FTO Objection on Digital Invoice
FBR’s Digital Invoicing Policy — A New Threat to Data Security
By: Sabir Jalil Farooqui, Advocate High Court.
(Vice President, Mirpurkhas Tax Bar Association.)"
Digital Progress or Digital Negligence?
The Federal Board of Revenue (FBR) has recently introduced its new “Digital Invoicing and Electronic Integration” policy, under which the data of all sales tax registered persons will be fully digitized and brought online. On the surface, this seems like a step toward modernization, but beneath it lie serious risks and challenges.
The Federal Tax Ombudsman (FTO) has recently revealed that "FBR’s IT system is vulnerable to cyberattacks and data leaks". Uploading billions of rupees’ worth of business transactions and invoicing details to such a fragile system poses significant threats to "public trust and national data security".
Sensitive Data in an Unsafe System
FBR’s existing data infrastructure already suffers from technical weaknesses. When a system that has already faced cyberattacks is expanded further, this action only multiplies the risks of "data theft, hacking, and financial fraud".
Now that every taxpayer’s invoice, transaction, and financial record will be uploaded to a digital platform, this is no longer merely a departmental matter — it becomes a "question of business community’s confidence" in the entire taxation framework.
Prioritize Cybersecurity Over Digital Policy
FBR must first secure and audit its IT system through an "independent cybersecurity review" before expanding its digital policies. Implementing digital invoicing without adequate protection is extremely risky. If data security cannot be ensured, FBR’s credibility in the eyes of the public will further erode.
Additional Burden and Business Challenges
FBR already collects all required information through monthly returns, STRNs, and other reporting mechanisms. Introducing additional digital integration layers will only "increase administrative complexity and financial burdens".
Small traders and manufacturers, who are already under economic stress, may lose further confidence in the system. This could ultimately "slow down new registrations in the tax net" rather than expanding it.
Direction of Reforms — Practical Recommendations
According to the recommendations of the Central Committee of the Federal Tax Ombudsman, the government and FBR should take the following steps:
1. First, "upgrade and independently audit" the IT system.
2. Until cybersecurity standards are fully met, "suspend the implementation of all new digital policies".
3. Simplify tax laws to make them "business-friendly and trust-based".
4. Frame new regulations keeping in view "ground realities and challenges faced by the business community".
Digital reforms are indeed the need of the hour, but their implementation without "cybersecurity, transparency, and trust" is meaningless. Taxpayers’ data is a "national trust", and if FBR cannot safeguard that trust, the digital invoicing policy may turn into a dangerous experiment.
FBR must first strengthen its internal systems before introducing digital invoicing — only then can Pakistan establish a "safe, transparent, and credible digital tax framework."