Rele­vant ques­ti­ons & ans­wers about Kas­sen­SichV

In the summer of 2019, the Minis­try of Finan­ce cla­ri­fied fur­ther ques­ti­ons on the Kas­sen­SichV and spe­ci­fied some open points. We exp­lain what is cur­r­ent­ly hap­pe­ning and what you need to know now.

Johannes Ferner

Johan­nes Ferner

Unter­neh­mer, Finanz & Tech­nik-Exper­te

What is the latest state­ment of the Minis­try of Finan­ce on the Kas­sen­SichV?

The German Federal Minis­try of Finan­ce (BMF) published in June the final ver­si­on of the Anwen­der­erlass § 146a AO. Remin­der: The § 146a AO, in other words the Kas­sen­si­che­rungs­ver­ord­nung, was intro­du­ced on Decem­ber 22, 2016 by the Act on Pro­tec­tion against Mani­pu­la­ti­on of Digi­tal Records (Kas­sen­ge­setz) and app­lies from 1.1.2020.

The letter cla­ri­fies and pro­vi­des detail­ed defi­ni­ti­ons of indi­vi­du­al AEAO sec­tions of § 146a. We sum­ma­ri­ze the most important points for you.

What is the goal of the Kas­sen­SichV?

By and large, Kas­sen­SichV is man­da­ted to ensure the tamper-proofing of busi­ness records and record­ing sys­tems. More spe­ci­fi­cal­ly, a pro­tec­tion struc­tu­re based on:

  • the inte­gri­ty
  • authen­ti­ci­ty and
  • com­ple­teness of the records

What are busi­ness tran­sac­tions and other ope­ra­ti­ons?

The latest infor­ma­ti­on given by the Minis­try of Finan­ce inclu­des a defi­ni­ti­on of busi­ness tran­sac­tions, namely:

Busi­ness tran­sac­tions are all legal and eco­no­mic tran­sac­tions that docu­ment, or influ­ence, or change the profit or loss or the com­po­si­ti­on of assets in a com­pa­ny within a cer­tain period of time.”

There are also examp­les of busi­ness tran­sac­tions that can occur in elec­tro­nic record­ing sys­tems. These are:

  • input/ output sales
  • sub­se­quent can­cel­la­ti­on of a rece­ipt
  • tip
  • vou­chers (gene­ra­ting and redemp­ti­on of vou­chers)
  • pri­va­te money with­dra­wals and pri­va­te depo­sits
  • change amount boo­king
  • salary pay­ment from the cash regis­ter as well as
  • money trans­fer

Other ope­ra­ti­ons

The regu­la­ti­on also refers to “other ope­ra­ti­ons” — mea­ning record­ing pro­ces­ses that are trig­ge­red not by a busi­ness tran­sac­tion, but by other events in the use of the elec­tro­nic record­ing system and that are requi­red for veri­fia­ble docu­men­ta­ti­on of the cor­rect and com­ple­te record­ing of the busi­ness tran­sac­tions.

This is con­cer­ning, for examp­le:

  • trai­ning boo­kings
  • imme­dia­te can­cel­la­ti­on of a tran­sac­tion recor­ded just before
  • rece­ipt can­cel­la­ti­on
  • issued offers as well as
  • unfi­nis­hed busi­ness tran­sac­tions (for examp­le, purcha­se orders).

Note­wor­thy: a tran­sac­tion is based on at least one tran­sac­tion. While the pro­cess rela­tes to the ope­ra­ti­ons in the record­ing system, a tran­sac­tion sums up the secu­ri­ty steps that occur within the tech­ni­cal secu­ri­ty device (TSE) to the ope­ra­ti­on in the respec­tive record­ing system.

Is it pos­si­ble to store the data and also to imple­ment the tech­ni­cal secu­ri­ty system in the cloud?

Yes! A cloud-based imple­men­ta­ti­on of the tech­ni­cal safety system is inten­ded by the BSI and BMF (The Federal Minis­try of Finan­ce).

In order to get a more on-point defi­ni­ti­on of the tech­ni­cal safety system, the requi­red pro­to­col data and their sto­rage are tho­rough­ly defi­ned below.

Sto­rage media: both cloud and hard­ware sto­rage are pos­si­ble.

In the latest state­ment of the BMF, the requi­re­ments regar­ding the relia­bi­li­ty of the sto­rage medium are expli­citly for­mu­la­ted.

