Understanding German Tax Compliance: GoBD Explained

GoBD stands for “Grundsätze zur ordnungsmäßigen Führung und Aufbewahrung von Büchern, Aufzeichnungen und Unterlagen in elektronischer Form sowie zum Datenzugriff.” In practical terms, it’s the set of rules that governs how businesses must handle their electronic bookkeeping.

If you run a business in Germany and use any digital tool to manage finances, GoBD applies to you. That includes spreadsheets, accounting software, invoice apps, and any system that stores or processes financial records.

The Core Principles

Traceability (Nachvollziehbarkeit). Every business transaction must be traceable from its origin document through the booking entry to the financial statements, and vice versa. If an auditor looks at a line in your profit and loss statement and asks “where did this number come from?”, you must be able to show the chain from the original receipt to the final figure.

Completeness (Vollständigkeit). Every business transaction must be recorded. You cannot selectively book some transactions and ignore others. This includes small expenses, cash payments, and transactions where you didn’t receive a formal invoice.

Correctness (Richtigkeit). Entries must accurately reflect the underlying transaction. Errors must be corrected through reversal entries, not by modifying the original record. This is why GoBD-compliant systems don’t allow editing a posted transaction; they require a correction posting instead.

Timely recording (Zeitgerechtheit). Transactions must be recorded promptly. Ten days is the commonly accepted standard for most transactions. Cash transactions must be recorded daily.

Order (Ordnung). Records must be systematically organized and any transaction must be locatable quickly. An auditor should be able to find any document within a reasonable time without your assistance.

Digital Document Retention

This is where many small businesses accidentally fall out of compliance.

If you receive a digital document, such as an emailed PDF invoice, a scanned receipt, or an electronic bank statement, you must retain the digital original. Printing and discarding the digital copy violates GoBD. The retention period is 10 years for accounting records and 6 years for business correspondence.

The document must also be stored in a way that prevents modification. A folder on your desktop doesn’t qualify if you can edit the files. Proper GoBD-compliant storage means the system records when a document was received and prevents any changes after that point.

What Auditors Look For

Process documentation (Verfahrensdokumentation). A written description of your bookkeeping process. This sounds bureaucratic, but it doesn’t need to be long. A two-page document explaining which software you use, how documents flow from receipt to booking, and who is responsible for each step is usually sufficient for a small business.

System consistency. If you switch accounting software mid-year, all old records must remain accessible and exportable. You can’t simply delete the old system’s data.

Access controls. Basic password protection, user accounts, and some form of audit log showing who accessed what and when.

Immutability. Posted transactions cannot be deleted or modified. Corrections must be made through reversal entries.

GoBD and Cloud Software

Cloud accounting tools often market themselves as GoBD-compliant, but compliance depends on how you use them, not just what they claim. The key questions to ask are:

• Does the system prevent modification of posted records?
• Does it maintain an audit trail?
• Are documents stored in their original format?
• Can you export your data in a machine-readable format (GDPdU/GoBD export)?

The Retention Periods

• Accounting records, annual financial statements, opening balance sheets, inventory records: 10 years
• Business letters sent and received: 6 years
• Booking receipts: 10 years
• Bank statements: 10 years

The clock starts at the end of the calendar year in which the document was created or received.

Practical Compliance for Small Businesses

GoBD compliance is not about perfection. It’s about having a reasonable, documented process that produces traceable, complete, and correct records. The tax office (Finanzamt) is not looking for small technical violations; they’re looking for patterns that suggest intentional manipulation or negligence.

Use software that was built with GoBD in mind. Store originals digitally without modifying them. Reconcile monthly. Keep a basic process documentation (Verfahrensdokumentation). And if you’re unsure whether your current setup meets the requirements, ask your tax advisor (Steuerberater) for a quick review.

KontoMatch stores documents in their original format at upload. All processing actions are logged with timestamps. Posted records cannot be modified. The DATEV EXTF export provides a complete, machine-readable audit trail for every processed record. And original documents are retained for up to 10 years.