Fiscal Systems a Legal Receipt is clearly marked with the words START LEGAL
RECEIPT in the beginning of the transaction and the words END OF LEGAL
RECEIPT at the end of the receipt.
The Tax Authority must specify what must be printed in a Legal Receipt.
For example, should there be separate printout of the VAT the tax payer is paying
or is it enough to mention the VAT inclusive price?
Illegal Receipt:

Electronic or Paper Journal:

Journal is the exact copy of any receipt or report that is printed out of an ETR or
ESD.
A copy can be maintained in 2 possible forms: it can be either a PAPER COPY
(PAPER JOURNAL) or an ELECTRONIC COPY (EL. JOURNAL).

CMOS Reset or Service Reset:

CMOS Reset is comparable with pressing CTRL ALT DEL in
a PC.
It basically REBOOTS the ETR system
ERASING (RESETING) ALL variables of the
system in the process.
This effectively ERASES the TAX TOTALS of
the specific day that have not YET been
stored in the FM because the user did not
get a chance to perform Z report.
CMOS Reset is a last resort operation when
the system has hanged down or crashed
and no keyboard or other external
operation is possible.
Because CMOS Reset will erase the daily
totals that are not yet stored in FM (but
NOT the FM Z records that are non-volatile) there are SECURITY
features that make sure only AUTHORIZED and TRUSTED
technicians can perform the RESET.
These procedures include (a) breaking the fiscal seal, (b)
setting specific jumpers (as shown in picture at the left)
THE FISCAL SYSTEM: Securing Public Revenue
page 15

2011

Authorized Service Technician:

Maintenance Service Booklet:

Every ETR / ESD is accompanied by its Service Booklet. This is a special booklet
with pages where the authorized technician must record and properly sign every
time service is performed, whether this involves CMOS Reset or VAT Rates change

THE FISCAL SYSTEM: Securing Public Revenue

page 16

2011

Z Report:
Z Report (the name reflects the fact that it is the LAST action taken every day like
the letter Z is the last letter of the alphabet) is calculated and printed at the end
of the day. Each Z report is then securely stored as a separate record in the FM.

6.2 ETR Specifications

THE FISCAL SYSTEM: Securing Public Revenue
page 17

2011

The Tax Authority should formulate the Technical Specifications that must be met
for an ETR to be accepted as Fiscal Devices.
These Specifications come in 4 parts:
PART 1:
Security & Quality of the Device
These specifications must ask for:
1.1
Presence of a Fiscal Seal
1.2
Declaration of Manufacturer about security of Fiscal Module
1.3
Declaration of Manufacturer that the product follows International Standards
(CE mark)
1.4
Declaration of Manufacturer about spare parts availability for 5 years
1.5
Each ETR is UNIQUELY numbered and identified in factory so it carries a
unique ID
PART 2:
Electronics and Peripherals Specifications
These specifications must ask for:
2.1
At least one standard communication port so that a tax auditor can attach a
cable and read fiscal memory contents right from the ETR. One of RS232,
USB or Ethernet must be provided.
2.2
Capacity to attach an EXTERNAL GPRS modem with proper protocol support
2.3
Various usability and ergonomic restrictions, for example a minimum height
of screen numbers, minimum size of printed numbers and letters on the
receipt printer etc
2.4
Electronic Journal type and specifications allowed
PART 3:
Software Functions, Printouts and Protocols
These specifications must ask for:
3.1
Number of VAT Categories to be supported
3.2
Structure of a Legal Receipt
3.3
Structures to be allowed as Illegal Receipts (Statistic Reports,
Advertisements, Coupons etc)
3.4
Contents of obligatory reports like Z Report / Auditing Printouts
3.5
PC communication protocol (if any) to be submitted and Manufacturer
Declaration of Protocol Security
3.6
GPRS Fiscal Modem communication protocol (obligatory)
PART 4:
Specific Product Literature such as Manuals, Service
Booklet etc
These specifications must ask for:
4.1
Submission of Users Manual
4.2
Submission of Authorized Technicians Service Manual
4.3
Submission of Service Booklet

