What is Infocert’s action on a day-to-day basis?
Previously, economic activity was not digitized. It was carried out through shops and physical stores. Today digital predominates and software is the vector of economic activity, hence the importance of ensuring that these fundamental bricks, software, are solid and comply with current regulations. All this is the responsibility of Infocert, which is one of the technical secretariats of AFNOR (Association Française de Normalisation).
The audit of software publishers allows us to issue them, together with the AFNOR Certification, NF certificates that are a guarantee of quality and a competitive advantage. Through our repositories, we offer a structured, clear, readable and auditable framework for building and selling software while benefiting from the reputation of the NF brands. Every business needs reliable and compatible software. Our intervention as an independent third party allows us to identify solutions that meet a standard. We work to guarantee the maintenance of its quality over time and its improvement.
In addition, Infocert is preparing to become a certification body. A status that will allow us from tomorrow to deploy our own certification marks. We are already thinking about electronic filing software, those related to the IoT, the Metaverse…
Is software certification your only activity?
Infocert also leads working groups. These working groups bring together publishers, users, experts and are a privileged place of exchange between players in the ecosystem. In particular, they allow identifying the salient points for the applicability and efficiency of regulatory changes. This consultation allows then to send queries, suggestions and contributions to the competent bodies and the State, in order to facilitate the implementation of legislative changes.
We invite software publishers to join them, so they can discuss with each other and raise legitimate points with us. We then discuss it on your behalf with the relevant agencies and the state. By way of example, e-invoicing reform is one of the hot topics of the moment, with, according to the latest news from the E-Invoicing Mission meetings, a test phase on January 1, 2024 for volunteers, before of an official implementation on July 1, 2024 for all companies, regardless of their size in receiving flows.
It is critical that software publishers and companies know all the results and meet regulatory expectations. This reform will have a great impact on our daily lives! If the software is not adapted to it, companies will no longer be able to issue their invoices or collect payments.
We favor training to anticipate changes in regulations. To date, we have trained over 1,000 companies on all kinds of topics, including cash register software and systems compliance and e-invoicing reform.
I also invite entrepreneurs, artisans, liberals and merchants to consult our webinars. They are clear and include point by point the most outstanding elements of the future reform, which is based on the e–billing and e-reporting. As such, it may be worth remembering that Infocert is also Qualiopi certified: our training courses are supported by OPCOs. Therefore, software publishers can easily access quality information.
What are your references?
The certification validates the conformity of the software, the existence of adequate documentation and a quality management system. A product certified in NF525, for example, will be a product whose users will have the guarantee of being able to call assistance, and that the software will be maintained over time. We also adapt to market changes to create new brands. Our current certifications are:
· NF525, for tax compliance of collection systems (B2C transactions). Some people are still unaware of it, but since January 1, 2018, all B2C flows (merchants, artisans, entrepreneurs, platforms, etc.) subject to VAT must comply with the provisions of article 88 of the so-called “anti-VAT” . fraud. The NF 525 mark responds to this by offering a trusted certification;
The NF552, which provides users (DPO — data protection officers —, data controllers, CISOs — information systems security managers —) GDPR compliance;
· NF399, which ensures the interoperability of emergency services;
· NF203, which certifies the quality and compliance of ERP software (commercial management, digital safe, etc.);
· NF469, which certifies vehicle driving assistance software.
How does a certification process start?
You must send us an email to [email protected] or contact us by phone at 01 40 17 04 05 (Monday to Friday from 9 a.m. to 6 p.m.). We are very responsive! Charities will answer questions from companies and software publishers to help them get started on this certification work.
The certification process is simple and takes 4 to 5 steps. Together we define the need for certification. As soon as the signed quote is returned to us, and after receiving the certification reference documents, the work of integrating the rules into the software begins. Our teams will also invite you to join our working groups, which will allow you to be in contact with many other publishers, whether they are international giants or SMEs.
We encourage all companies that have developed their software in-house (B2C, B2B, vault, archive, etc.) to contact us. Joining the Compliance Working Group provides an effective forum to discuss common concerns. We are thinking, for example, of the disappearance of the receipt, the reform of the electronic invoice, the impact of the GDPR on databases, compliance testing for software that collects B2C flows, etc.
Regarding NF525, what is the risk of a merchant using software without proof of compliance?
The risks weigh on the user, but also on the publisher of the software. For example, during an unannounced visit directly to business premises, tax officials may assess a penalty for lack of proof of compliance (such as an NF525 certificate).
However, there are still users who are not yet aware. In addition, publishers are exposed to very significant risks if certain criteria of inalterability, security, conservation or archiving are not effective (the texts provide for prison sentences in some cases, as current affairs can sometimes remind us). Therefore, awareness work should be done with software publishers. All are eligible for certification. It is never too late to improve quality, benefit from the visibility of the NF525 and show that we are on a virtuous process.
Once the certification work begins, we can quickly send the publisher a certificate of effective progress. It will allow you to demonstrate to tax authorities and potential customers (restaurants, bars, shops, etc.), that your software is indeed part of a certification process, and that you will soon be able to provide them with a certificate of compliance. This topic must be taken very seriously: controls are multiplying and more and more software publishers have commercial and reputational problems due to fines from their clients. In addition, controls between publishers are intensified.
How do you anticipate regulatory changes?
We are under permanent surveillance, and we participate in many meetings with various bodies and working groups. This is necessary to fully understand the impact of the electronic invoicing reform in the coming months, for example. The notion of a paper invoice will disappear in favor of digitized flows, which must correspond to a data model. However, all operators in the chain (publishers, platforms, etc.) must then speak the same language and benefit from the same information.
On this subject, we can point out that Infocert is already working on the creation of a compliance chain (Data Conformity Chain) to improve the market visibility of the actors in coherence with each other, and that, tomorrow, it will allow companies to guarantee that your bills are duly paid.
This content was produced with SCRIBEO. The BFMBUSINESS editorial team was not involved in the production of this content.
Source: BFM TV
