Solutions
Built for the whole committee.
A compliance mandate touches every function that signs off on an invoice. Here’s what changes for each of them.
- The ledger is the status source of truth — every invoice sits in one of a fixed set of states, never a black hole waiting on a phone call.
- Reconciliation runs off per-invoice lifecycle timestamps, queryable by source_reference — no spreadsheet you maintain by hand.
- Failure webhooks fire the moment an invoice needs attention, before it becomes a month-end surprise.
- The idempotency guarantee means retrying a submission on a timeout never risks a duplicate FTA transmission.
Ledger state machine
RECEIVEDPENDING_TRANSMISSIONTRANSMITTEDCLEARED_BY_FTA
NEEDS_REVIEWFAILEDREJECTED
- Validation runs against the official MoF mandatory field set (V1.0, 23 Feb 2026) and the official Peppol PINT-AE VAT codelist — not a third-party interpretation of it.
- TRN and TIN format rules, and the cross-consistency check between them, run on every submission, not just at onboarding.
- Rate-coherence is enforced per category: standard-rate lines can't carry a zero rate, exempt lines can't skip the exemption reason.
- The append-only, trigger-enforced audit trail is the evidence record — every transition, actor, and timestamp, immutable.
vat_categoryenumRequiredOne of S, Z, E, O, AE, N — the official Peppol PINT-AE codes.
vat_ratedecimalRequiredMust match the category's allowed rate set (S/N: 5.00; Z/E/O: 0.00; AE: 0.00 or 5.00).
supplier_trnstring(15)Required15-digit FTA Tax Registration Number, or a standalone 10-digit TIN.
vat_exemption_reasonstringRequired whenever vat_category is E or O.
- /validate and /submit share the exact same request body and pipeline — build and test against one, ship on both with zero payload changes.
- Idempotent on (tenant, source_reference), chaos-tested under concurrent load — safe to retry on timeouts or redeliver from your own outbox.
- HMAC-SHA256-signed webhooks in both directions, with timestamp freshness windows and nonce replay protection.
- A Postman collection and real integration docs, not a sales deck — the curl example on this site is the actual request shape.
bash
curl -X POST https://<api-host>/api/v1/compliance/validate \ -H "X-API-Key: $API_KEY" \ -H "Content-Type: application/json" \ -d '{ "source_reference": "INV-2026-0001", "payload": { ... } }'- Postgres Row-Level Security, FORCE-enabled — tenant isolation is enforced by the database, not application code that could have a bug.
- AES-256-GCM envelope encryption for BYOK ASP credentials; the key-encryption key lives outside the database (KMS in production).
- TLS 1.2/1.3-only ingress; plain HTTP dropped at the edge.
- UAE-region deployment (AWS me-central-1) in progress — data residency by design, not an afterthought.
postgresql
ALTER TABLE ae_compliance.invoice_ledger FORCE ROW LEVEL SECURITY; CREATE POLICY tenant_isolation_ledger ON ae_compliance.invoice_ledger USING (tenant_id = current_setting('app.current_tenant_id')::uuid);- Two hard dates: Wave-1 enterprises (≥ AED 50M revenue) must appoint an Accredited Service Provider by Oct 30, 2026; mandatory use follows from Jan 2027.
- The 5-corner model means an integration path is required, not optional software — that path is what we sell.
- UAE-first by design: one mandate, done properly, rather than a global platform with a regional checkbox.
- Every engagement starts on the early-access design-partner track, with direct engineering access while pricing is set with real customers.
Wave-1 deadline
Due Oct 30, 2026Enterprises ≥ AED 50M revenue must appoint an Accredited Service Provider by this date.