THE FISCAL SYSTEM: Securing Public Revenue

page 18

2011

7. The Electronic Signature Device (ESD)

Technology
The concept of electronic signature :
For the tax authorities the concept of electronic signature has the following key
characteristics:
1. the electronic signature device (ESD) has a fiscal memory, just like the retail
ECRs
2. the electronic signature device (ESD) has a unique serial number just like
the retail ECRs and is uniquely assigned to the business that buys it
3. the electronic signature device (ESD) is used in conjunction with the PC
system of a company that is running the accounting software normally used
to print the financial documents such as invoices etc.
4. each and every financial document, to be valid and acceptable, must bear
at the end of it the electronic signature
5. each and every financial document is kept as electronic copy in computer
files, together with its electronic signature as issued by the ESD
6. The companies do not need anymore to keep paper copies of their financial
documents since now the tax authorities have a trusted device (the fiscal
memory in the Electronic Signature Device) which can certify beyond doubt
the authenticity of the computer file
To whom does the fiscal electronic signature apply?
This law applies to any computer based, printed tax documents issued to a third
party.
Here 'tax documents' include every document in business to business transaction
and every document in business to consumer transaction (retail).
These tax documents mainly are invoices and transportation documents. If
your accounting software issues (prints) invoices to third parties or goods
transportation documents, it certainly needs to be upgraded to the new law. If
your accounting software does not issue such documents you don't need to do
anything. If you issue such documents by hand, again you do not need to do
anything.
If you issue only retail receipts you can chose between cash register/fiscal printer
technology OR Electronic Signature technology. Electronic Signature Technology is
much more cost effective in places with more than one service point. This happens
because a single Signature Device can be networked and electronically sign all
documents issued by many PC stations. Networking can be such that a single ESD
device in the central offices in one city can be used to sign and authenticate
financial documents issued by a point of sale located in another city!
How does it actually work?
THE FISCAL SYSTEM: Securing Public Revenue
page 19

2011

It works based on fiscal memory. Fiscal Memory is a device the authorities

can trust. This means that the tax authority can trust the electronic signatures
stored in fiscal memory. Beginning with this undisputed and trusted signature, the
authorities can verify the authenticity of any document stored in electronic form in
the users PC and accounting software.
This law in a nutshell has three requirements:
Suppose you are to print an invoice or even a Retail Receipt from a PC based
equipment.
1. the text of the invoice / receipt passes through the 'Electronic Signature
Device' and gets a signature created by algorithm HASH-1. The electronic
signature is 40 bytes long and is printed at the last line of the invoice
document, along with some other information like the devices serial
number and date/time.
2. the text of the invoice / receipt is saved in a file named DDMMSSSSS_a.txt,
the
digital signature is saved in a file named DDMMSSSSS_b.txt, the
DDMMSSSSS part of the name meant to contain day, month, serial number
of document and serial number of ESD
3. You do that for every invoice / receipt of a day
4. at the end of the working day you request from the ESD to perform the
HASH-1 algorithm over all the _b.txt signatures of the day. The electronic
signature thus created is saved in a file under the name DDMMSSSSS_c.txt
and also kept in ESD's fical memory (PROM memory).
This is called a 'Z' report.
So, for every working day you keep in your computer (or server) a number
of
_a.txt and _b.txt files which correspond to the tax documents you issued
that day and one _c.txt file that contains the signature of all _b.txt
signatures of that day.
The idea is that now you do not keep paper copies of your tax documents
and
you issue tax documents on plain paper.
The _a.txt and _b.txt files are enough.
The tax authority when auditing the authenticity of tax reports will:
a) read from the ESD fiscal memory the _c.txt permanent
record for any given day.
b) Using this _c.txt signature will verify all the
_b.txt signatures kept in your computer for that day and
c) Using the _b signatures will verify the _a.txt document which is the
copy of the original issued invoice.

