VAT in the Digital Age Standardised Everything — Except Who You're Invoicing

The EU's e-invoicing calendar reads like a relay. Germany's receive-side mandate became effective 1 January 2025. Poland's KSeF began its first mandatory phase on 1 February 2026 and extends to all B2B invoicing on 1 April 2026 ¹. France's national mandate runs from September 2026 ². Germany's issuance obligation lands 1 January 2027. The keystone arrives on 1 July 2030: under Council Directive (EU) 2025/516, every cross-border B2B invoice between EU Member States must be issued in a structured electronic format and reported to tax authorities within ten days ³. Member States have until 1 January 2035 to harmonise their pre-existing domestic continuous-transaction-control systems with the new regime ⁴.

Read together, these dates describe a single regulatory cascade. By mid-2030, an EU business will be legally required to send a structured invoice to a counterparty in another Member State and have it reported to its tax authority within 10 days — but the regulation will not tell either side how to be sure the counterparty is who they claim to be.

That second sentence is the subject of this article. ViDA closes the fiscal-data gap and leaves the identity gap wide open.

What ViDA actually mandates

The "VAT in the Digital Age" package was adopted by the Council on 11 March 2025 and published in the Official Journal on 25 March 2025 as three legal instruments: Council Directive (EU) 2025/516 amending the VAT Directive 2006/112/EC, Council Regulation (EU) 2025/517 amending Regulation (EU) No 904/2010 on administrative cooperation, and Council Implementing Regulation (EU) 2025/518 amending Implementing Regulation (EU) No 282/2011 ³. The European Commission frames the package around three pillars: digital reporting requirements (DRR) and e-invoicing, platform-economy VAT rules for short-term accommodation and passenger transport, and a single VAT registration through expanded one-stop-shops ⁵. The first pillar — DRR — is the one that reshapes B2B invoicing infrastructure across the bloc.

For intra-EU B2B trade, two changes take effect on 1 July 2030. Suppliers must issue structured electronic invoices using the European semantic model defined in EN 16931, and they must report invoice-level data to their domestic tax authority within 10 days. The current monthly recapitulative statements (the EC Sales Lists) are abolished for these transactions, replaced by transaction-level reporting that flows into a central VAT Information Exchange ⁴⁶.

What changes from the supplier's point of view is straightforward to describe and difficult to retrofit. Verification stops being a quarterly compliance task and starts being a per-invoice infrastructure dependency.

The fiscal architecture moves from monthly summaries to transaction-level near-real-time reporting. The identity architecture stays unchanged. ViDA references VAT-ID via the existing VIES infrastructure for validity checks; it does not introduce a new way to verify the legal name, registered address, or beneficial owner of the counterparty. That layer remains national, fragmented, and outside the directive's scope.

The national CTC patchwork ViDA inherits

The continuous-transaction-control (CTC) layer was not built bottom-up by Brussels. It was built piecemeal by Member States during the 2018–2026 period, each one designing a domestic e-invoicing regime for its own VAT-gap problem. ViDA standardises the cross-border layer on top of these national systems and gives Member States until January 2035 to align the rest ⁴.

Italy's Sistema di Interscambio (SDI) is the longest-running of them. Mandatory for B2G since 2014 and B2B since 2019, SDI now processes more than 30 million e-invoices annually through a centralised exchange operated by Agenzia delle Entrate ⁷. Poland's KSeF began phased mandatory rollout on 1 February 2026 — initially for taxpayers with annual revenue above 200 million PLN, extending to all B2B invoicing on 1 April 2026 and to micro-enterprises from 1 January 2027 ¹. Germany's regime is Peppol-aligned: as of January 2025 every German business must be able to receive structured e-invoices, with a mandatory issuance obligation following on 1 January 2027 ⁸. France formally designated DGFiP as the national Peppol Authority in July 2025, ahead of its September 2026 mandate; large enterprises and mid-sized businesses must issue e-invoices for domestic B2B transactions from that date ². Belgium uses Peppol BIS Billing 3.0 as its required structured format and has begun B2B rollout. Other Member States — Romania (RO e-Factura), Hungary (RTIR / NAV Online Számla), Spain (Verifactu and TicketBAI in regional regimes) — are at varying stages of mandatory adoption.

The transmission layer has converged faster than the identity layer. The Peppol International Observatory's October 2025 report records 1.4 million organisations registered to the Peppol network across 98 countries, served by more than 300 certified access points ⁹.

What every CTC system shares is a structured invoice format, a transmission protocol, and a tax-authority touchpoint. What they do not share is an identity primitive. Italy's invoices reference REA codes and codice fiscale alongside VAT-ID. Poland's KSeF invoices use NIP plus a KSeF-issued document identifier. France treats SIREN/SIRET as the canonical business identifier. Germany leans on the VAT-ID and Handelsregister number. Five national regimes are now legally required to interoperate by 2030, while their identity primitives remain incompatible.

VIES — what the current identity baseline can and cannot do

VIES (the VAT Information Exchange System) has been the EU's de facto cross-border identity primitive since 1993. It is a query interface that asks a Member State's national VAT registry whether a given VAT-ID is currently valid, and returns a yes/no plus, for some Member States, a registered name and address ¹⁰.

