AE Compliance

UAE e-invoicing compliance middleware

Invoices that never bounce off the mandate.

Every invoice you submit is normalized to the official field set, validated line by line, and routed to your Accredited Service Provider in a state you can always see — never a black hole, never a surprise at month-end.

Wave-1 ASP deadline

Due Oct 30, 2026until Oct 30, 2026

Where you fall

Revenue ≥ AED 50M
Appoint by Oct 30, 2026
Everyone else
July 2027 wave
Due Oct 30, 2026

until Wave-1 enterprises must appoint an Accredited Service Provider — Oct 30, 2026. Mandatory use for all businesses follows Jan 2027.

Validation built against the official MoF mandatory field set, V1.0

Path to live

Three steps, and the second one is free.

Step 1

Get tenant credentials

Early-access onboarding — an admin issues your API key out-of-band. It's shown once at creation.

X-API-Key issued

Step 2

Loop on /validate until clean

Same payload, zero persistence. Iterate on your field mapping against the real validator until every check passes.

is_valid: false → true

Step 3

Switch to /submit

Identical checks, now persisted, queued, and routed to your ASP — with status webhooks back to you at every terminal state.

PENDING_TRANSMISSION

The mandate is a network, not a file format

The 5-corner model, explained once.

UAE e-invoicing runs on the Peppol 5-corner Decentralized CTC and Exchange model. Your invoice never goes straight to the tax authority — it moves seller → your Access Point → the network → the buyer’s Access Point → buyer, with the FTA receiving its copy from the network side. Getting a validated, audited path into that network is the actual integration problem. That path is what we built.

We sit in front of your Accredited Service Provider, in every submission — the layer that decides whether an invoice is ready before it ever reaches the network.

CORNER 1Seller (you)THIS IS USOUR LAYERnormalizevalidate · ledgerCORNER 2Your ASPCORNER 3Buyer's APCORNER 4BuyerCORNER 5FTA reporting
Our scope: ledger, validation, auditASP scope: signing, exchange, FTA reporting

Built to hold under load

What the engineering actually buys you.

One client's data can never touch another's.

Row-level security enforced by the database itself, not application code.

The complete error picture, in one pass.

All 62 mandate fields evaluated together — the full manifest on the first run.

Nothing ever silently disappears.

Every document ends in a named, audited state — never a black hole.

Outages don't lose invoices.

Automatic retries with failover, and honest failure notifications when a provider is down.

Routes to your ASP

Any source system in. Your Accredited Service Provider out.

We ingest from any system that can POST JSON — POS, ERP, or custom billing software. On the way out, your ASP credentials are yours: bring your own key, encrypted end-to-end with AES-256-GCM, never stored in plaintext.

ClearTax

Design partner

Flick

Scaffolded

Edicom

Scaffolded

Covoro

Scaffolded

Pagero

Scaffolded

Taxilla

Scaffolded

The real alternative is DIY

An invoice POST is a sprint. Staying compliant isn’t.

Any team can wire up a JSON endpoint in an afternoon. What’s actually hard — and stays hard, indefinitely — is everything below.

ConcernBuilding it yourselfWith us
Field normalizationMap your own JSON to 62 PINT-AE fields by handPOST arbitrary JSON — alias mapping is built in
VAT category coherenceTrack 6 categories, allowed-rate sets, exemption reasons yourselfChecked on every submission against the official codelist
TRN / TIN cross-checksRe-derive and compare identifiers on every requestEnforced automatically, with exact-cause error codes
Idempotent, retry-safe transmissionBuild your own dedup key, backoff, and circuit breakerIdempotent on (tenant, source_reference), chaos-tested
Tenant isolationEnforce it in application code, and hope nothing skips the checkPostgres Row-Level Security, FORCE-enabled at the database
Audit trailA table you can UPDATE — which means it isn't really an audit trailAppend-only, trigger-enforced, immutable by design

Why UAE-first

One mandate, done properly — not a hundred, done adequately.

We’re not building a global platform with a UAE checkbox. The PINT-AE spec, the Emirates-specific TRN and Peppol scheme rules, the Wave-1/Wave-2 timeline — we built against the actual document, in the actual region, for a market we understand. Depth over breadth, with residency in-region as the deployment stands up.

Get on the design-partner track.

Due Oct 30, 2026