It is clear that a phy­si­cal iden­ti­ty of secu­ri­ty module and sto­rage medium is not requi­red. The sto­rage medium can thus be met with a cloud sto­rage or even with a con­ven­tio­nal data sto­rage menium (memory card or simi­lar). We recom­mend the up-to-date and future-proof option of sto­rage in the cloud.

Uni­ver­sal digi­tal inter­face for finan­ci­al audits (DSFinV)

Also in this area, there is now more trans­pa­ren­cy:

In the case finan­ci­al audits, the secure app­li­ca­ti­on data must be made avail­ab­le for veri­fi­ca­ti­on of the log­ging.All data recor­ded with the elec­tro­nic record­ing system must be made avail­ab­le in a machi­ne-read­a­ble format . The data, as well as its format are defi­ned in theDigi­tal inter­faces of the finan­ci­al admi­nis­tra­ti­on for elec­tro­nic record­ingsys­tems” (DSFinV).

The DSFinV‑K app­lies to elec­tro­nic or com­pu­ter-aided cash regis­ter sys­tems and cash regis­ters.

Was means DSFinV‑K?

The “Digi­tal Finan­ci­al Admi­nis­tra­ti­on for Cashiers” inter­face (DSFinV‑K) is a stan­dar­di­za­ti­on of data stan­dards for cash regis­ters. It is an important step in the direc­tion of plan­ning and legal cer­tain­ty for entre­pre­neurs. Ver­si­on 2.0 was released in August and brings even more cla­ri­ty. The details will be published here short­ly on the Kas­sen­SichV blog.

What will the rece­ipt output look like in the future? What has to be con­si­de­red with respect to elec­tro­nic rece­ipts?

The rece­ipt can be pro­vi­ded both elec­tro­ni­cal­ly and prin­ted. If the rece­ipt is sub­mit­ted in elec­tro­nic format (for examp­le, via SMS or e‑mail), the custo­mer must first­ly agree.

Only dis­play­ing the rece­ipt on the cash register’s screen is not enough to ful­fill the rece­ipt issuing obli­ga­ti­on. Howe­ver, it is pos­si­ble to trans­fer the docu­ment via QR-code or NFC. Basi­cal­ly, a stan­dar­di­zed data format must be used for elec­tro­nic docu­ment output. Custo­mers must be able to access the rece­ipt by using a stan­dard soft­ware. Custo­mers must be able to access the rece­ipt by using a stan­dard soft­ware.

The­re­fo­re, there is no reason any­mo­re not to use a paper­less cash regis­ter in the future! This saves tons of toxic ther­mal paper — an important step in the right direc­tion. Inci­dent­al­ly, fis­ka­ly has been rely­ing on the inno­va­ti­ve tech­no­lo­gy of e‑receipts for many years. Find out more on fiskaly.com.

QR Code for a Demo receipt in Germany

What hap­pens if the cer­ti­fied tech­ni­cal secu­ri­ty system fails?

On a docu­ment, cer­tain data must be prin­ted in order to vali­da­te the cor­rect record­ing in the case of a check in the record­ing system.

The pre­sen­ta­ti­on of the inspec­tion cha­rac­te­ris­tics of a docu­ment with a QR codeis pos­si­ble. The app­li­ca­ti­on of the QR code is vol­un­ta­ry. We defi­ni­te­ly recom­mend the use of QR codes, as this sup­ports the tes­ting pro­cess.

The BZSt pro­vi­des the fol­lo­wing examp­le:

Feld

Beschrei­bung

<qr-code-ver­si­on>

Ver­si­ons­num­mer des QR-Codes, ist immer: V0

<kassen-seri­en­num­mer>

Seri­en­num­mer (Client-Id) der Kasse

<pro­cess­Ty­pe>

pro­cess­Ty­pe (siehe oben)

<pro­cess­Da­ta>

pro­cess­Da­ta (siehe oben)

<trans­ak­ti­ons-nummer>

Trans­ak­ti­ons­num­mer der TSE

<signa­tur-zaeh­ler>

Signaturzähler der finish­Tran­sac­tion-Ope­ra­ti­on der TSE

<start-zeit>

Log-Time der start­Tran­sac­tion-Ope­ra­ti­on der TSE im Format
“YYYY-MM-DDThh:mm:ss.fffZ”

<log-time>

Log-Time der finish­Tran­sac­tion-Ope­ra­ti­on der TSE im Format
“YYYY-MM-DDThh:mm:ss.fffZ”