Three properties of VIES define the gap that ViDA inherits.

The yes/no rule, by design. Article 19 of Council Regulation (EU) No 904/2010 governs the information Member States are required to share via VIES. It requires confirmation that a VAT-ID is valid; it does not require confirmation of the registered legal name or address. The European Commission's own user-facing VIES service describes the limit explicitly:

For better protection of personal data, the national authorities will not supply the name and address corresponding to a VAT number. They will only confirm if there is a certain name and address associated with a specific VAT number or not.

A Spanish supplier verifying a German GmbH counterparty therefore cannot ask VIES "who is this VAT-ID registered to?". It can only ask "is this combination of VAT-ID, name, and address consistent?". The supplier must already hold the name and address from a different source. VIES is a confirmation API, not a discovery API.

Geographic and activation gaps. VIES covers EU Member States plus Northern Ireland. It does not cover the UK, Switzerland, or Norway — three of the EU's largest cross-border B2B trading partners. Within the EU, a number of Member States — notably Germany, Spain, and Italy — do not automatically activate a domestic VAT-ID for VIES queries; the business must register specifically for intra-Community trade ¹¹. Small enterprises, sole traders, and freelancers without that registration appear as invalid on VIES even when they are domestically registered for VAT.

Reliability. VIES depends on real-time queries against 27 national databases. Outages of individual Member State endpoints — sometimes lasting several hours, sometimes coinciding with national filing deadlines — are documented as a recurring operational issue ¹². Under a monthly recapitulative-statement regime, an outage during the filing window is an inconvenience. Under a 10-day DRR window, it becomes a hard compliance risk per affected invoice.

VIES was built to validate a VAT registration. ViDA will require something it was never built to do: confirm the counterparty as a legal person at machine speed, across borders, on every invoice.

The eIDAS 2.0 partial fix

The European Digital Identity Regulation — Regulation (EU) 2024/1183, in force since 20 May 2024 — introduces the European Digital Identity Wallet (EUDI Wallet) for both natural persons and legal persons. Member States must provide at least one wallet by November 2026, and from late 2027 regulated private services and very large online platforms must accept the wallet on user request ¹³.

For business identity, the wallet matters because it gives a legal person a means to present cryptographically signed attributes — legal name, registration data, authorised representatives — issued by a Member State authority and verifiable in real time. Implementing acts under Article 5b set out the registration regime for wallet relying parties: an entity that wants to consume wallet-issued attributes must register with the Member State of establishment and declare what data it intends to process ¹⁴.

What this fixes is the presentation problem. A counterparty can present a verifiable attestation of its own legal identity directly to the supplier's invoicing system, without the supplier having to query a national registry. What it does not fix is the registry harmonisation problem underneath it. The wallet attests over data that originates in national registries — Handelsregister, KRS, Registre du Commerce, RNI — each of which still operates under its own data model, identifier convention, and update cadence. The wallet is a presentation primitive; it is not a unified business-entity record.

The rollout curve adds a second constraint. Member State wallet availability by November 2026 is a baseline obligation, not a usage forecast. Wide voluntary issuance of legal-person credentials, broad relying-party adoption across European ERP and KYB stacks, and consistent quality of issued attributes will follow on a longer timeline — almost certainly extending beyond the 1 July 2030 ViDA mandate.

eIDAS 2.0 builds the wallet. It does not unify the registry data the wallet attests over.

What the gap looks like in practice

Consider a Spanish exporter in Madrid invoicing a German GmbH counterparty in Hamburg in mid-2030. The exporter must issue a structured invoice in EN 16931 format, transmit it through an authorised channel, and ensure transaction-level data is reported to the Spanish tax authority within 10 days. To be confident the counterparty exists, has the legal form claimed on the invoice, and operates from the address shown, the exporter today consults a stack of separate systems.

Each row represents a separate stack. None of them references the others. The Handelsregister extract uses the registered HR number; VIES uses the VAT-ID; the Transparenzregister uses its own internal identifier; sanctions databases use yet another set of name-and-date keys. A KYB platform stitches these together for a fee, but the stitching is a private commercial layer, not an EU public-good layer. There is no canonical EU business-identity record that ViDA, eIDAS 2.0, or any sectoral regulation points to as authoritative.

The mandate operates at near-real-time speed. The verification stack still operates at the speed of fragmented public records.

A coverage layer at the surface

The cross-border coverage problem has a tractable shape. Public registry data already exists in 27 Member States; what is missing is a unified surface that reconciles the records into a single queryable layer.

B2Trust indexes 29M+ business entities across 32 countries, free and cross-border at b2trust.com. The platform demonstrates that cross-border coverage at the EU plus key non-EU markets is achievable as a free public utility — one example of the surface the regulatory cascade implies. It is not a ViDA implementation, it does not replace VIES or the EUDI Wallet, and it does not resolve the legal status of identity attestations under cross-border DRR. It is a coverage layer; the mandate gap is now about who closes the verification layer for machine-to-machine consumption at the speeds ViDA will require.

