Compliance
Auditor-ready by default.
Every receipt is sequentially numbered, signed with HMAC-SHA256, and immutable for 7 years. The fiscal pieces are not a feature toggle — they are the floor.
Three pillars
Pick a pillar — read the detail.
MTCA fiscal, security & data residency, Peppol e-invoicing (beta). Each page goes deep enough for a procurement compliance review.
- production
MTCA fiscal compliance
Sequential receipts, HMAC-SHA256 signatures, immutable records, automatic Z-readings. Built so a Maltese audit closes in an hour, not a week.
Read more
- production
Security & data residency
JWT-based auth, role-based access enforced twice, tenant isolation as an invariant, and EU data residency in eu-central-1. SOC-2 Type I targeted by Q4 2026.
Read more
- beta
Peppol & ViDA — beta
We support UBL invoice output and are piloting CTC transmission with selected customers. This is not production-grade for general availability yet — and we say so on purpose.
Read more
Why we're honest about Peppol
The UBL output is real and schema-valid. The CTC transmission pipe is in pilot. We say so on the page rather than dressing it up — the right Maltese owner reads that and trusts the rest of the surface more.
A 15-minute compliance walkthrough.
We open the auditor portal, replay a Z-report, and show the receipt-signing trail. Bring your accountant.