<sig-alg>

Signa­tu­r­al­go­rith­mus

<log-time-format>

Log-Time-Format

<signa­tur>

Prüfwert / Signa­tur der finish­Tran­sac­tion-Ope­ra­ti­on der TSE

<public-key>

Öffentlicher Schlüssel (base64 codiert)

 

Bei­spiel QR-Code des Bun­des­zen­tral­amts für Steu­ern (BZSt)

V0;955002–00;Kassenbeleg-V1;Beleg^0.00_2.55_0.00_0.00_0.00^2.55:Bar;
18;112;2019–07-10T18:41:04.000Z;2019–07-10T18:41:04.000Z;ecdsa-plain-
SHA256;unixTime;MEQCIAy4P9k+7x9saDO0uRZ4El8QwN+qTgYiv1DIaJIMWRiuAiAt+s
aFDGjK2Yi5Cxgy7PprXQ5O0seRgx4ltdpW9REvwA==;BHhWOeisRpPBTGQ1W4VUH95TXx2
GARf8e2NYZXJoInjtGqnxJ8sZ3CQpYgjI+LYEmW5A37sLWHsyU7nSJUBemyU=

QR Code example of the BZSt

What hap­pens if the cer­ti­fied tech­ni­cal secu­ri­ty system fails?

If fail­u­re of the tech­ni­cal secu­ri­ty system occurs, the down­ti­me and its reason must be docu­men­ted. Howe­ver, the rece­ipt issuing obli­ga­ti­on under § 146a (2) AO shall not apply only if the record­ing system is com­ple­te­ly out of ser­vice.

If the elec­tro­nic record­ing system can con­ti­nue to ope­ra­te wit­hout the func­tio­n­ing cer­ti­fied tech­ni­cal secu­ri­ty system, this fail­u­re must be noti­ce­ab­le on the rece­ipt. This can be done by means of mis­sing tran­sac­tion number or by any other unique iden­ti­fier.

If the fail­u­re only affec­ts the tech­ni­cal secu­ri­ty system — whe­ther hard­ware or cloud-based — the elec­tro­nic record­ing system is allo­wed to be used, if you can record the log­gings, until fixing the TSS issue. In case of fail­u­re of prin­ting or trans­mis­si­on unit for the rece­ipt, the record­ing system can still be used.

In either case, the entre­pre­neur must imme­dia­te­ly solve the cause of the fail­u­re, take mea­su­res to remedy it and ensure that the requi­re­ments of § 146a AO are met again as soon as pos­si­ble.

WATCH OUT! A fail­u­re of the TSE does not relie­ve you of the obli­ga­ti­on to issue a rece­ipt. If not all the requi­red values can be pro­vi­ded for the docu­ment, the elec­tro­nic record­ing system must pro­vi­de at least the date and time docu­ment details.

There are only two situa­ti­ons where the obli­ga­ti­on to issue a rece­ipt does not have to be met:

  • in case of com­ple­te fail­u­re of the record­ing system
  • in case of fail­u­re of the prin­ting or trans­fer unit (in which case the record­ing system will con­ti­nue to be used).

What is the exact log­ging ope­ra­ti­on?

The record­ing system must ensure that the fol­lo­wing pro­ce­du­re is detec­ted by a TSS. Most import­ant­ly is that the start, chan­ges and the end of a busi­ness case or activi­ty are to be recor­ded.

Start of log­ging

It is now sti­pu­la­ted that the record­ing system must start a log­ging in the tech­ni­cal secu­ri­ty system imme­dia­te­ly after the start of a busi­ness tran­sac­tion (see chap­ter 3.3.1 of Tech­ni­cal Gui­de­li­ne BSI TR-03153).

In this case, a clear and con­ti­nuous tran­sac­tion number of a signa­tu­re coun­ter is man­dato­ry, tog­e­ther with a test value gene­ra­ted by the cer­ti­fied tech­ni­cal secu­ri­ty system.

Updating a log­ging

No later than 45 secondsafter a change in the data of the ope­ra­ti­on, the data of the cer­ti­fied tech­ni­cal secu­ri­ty system must be updated. Here, gene­ra­ting a test value by the tech­ni­cal secu­ri­ty system is optio­nal. he tran­sac­tion number can be retai­ned and the signa­tu­re coun­ter is increa­sed by 1 each time it is updated with test value cal­cu­la­ti­on.