THE FISCAL SYSTEM: Securing Public Revenue

page 20

2011

BEFORE
ESD
Normal, Un-fiscalized Accounting

Very difficult to audit

Chaotic systems and formats
No trusted platform
No authentic electronic files
Loss of files due to crashes
leave no evidence behind

unauthenticated files mean

nothing

AFTER
ESD
Accounting with Electronic
Authentication

ESD

ESD acts as a trusted, external peripheral, simple to access directly and

independently of PC installation
audits can be automated through special software
all electronic files kept in non-secure PC environment are authenticated
through the trusted device and can be electronically communicated
the files have now the status of OFFICIAL documents and regular backups
are mandatory
with the exception of very old, DOS-only PCs all other computer
environments are supported: Win98, Win2000, WinXP up to Win7, Linux,
Unix, AS400
THE FISCAL SYSTEM: Securing Public Revenue
page 21

2011

What are the benefits of this technology?

The use of electronic signatures has the following benefits:

A. Benefits for the user:

A1. USER KEEPS HIS PREVIOUS HARDWARE AND SOFTWARE:
This is the strongest point of ESD technology: thanks to the ingenious use of
DRIVERS, the ESD will attach itself to ANY PC installation using the provided
DRIVERS without forcing the user to change anything in his existing
infrastructure. This means that the user will continue to work as he used to,
with his existing software and existing printer/PC.
A2. NO PAPER COPIES NECESSARY:
An additional important benefit for the user is that all paper copies are not
necessary anymore. Once electronic files of documents are authenticated with
this technology then they are the only copies a user must keep for any tax
inspection.
The reason is that ELECTRONIC SIGNED FILES can be VERIFIABLE by the ESD
signature.
This means that a company can forget about keeping paper archives of its
documents, saving on storage and handling costs. This saving alone can pay
for the implementation, especially in large companies.
Furthermore, electronic files are much more easy to duplicate and thus
protected by regular backups. Electronic files do not take up any space and
they can be duplicated as many times as it is necessary to be safely archived.
A3. ANY PRINTING MEDIA ALLOWED:
The invoices or Receipts can be printed on any paper using any technology
(laser, inkjet, dot matrix) and any printer.
Because there is no need for paper copies and the electronic copies are enough
for the law, the company can issue single sheet invoices using any type of
technology. This was previously unavailable because of the need of many
paper copies that meant that you had to use dot matrix impact technology and
chemical paper copies.
A4. PROOF OF INNOCENCE OR GUILT:
The trusted fiscal memory in the device can prove beyond doubt the
innocence of the end user in case some dispute arises with the authorities. This
means that the el. Signature works both ways: it can prove that a user
committed a tax crime or it can prove his innocence.
THE FISCAL SYSTEM: Securing Public Revenue
page 22

2011

A5. NETWORKING: End users that operate many points of service can make
use of networking. This means that with just one Electronic Signature Device
plugged into the Ethernet network all documents (retail or business to
business) printed by any point of service in the network can be validated and
fiscalized.

B. Benefits for the tax authorities

B1. COMPUTERIZING THE TAX AUDITING PROCESS:
The verifiable, authentic electronic files and the fiscal memory device make it
possible for the tax authorities to use computers and software to verify
instantly a large number of invoices (or retail receipts digitally signed) for their
authenticity to the last letter and digit.
In this way, the workload of the inspectors gets much less and so the same
number of tax inspectors can perform much more controls with great
improvement not only in numbers but also in accuracy.
B2. LESS WORK FOR TAX AUTHORITIES:
The local tax authorities issue an electronic signature device to a certain
company / user that covers all the needs of the user to issue tax documents.
This saves a lot of time and personnel for the tax authority that was previously
needed to control and authorize the issue of electronic documents for the
various companies in the tax territory.
B3. LESS DISPUTES:
Because of the nature of the fiscal device, much less disputes arise during a
tax inspection. The fiscal memory can provide indisputable evidence for the
innocence or guilt of the user.
B4. INCREASED TAX REVENUE:
Thanks to the tight security and the accuracy of all financial records
authenticated by the electronic signature, the revenue of the tax payers is
revealed and taxed much more easily, providing significant increase in tax
revenue.
In conclusion, Electronic Signature Fiscal Devices is the next logical step
forward in the tax auditing technology.

