RegulaKit

    Business Management Software

    Verifactu

    Technical Requirements for Billing Software Under Verifactu

    RegulaKitJune 4, 2026

    What the Verifactu Regulation requires

    Spain's Royal Decree 1007/2023, which develops the Anti-Fraud Law 11/2021, sets the requirements that billing software (SIF) must meet to guarantee the integrity, retention, traceability and immutability of records. The aim is to stop so-called dual-use software that let businesses hide sales. Any program issuing invoices must be certified through a manufacturer's responsible declaration.

    Tamper-proof billing records

    Each invoice generates a creation record that cannot be modified or deleted once created. If there is an error, a cancellation record or a corrective invoice is issued, but the original trail remains. The system must ensure no record can be altered without leaving evidence.

    Chaining and hashing

    Records are linked through a hash: each record embeds the hash of the previous one, forming a chain. Any tampering breaks the chain and becomes detectable. This chaining is one of the regulation's technical pillars.

    QR code and the Verifactu mark

    Every invoice must include a QR code that lets the recipient verify its data. In Verifactu mode, the invoice also carries the legend "Invoice verifiable at the AEAT electronic office" or the "VERI*FACTU" mark.

    Verifactu mode versus non-Verifactu mode

    • Verifactu mode: the software automatically submits each record to the AEAT (the Spanish tax agency) at the moment of issue. In return, certain retention obligations are reduced.
    • Non-Verifactu mode: there is no automatic submission, but the system must electronically sign the records and keep a stricter event log.

    Event log

    The system must keep a log of events: logins and logouts, exports, incidents, configuration changes and anomalies. This log lets inspectors reconstruct the program's activity.

    Checklist for choosing compliant software

    1. Manufacturer's responsible declaration certifying compliance.
    2. Hash generation and chaining of records.
    3. Inclusion of the QR code and the corresponding mark.
    4. Support for Verifactu mode (AEAT submission) and an event log.
    5. Secure retention and export of records.

    With RegulaKit you can get your invoicing ready for the Verifactu regime and keep your records compliant from day one. To estimate the financial risk of not adapting, try our penalty calculator.

    Application timeline

    The obligation is fully enforceable from 2026 for most companies and self-employed workers in common territory. Acting early avoids a last-minute rush and lets you validate the AEAT integration with enough margin.

    Frequently Asked Questions

    What is Verifactu mode?

    It is the mode in which the software automatically submits each billing record to the AEAT at the moment of issue, reducing certain retention obligations.

    Is the QR code mandatory on every invoice?

    Yes. RD 1007/2023 requires a QR code that lets the recipient verify the invoice data.

    What happens if I don't use Verifactu mode?

    You can operate in non-Verifactu mode, but you must electronically sign the records and keep a stricter event log.

    What is record chaining?

    Each record embeds the hash of the previous one, forming a chain; any tampering breaks it and becomes detectable.

    When does it become mandatory?

    The obligation is fully enforceable from 2026 for most companies and self-employed workers in common territory.

    Back to Blog

    Does your company comply with time tracking law?

    Try RegulaKit. Digital time tracking, vacation management and full compliance.

    Request a Demo

    Related Articles

    LegalJune 2, 2026

    The Eight-Week Parental Leave in Spain: What It Is and How It Affects Employers

    Everything about the parental leave introduced by RDL 5/2023: who qualifies, how it is taken until the child turns 8, and what employers must do.

    GuidesJune 2, 2026

    Time Tracking in Startups: Flexibility Does Not Mean No Control

    Startups value flexibility, but time tracking law applies equally. How to implement recording without losing your agile culture.

    HRMay 31, 2026

    Spain's Minimum Wage (SMI) 2026: Amount, How It Is Set and Payroll Impact

    What the 2026 Spanish minimum wage is, who approves it, who it affects, how it impacts payroll, its proration for part-time contracts and its link with collective agreements.