What Is GoBD?
GoBD (Grunds\u00e4tze zur ordnungsm\u00e4\u00dfigen F\u00fchrung und Aufbewahrung von B\u00fcchern, Aufzeichnungen und Unterlagen in elektronischer Form sowie zum Datenzugriff) is a set of principles issued by the German Federal Ministry of Finance. First published in 2014 and updated in 2019, GoBD governs how every business operating in Germany must create, process, and store its financial records digitally.
Unlike many regulations, GoBD is not optional. It applies to every taxpayer— from solo freelancers using simplified income-expense accounting (E\u00dcR) to large corporations with full double-entry bookkeeping. Non-compliance can lead to your bookkeeping being rejected during a tax audit, which means the Finanzamt estimates your income — usually not in your favor.
The Core Principles of GoBD
GoBD is built on fundamental principles that mirror centuries of good bookkeeping practice, adapted for the digital age:
1. Nachvollziehbarkeit (Traceability)
Every business transaction must be traceable from the original document through the booking to the financial statement — and back again. A tax auditor must be able to follow the trail without needing specialized knowledge of your system.
2. Vollst\u00e4ndigkeit (Completeness)
All transactions must be recorded. No gaps, no omissions. Every invoice issued, every receipt received, every payment made must be captured in your accounting system.
3. Richtigkeit (Accuracy)
Transactions must be recorded as they actually occurred. Amounts, dates, tax rates, and counterparties must match the underlying business reality.
4. Zeitgerechte Buchung (Timely Recording)
Transactions must be recorded promptly. For cash transactions, this means daily. For non-cash transactions, within 10 days is considered acceptable. Monthly booking is tolerated only if there is a valid interim documentation system.
5. Ordnung (Orderliness)
Records must be organized systematically so that a knowledgeable third party can understand them within a reasonable time. This includes consistent numbering of invoices, clear categorization, and logical filing.
6. Unver\u00e4nderbarkeit (Immutability)
Once a record is finalized, it cannot be altered without leaving a trace. This is the most technically demanding requirement: your accounting software must ensure that edits create a new version while preserving the original. Deletions must be logged, not actually performed.
Archiving Rules: What, How, and How Long
Retention Periods
GoBD mandates specific retention periods depending on the document type:
- 10 years: invoices (sent and received), accounting records, annual financial statements, inventory records, opening balance sheets, booking vouchers, and all documents relevant for tax calculation.
- 6 years: business correspondence (emails, letters, contracts) that is not directly part of the accounting records.
The retention period begins at the end of the calendar year in which the document was created. So an invoice from March 2026 must be retained until at least December 31, 2036.
Storage Format
Digital documents must be stored in the format in which they were received or created. A PDF invoice received by email must be archived as a PDF — printing it and scanning it back is not GoBD-compliant. Electronic invoices (XRechnung, ZUGFeRD) must be stored in their original XML/PDF format.
For paper documents, GoBD allows ersetzendes Scannen(replacement scanning): you may scan the document, archive the digital copy, and destroy the original — provided the scanning process is documented and the digital copy faithfully reproduces the content.
Access Requirements
During a tax audit, the Finanzamt has three levels of data access (Z1, Z2, Z3):
- Z1 (Unmittelbarer Zugriff): the auditor uses your system directly with read-only access.
- Z2 (Mittelbarer Zugriff): you run queries and evaluations as requested by the auditor.
- Z3 (Datentr\u00e4ger\u00fcberlassung): you export data in GDPdU/GoBD format (typically IDEA-compatible) onto a data carrier.
Your software must support at least Z3 export.
Verfahrensdokumentation: The Documentation Requirement
Every business must maintain a Verfahrensdokumentation(procedural documentation) that describes how business documents are created, received, processed, stored, and eventually destroyed. This is arguably the most overlooked requirement — many freelancers don’t know it exists.
The documentation must cover:
- Anwenderdokumentation: which software and tools you use, including version numbers.
- Technische Systemdokumentation: how systems are configured, where data is stored, backup procedures.
- Betriebsdokumentation: daily operations, who has access, how data integrity is ensured.
- Internes Kontrollsystem (IKS): how you verify accuracy and detect errors.
Common GoBD Mistakes Freelancers Make
- Using Excel for invoicing: spreadsheets don’t provide immutable audit trails. Every edit silently overwrites the previous version.
- Storing invoices only as email attachments: email is not a GoBD-compliant archive. Emails can be deleted, and there is no tamper protection.
- No Verfahrensdokumentation: even a one-page document is better than nothing. Without it, your entire bookkeeping can be rejected.
- Printing digital invoices: if you receive an invoice as PDF, archiving a printout is not compliant. The digital original must be preserved.
- Manual invoice numbering: gaps or duplicates in invoice numbers are red flags during audits.
How vlastERP Ensures GoBD Compliance
vlastERP was designed with GoBD compliance as a core architectural principle, not an afterthought:
- Immutable audit trail: every change to invoices, time entries, and financial records is versioned with timestamps, user IDs, and before/after snapshots. Nothing is ever truly deleted.
- Automated sequential numbering: invoice numbers are generated automatically with no gaps. The system prevents manual overrides that could create compliance issues.
- 10-year encrypted archiving: all documents are stored in AES-256 encrypted EU data centers with daily backups and geographic redundancy. Retention policies are enforced automatically.
- Original format preservation: uploaded documents are stored exactly as received — PDFs stay as PDFs, XML stays as XML.
- GDPdU/GoBD export: one-click export of all accounting data in a format compatible with IDEA auditing software (Z3 access).
- Verfahrensdokumentation template: vlastERP generates a pre-filled procedural documentation template based on your actual system configuration, users, and processes.
- Hash verification: every archived document gets a SHA-256 hash stored separately. You can verify at any time that no document has been tampered with.
- Role-based access: 6 permission levels ensure that only authorized users can view or modify financial records, with every access logged.
Checklist: Getting GoBD-Compliant Today
- Switch from Excel/Word invoicing to a GoBD-compliant tool like vlastERP.
- Set up proper document archiving with automatic retention policies.
- Write your Verfahrensdokumentation (use vlastERP’s auto-generated template as a starting point).
- Configure sequential invoice numbering — no manual gaps.
- Ensure all digital documents are archived in their original format.
- Set up regular backups and verify your export (Z3) capability.
- Review and update your documentation at least annually or when systems change.