Questions and Concerns regarding ESD

1. What is the effect of system crashes and errors?
Whether there is an ESD in a system or not, a system error or crash has exactly
the same effects. If the crash would cause loss of files without the ESD it would
cause loss of files with the ESD.
Since the ESD device is an external peripheral, immune to viruses and system
crashes, all authenticating signatures are safe against system crashes. However,
THE FISCAL SYSTEM: Securing Public Revenue
page 23

2011

the electronic files themselves, kept only in the PC system, are not only crucial for
auditing but, with the ESD in place, have the status of official accounting books.
This means that the tax payer should take care of proper backups as loss of files is
equal to loss of accounting evidence, punishable by the tax authorities in exactly
the same way as it would be done with paper evidence.
Without the ESD, loss of files is still critical for any business but not punishable by
the tax authorities as the un-authenticated files have no real auditing value (they
can easily be manipulated).
With the ESD, loss of files is CRITICAL and the user MUST take care of his data by
taking regular backups. Negligence or bad practices are not tolerated.
Without the ESD audits are based on paper books and unsecured computer
reports. Paper accounting books can be lost or destroyed, thus making audits
impossible. Making safety backups of paper is very difficult and time consuming,
so purposeful or accidental elimination of paper data is easier.
With the ESD audits are based on electronic files stored in computer systems.
Paper copies have no meaning because they can not be checked for their validity
automatically. Making safety backups of electronic data nowadays is easy,
automatic and cheap. RAID arrays, USB disks, CD burners, USB sticks, tape
backups are all widely available and cheap. The user is responsible for keeping
proper computer safety practices and backup regularly his data.

2. What are the technological security measures that ensure that the
HASH-1 algorithm can not be fraudulently manipulated in favor of tax
avoidance?
An attack against the ESD system would NOT attempt to change the HASH-1
algorithm in the first place. The HASH-1 used in the ESD is an international
standard and can be executed in exactly the same way by any PC software as well
as by the ESD itself. If one was to manipulate the ESD internal HASH-1 algorithm
to produce a different result than the original, the very first time an audit would
take place will disclose the fact simply because the same HASH-1 is executed by
the audit software and should produce exactly the same signature.
The only way to attack the system is simply not to use the system!
If one is really using the ESD system to print his financials he has to report exactly
what he printed out because the audit will automatically find out if there is any
discrepancy between what was printed and what was reported.
If one is NOT using the ESD system:
(b)
(c)

just prints
a garbage signature on his invoices without even turning on his ESD or
accidentally deletes his electronic files making audit impossible or
(d)
print correct invoices using correct signature from his ESD but then
manipulate the files in his PC to show different totals than the originals
THE FISCAL SYSTEM: Securing Public Revenue
page 24

2011

(e)

prints correct invoices using correct signature but uses copies of the same
invoice to circulate many times different goods
In (a) and (c) above the very first audit would pinpoint immediately and
automatically the problem.
In case (b) the user has to explain why he failed to produce regular backups and
face an audit that will then be based on circumstantial evidence plus heavy fines
for his negligence
In case (d) any inspection that will examine a printed invoice with the time and
date stamp coming from the ESD (which by the way provides secure time
stamping also) will immediately reveal what is happening and the user will face
the relevant penalties.
To conclude we will repeat what was stated in the beginning: the FISCAL system is
NOT about buying a device that magically will turn everything clear. The FISCAL
system involves having a whole network of proper inspections and audits in place.
When you have such a system in place, then the risk for a tax evader is getting
higher and higher. Tax evasions are always present. By installing proper systems
the authorities aim to make the risk for tax evasion be so high that the overall
effect will be to make people think three times before they attempt to evade their
taxes.

THE FISCAL SYSTEM: Securing Public Revenue

page 25

2011

6. The Bigger Picture: Value Multipliers & New Services

An attack against the ESD system would NOT attempt to change the HASH-1
algorithm in the first place. The HASH-1 used in the ESD is an international
standard and can be executed in exactly the same way by any PC software as well
as by the ESD itself. If one was to manipulate the ESD internal HASH-1 algorithm
to produce a different result than the original, the very first time an audit would
take place will disclose the fact simply because the s

THE FISCAL SYSTEM: Securing Public Revenue

page 26

2011