What 2026–2030 demands of buyers

For procurement, finance, and compliance teams at any EU exporter or importer of goods between Member States, the four-year window between now and the ViDA cross-border mandate is the install window for verification capability that operates at machine speed across at least six national CTC formats. Three demands fall out of the regulation that are not fully addressed by current verification stacks.

A 10-day reporting window is incompatible with annual KYB cycles. The dominant KYB model in mid-market European procurement is annual or biennial counterparty refresh, with point-in-time verification at onboarding and trigger-based re-verification thereafter. ViDA's cross-border DRR makes counterparty identity a property of every invoice, not every onboarding. Suppliers and faktoring firms with the heaviest cross-border exposure will hit the gap first — particularly receivables-finance providers whose risk model already requires verification of both invoice issuer and debtor.

Six identifier conventions cannot be reconciled at invoice-issuance time. ERP vendors (SAP, Microsoft, Sage, Comarch, Asseco) have started bundling Peppol-compliant transmission and structured-format support into their core invoicing modules. Identity verification is still bolted on at integration time through third-party KYB connectors. Under a transaction-level DRR, the identity-resolution step needs to be inside the invoice-issuance pipeline, not adjacent to it.

Coverage gaps in non-EU jurisdictions become hard compliance risks. UK, Swiss, and Norwegian counterparties are routinely involved in EU intra-Community supply chains through customs procedures and place-of-supply rules even when not in the chargeable transaction itself. VIES does not cover them. Whatever verification layer EU buyers operate from 2030 onwards has to handle non-VIES jurisdictions natively or treat them as exceptions on every invoice.

ViDA does not change verification standards in name. It changes the operating envelope under which verification has to happen — from periodic compliance task to continuous infrastructure dependency.

The reckoning

Five national continuous-transaction-control regimes are now legally required to interoperate by 1 July 2030. ViDA standardises the fiscal layer for them. The identity layer has no equivalent standard. eIDAS 2.0 supplies a presentation primitive but not a registry harmonisation. VIES supplies a yes/no but not a confirmation. Peppol moves the bytes but does not warrant the parties.

Every cross-border B2B invoice in the EU will be reported within 10 days of issuance. The question of who that invoice is to will be answered by whichever infrastructure is available when the mandate goes live. Member States, ERP vendors, KYB platforms, registry operators, and standards bodies are all candidates to close the gap. None of them has been formally tasked to.

1 July 2030 is 49 months away.

Footnotes

1. European Commission Digital Building Blocks, "eInvoicing in Poland," accessed May 2026, https://ec.europa.eu/digital-building-blocks/sites/spaces/DIGITAL/pages/467108896/eInvoicing+in+Poland; EDICOM, "Poland implements mandatory B2B electronic invoicing with KSeF from 2026," published 2025, https://edicomgroup.com. ↩ ↩²

2. Fonoa, "Peppol Adoption in Europe 2026: Key Mandates, ViDA & What's Next," accessed May 2026, https://www.fonoa.com. ↩ ↩²

3. European Commission, DG TAXUD, "Adoption of the VAT in the Digital Age package," 11 March 2025, https://taxation-customs.ec.europa.eu/news/adoption-vat-digital-age-package-2025-03-11_en. ↩ ↩²

4. Vatcalc, "EU ViDA Digital Reporting Requirements e-invoicing July 2030 update," accessed May 2026, https://www.vatcalc.com/eu/eu-2028-digital-reporting-requirements-drr-e-invoice/. ↩ ↩² ↩³

5. European Commission, DG TAXUD, "VAT in the Digital Age (ViDA)," accessed May 2026, https://taxation-customs.ec.europa.eu/taxation/vat/vat-digital-age-vida_en. ↩

6. Sovos, "ViDA: The Timeline," accessed May 2026, https://sovos.com. ↩

7. European Commission Digital Building Blocks, "eInvoicing in Italy," accessed May 2026, https://ec.europa.eu/digital-building-blocks/sites/spaces/DIGITAL/pages/467108890/eInvoicing+in+Italy. ↩

8. Fonoa, "Peppol Adoption in Europe 2026," (Germany section), accessed May 2026, https://www.fonoa.com. ↩

9. Peppol Authority / OpenPeppol, "The global shift to eInvoicing — International Observatory on eInvoicing," October 2025, https://peppol.org. ↩

10. Council Regulation (EU) No 904/2010 of 7 October 2010 on administrative cooperation and combating fraud in the field of value added tax, Article 19. EUR-Lex. ↩

11. Fonoa, "European VAT ID Verification: Why VIES Isn't Always Best," accessed May 2026, https://www.fonoa.com. ↩

12. Fonoa, "VIES Is Having Issues (Again), So Here's What You Can Do About It," accessed May 2026, https://www.fonoa.com. ↩

13. European Commission, "The European Digital Identity Regulation — EU Digital Identity Wallet," accessed May 2026, https://ec.europa.eu/digital-building-blocks/sites/spaces/EUDIGITALIDENTITYWALLET/pages/915931811/The+European+Digital+Identity+Regulation. ↩

14. European Commission, EUDI Wallet implementing acts under Article 5b of Regulation (EU) 2024/1183, published 21 November 2024. ↩