Com­ple­ting a log­ging

If the ope­ra­ti­on is com­ple­ted, the tran­sac­tion must be com­ple­ted within the cer­ti­fied tech­ni­cal secu­ri­ty system. The TSS must gene­ra­te a test value in this case. Again, the tran­sac­tion number is retai­ned and the signa­tu­re coun­ter is increa­sed by 1. Only at this log­ging step, the com­ple­ti­on time is inclu­ded in the log data.

Ope­ra­ti­on star­ting times­tamp

In princip­le, the time at which the elec­tro­nic record­ing system starts or ends an ope­ra­ti­on is cru­ci­al here. Before issuing a rece­ipt, the ope­ra­ti­on must be com­ple­ted.

Data of the ope­ra­ti­on

The ope­ra­ti­on data con­tent can be defi­ned dif­fer­ent­ly depen­ding on the nature of the ope­ra­ti­on. In princip­le, howe­ver, all data recor­ded with the elec­tro­nic record­ing system must be made avail­ab­le in a machi­ne-read­a­ble . This is defi­ned in the “Digi­tal Inter­faces of Finan­ci­al Manage­ment for Elec­tro­nic Record­ing Sys­tems”(DSFinV). For cash regis­ters, the format (DSFinV‑K) is based on the DFKA taxo­no­myi.e. the uni­form, cross-indus­try format for cash regis­ter data.

Ope­ra­ti­on type

The tech­ni­cal gui­de­li­nes regar­ding the tech­ni­cal con­tent of the data to be backed up were kept rather gene­ral. Hedging can be done for a wide varie­ty of types of data. The nature of the pro­cess makes it pos­si­ble to dis­tin­guish the struc­tu­re of the con­tent that is to be pro­tec­ted
. The fol­lo­wing tran­sac­tion types are defi­ned:

  • sales rece­ipt
    The term refers to all com­ple­ted tran­sac­tions that lead to a rece­ipt accord­ing to § 146a Abs. 2 AO. This cate­go­ry also inclu­des the com­ple­ted tran­sac­tions, which rep­re­sent busi­ness tran­sac­tions in which only the entre­pre­neur him­s­elf works.
  • order
    This term refers to the long-las­ting orde­ring pro­ces­ses. But also the orders to the invoice or pay­ment which are dis­play­ed within the record­ing system in one ope­ra­ti­on.
  • other ope­ra­ti­ons
    All ope­ra­ti­ons that are unre­la­ted to TSEs, fea­ture calls and events fall into this cate­go­ry.

What hap­pens if my cash regis­ter does not ful­fill the requi­re­ments of § 146a AO?

For cash regis­ters which are acqui­red after 25/11/2010 and before 01/01/2020, a tem­pora­ry dero­ga­ti­on app­lies. If the cash regis­ters alrea­dy meet the requi­re­ments of the Federal Minis­try of Finan­ce letter of 26.11.2010 but are not upgrade­ab­le to ful­fill the Kas­sen­SichV requi­re­ments due to their design, they may con­ti­nue to be ope­ra­ted until latest 31.12.2022. In this case, this must be demons­tra­ted and atta­ched to the pro­ce­du­ral docu­men­ta­ti­on.

Atten­ti­on: the exemp­ti­on does not apply to PC cash regis­ter sys­tems!

Which record­ing sys­tems are exclu­ded from the Kas­sen­SichV?

Here the rules are clear­ly defi­ned. Accord­ing to the Kas­sen­SichV §1 Abs 1 Satz 2 the fol­lo­wing cate­go­ries are to be exclu­ded:

  • ticket ven­ding Machi­nes
  • ticket prin­ters
  • elec­tro­nic accoun­ting pro­grams
  • Goods and ser­vice machi­nes
  • ATMs
  • taxi­me­ter
  • odo­me­ter
  • as well as money and goods play equip­ment

This inclu­des a spe­cial case:
“An elec­tro­nic record­ing system with cash func­tion that meets the requi­re­ments of ‘Mini­mum Requi­re­ments for Risk Manage­ment — MaRisk’ and the ‘Ban­king Super­vi­si­on Requi­re­ments for IT’ (BAIT) of the Federal Finan­ci­al Super­vi­so­ry Aut­ho­ri­ty, as amen­ded, and by a credit insti­tu­ti­on i.S.d. § 1 (1) KWG. ”

You might also be inte­rested in this: