was successfully added to your cart.

Don't rely on your payment provider to get you out of the VAT-MOSS chaos

In the olden days, VAT law may have been complex, but one of the simple fundamentals was that the ‘place of supply’ for a digital product was considered to be the address of the supplier. In other words, if you signed up for one of my online courses, it was counted as having been sold in the UK, where I’m based, even if you were a German sitting on a mountain using your French mobile in the Italian Alps. The ‘place of supply’ bit was easy. It was my business address.

However, that meant that some clever bods in big businesses were able to use this to their advantage, to reduce their VAT bill. That’s why so many of the multi-national online businesses have been relocating to places like Luxembourg, where the VAT rates are currently lower than, say, the UK or France. They saved. You, as a customer, saved. But the tax man in your country was missing out.

So back in 2008, the EU decided to put a stop to this. And you can understand why.

Under the new EU-wide VAT legislation that comes into force on 1st January 2015, if you sell a ‘digitally-delivered product’ to a consumer, then the ‘place of supply’ is no longer wherever the business is based.

It is now wherever the customer is when they download the product.

And this includes everything from online courses to MP3 meditations to e-books to mobile phone apps to knitting and craft patterns.

Sounds simple enough, doesn’t it?

It means that if you’re in France and you buy an e-book, I pay French VAT to the French tax authorities. Of course, that could get rather messy once you factor in all of the EU member states, so the law kindly offers an easier alternative – a ‘Mini One Stop Shop’ (‘MOSS’) for VAT (hence the term ‘VAT-MOSS’). This means I collect the required information during the purchase process, fill in the online forms each quarter and my UK government sends the VAT to the individual countries on my behalf.

It’s really kind of them, isn’t it?

But there’s a problem. How on earth do I know where you are when you buy my course?

Now, if I were one of those multi-national online businesses with a gazillion super-clever techy geeks, figuring out where the customer is when they download is easy peasy lemon squeezy. Those firms have full access to all of the purchase information – including IP address (the location of the computer), banking details and more – pretty much everything apart from the colour of your PJs and your inside leg measurement.

For the multi-nationals, this new legislation is a tax headache, rather than a tech headache.

But just imagine the scenario: instead of having behind you the might of an IT army so large it would make Alexander the Great feel inadequate, you’re a sole trader or micro business, relying on third party payment processors like PayPal or Worldpay to act as the link between you, the customer and your product.

Things don’t look quite so pretty.

Whether you’re Amazon selling millions of Kindle books or Aunty Jen’s Yurt Yoga selling a handful of ‘how to de-stress with Jen’ online videos , the new VAT legislation requires you to prove where your customer was at the time of purchase.

And, unless you’re selling via a third party reseller, the onus is on YOU, as the micro business owner, to PROVE the place of supply.

And you have to do this by providing two non-contradictory pieces of evidence.

HMRC in the UK (effectively the UK government’s tax team) tells us that we need to know the following:

  • If the purchase was made through a telephone box, a telephone kiosk, a wi-fi hot spot, an internet café, a restaurant or a hotel lobby, then consumer location will be the place where the services are provided – for example, the member state where the phone box/kiosk etc is located
  • If they purchased my online course or your craft pattern or Aunty Jo’s yoga video on board transport travelling between different countries in the EU (for example, by boat or train), the consumer location will be the place of departure for the consumer’s journey
  • If they bought through an individual consumer’s telephone landline, the consumer location will be the place where the landline is located
  • If they purchased through a mobile phone, the consumer location will be the country code of the SIM card
  • If it was through a decoder (what’s one of those, when it’s at home, wherever that might be in the world?), the consumer location will be the postal address where the decoder is sent or installed

I can already hear the wave of WTFs (please excuse my language – the situation calls for it) echoing around the internet at this.

But you’ll be really relieved to know that, if you buy one of my courses or download one of my e-books or MP3s, I DON’T actually know whether or not you were at home, at work, skiving down at your favourite wi-fi cafe or if someone was sneaking off for a romantic weekend away with their beloved on the Eurostar to Paris. And that’s a good thing.

Unless we’re talking about the new EU VAT laws.

In order to be allowed to sell my ‘digitally-delivered’ products (i.e. downloaded, not live or face-to-face), I HAVE TO collect this information.

To comply with the new laws, I have to collect two (or three, if they don’t match) of the following types of evidence – and I have to check DURING the purchase process that they give the same country:

  • Your billing address
    Ok, so you might give it to me, but plenty won’t, and that costs me sales, ‘cos I sound like a scary bunny-boiler if I ask for your physical-world address for an online e-book.
  • Your IP address
    This is the geographic location of your computer. I CAN get it by manually trawling my website’s visitor logs, but believe me, I’d rather be creating radical life-changing stuff for you than losing the will to live, wallowing in my website’s databases.
  • The location of your bank
    Woah! So if I ask you for that, then I reckon I’ll be left with about 1% of my customers. Creepy stalker-lady-credit-card-stealer-alert.
  • The country code of the SIM card you used, if you completed the transaction on your mobile (which 60% of my visitors do)
    Again, I’m in bunny-boiler territory here. And frankly I’d rather spend the evening with my kids than surf Google to check out where your mobile phone number is from. Sorry!

And in case it wasn’t exciting enough, if you buy my online course using your French credit card whilst you’re on secondment for work in Hungary, then I have to collect a third piece of data to tip the balance and prove the ‘place of supply’. So my systems need to be able to collect at least 3 of the above pieces of information, just in case…

And I have to create a system that will collect and check all of this information faster than my chickens chase a slug, while your transaction is processing. If the data gives a ‘computer says no’ message, I’m supposed to turn you away.

And if I don’t collect the information – even if you’re based in the UK, like me – I’m breaching the laws because I can’t prove I don’t owe VAT to France or Slovenia.

Are you still feeling like doing business with me? Or have you run a mile yet?!

Now, following a ‘Twitter clinic‘ run by HMRC today, it seems that they are expecting the payment processors to do all of this for us.

(You’ll have seen these guys – they’re the PayPals and Worldpays and Sagepays and the likes used by smaller businesses to process credit card transactions.)

And, indeed, based on the thousands of comments I have been reading on Twitter and in the various Facebook groups over the past two weeks since awareness of this kicked off, most micro businesses are expecting that, too.

I should be breathing a huge sigh of relief…

But here’s the clanger…

I have been in discussions with by far the biggest provider of merchant services for micro businesses, PayPal, over the past week, and they can’t help us.

After dedicated to-ing and fro-ing, here’s what their legal teams allowed them to tell me:

Here’s What PayPal Said:

For small merchants, we can currently provide the following data that is on file with us:

1. The Country Code of the Buyer. This would be the country that the PayPal Account of the buyer is registered in.
2. The phone number of the buyer as it is registered within Paypal

These are the pieces of information we can provide, given the proper account settings and usage of Express Checkout.

This is confirmed both in their email to me and on today’s press release.

Here’s Why PayPal’s Solution Is A VAT-MOSS Waste Of Time

As I explained above, the information that I (and hundreds of thousands of other businesses – huge and teensy) am required to supply under the new EU VAT regulations is where the customer is at the time they purchase – NOT at the time when they created their PayPal account.

So knowing their registered address and phone number from their PayPal account is completely irrelevant, when it comes to complying with the EU VAT laws, as they currently stand.

It misses out everyone who purchases online at work, on a cafe’s wi-fi, via their mobile phone, whilst travelling, whilst at their friend’s house, whilst away on business – all of these cases are missed by relying on the address that was used when the customer first registered with PayPal – and that’s assuming they haven’t moved lately.

By law, we require their CURRENT address and their IP address (or SIM country code in the event of a purchase using their mobile).

And remember: the selling company is liable if this information isn’t collected correctly – NOT the payment processor. So that’s me, not PayPal.

PayPal’s email to me also shared another gem:

“The last piece of information you’d need is the IP address of the customer – this piece should collected by the webserver.”

In other words, PayPal is telling me that I have to manually find your IP address and check it is the same country as your registered address, before I sell to you – but that’s not going to happen if you’re buying at a time when I’m not sitting at my computer. Actually, it’s just not going to happen, any time. And that leaves me in breach of the laws.

PayPal is effectively washing its hands of the EU VAT-MOSS regulations.

They are happy to provide sellers with potentially inaccurate proof of location information and are telling us to manually trudge through our websites’ visitor databases to see if this matches with the customer’s registered address from the purchase.

This is not something I can do in real time. Yet the laws require me to do it DURING the purchase process.

So any business using PayPal is highly likely to end up breaching the VAT-MOSS laws.

And – broken record alert – the SELLER is liable, not PayPal.

Now don’t get me wrong. I’m not on a PayPal-bashing-mission, though their response to these legal requirements is woeful.

This problem goes further than PayPal. We’re still waiting to hear back from the other key players in the market as to whether they can help us to meet our VAT-MOSS obligations. What is scary is that these regulations have been in the pipeline since 2008 and no one has been checking that micro businesses can actually comply with them.

And it gets worse…

You also need to keep the data for 10 years, on an EU-based server.

The server bit leaves me stuffed – my eco solar hosting in California would immediately put me in breach of the VAT-MOSS regulations.

Then there comes the scary bit about having to abide by the equivalent of the data protection rules for each and every EU member state – as well as registering with each individual data protection commission, paying their feeds, and either becoming a world-renowned polyglot or paying translators to make sure you’re not breaking the law.

And this comes at a time when, as Sergio Maldonado, an international privacy compliance consultant, tells us, the EU Data Protection agencies have been telling businesses to stop collecting IP address information.

PayPal and their friends could handle all of this for us, if they processed the data, as HMRC is expecting. But they won’t.

Basically it’s impossible for small businesses to comply with VAT-MOSS law without paying for third party software solutions or selling through resellers and losing a huge cut of their sales.

What can you do?

We either need our payment processors to enable us to comply or we need an exemption (e.g. for businesses below the UK VAT threshold) from these onerous requirements.

  • Get informed: Write to your payment processor and insist on them telling you EXACTLY how they will ensure you can comply with VAT-MOSS – you can use my checklists (above) as a crib sheet. Make sure you ask them whether THEY will do the VAT charging and distribution at the correct legal rates or whether you have to take the hit by selling at your usual price and paying the VAT via VAT-MOSS out of your margin.
  • Lobby for an exemption: The evidence for ‘place of supply’ was designed as corporate legislation and I’m sure it was never intended to target micro-businesses – who have no sensible means of accessing that data.
    You can lobby for an exemption for small businesses (e.g. under the UK VAT registration threshold), so that just the customer’s address (something we can reasonably obtain) is required as proof of place of supply. If you’re in the UK, you could:

    • write to your MP
    • write to HMRC (vat2015.contact@hmrc.gsi.gov.uk)
    • and write to or phone Vince Cable (enquiries@bis.gsi.gov.uk).

    Vince runs the government’s Department For Business And Innovation and he is one of the few people in the country who could persuade HMRC to listen and potentially grant this exemption. At the moment, we have heard rumours that the person in Vince’s team who is handling VAT-MOSS is blissfully unaware of the tens of thousands of tweets or the numerous Facebook groups that have sprung up to raise awareness and get urgently-needed. Frankly, we need to make our voices heard.

  • Spread the word
    The vast majority of micro businesses don’t even know about this legislation yet. Please spread the word by signing and sharing the petition, joining in with our Twitter #VATMOSS discussions and telling your friends on Facebook.

We’d love to hear from you!
How is VAT-MOSS going to impact your business?
Which questions do you have?
What actions are you taking?
And if you get answers from other payment processors to the questions we’re asking, PLEASE let me know, so I can keep this article updated. Thanks!
Please share via the comments!

Above all, please let’s stay positive. Although we can’t change the structure of the legislation at this stage, we ARE seeing amazing things starting to happen, as a result of the past two weeks’ campaigning. And more will come. Thank you for whatever part you chose to play in finding a solution for this huge VATMESS.
With love, Namaste,
CJ Sig

Disclaimer: I am not a Chartered Accountant and this article is not intended to give financial advice. It is about raising awareness of a hugely important issue. It is ESSENTIAL that you get professional advice if you are making any decisions about how to comply with VAT-MOSS in your business. Thank you!

Get bite-sized inspiration for business breakthroughs you’ll love:

P.S. I hate spam, too. I promise I will treat your email address with the utmost respect. xx Clare


  • Gabor says:

    I’m curious about an option what I don’t find answered in terms of location identification for VAT.
    What happens if someone signs up for a service with a monthly recurring payment, like a website membership? The content he’d receive falls under the category of the new VAT rules. At the time of the original payment I could collect his actual location. However, the recurring payments month after month would be performed automatically, without his interaction with the system.
    How would I know where he is at the times of the new payments? And if I couldn’t know (because, really I couldn’t), what should I take as his location then? His country of origin, or his location at the time he made the first payment?
    Imagine that a German fellow who currently works in Paris signed up to your membership site with his German credit card while he was on a business trip in Luxembourg. The first month’s payment falls under Luxembourg VAT. Where should the next months’ VAT be paid?

    • Clare Josa says:

      This is one of the many crazy unintended consequences that make this legislation so unworkable, Gabor.
      It’s why we’re campaigning for it to be reformed. As you say, only the payment processor would have information, in this situation, not you.
      I’ll add it to our list of “Impossible Scenarios” – thank you for raising it!

  • Philip Cresswell says:

    Further to my last:-
    1 for “Data Protection Registrar” please read “Information Commissioner’s Office”. I was out of date!
    2 See this link https://ico.org.uk/for-organisations/guide-to-data-protection/exemptions/ for reference to the exemption
    3 The exemption appears to arise from Data Protection Act 1998 section 29 (1)(c) which I quote:
    29 Crime and taxation.

    (1)Personal data processed for any of the following purposes—

    (a)the prevention or detection of crime,

    (b)the apprehension or prosecution of offenders, or

    (c)the assessment or collection of any tax or duty or of any imposition of a similar nature,

    Looks pretty clear in these circumstances. But the exemption is only one of registration, and the obligation not to move the data outside the EU still seems to apply, Who would police that and how looks to me like a real problem! Gluteus maximus versus cubital joint, anyone???

  • Philip Cresswell says:

    I think the Data Protection issue is a red herring. For UK purposes at least, personal information processed for accounting purposes is exempt from any requirement to notify the Data Protection Registrar. If we are broadly following EU guidelines with UK Data Protection law, I would expect other a EU states to apply a similar exemption. BUT, I admit that I don’t know that for sure.
    Also, I don’t see why hard copy records shouldn’t constitute adequate backup, although you might end up having to use the “mice ate my records” defence. We all use cloud backup more and more, but accounting data is pretty compact. I’d love to provide, ten years down the line, a set of backup records on floppy disk!

    • Clare Josa says:

      That’s the thing, Phil.
      There doesn’t seem to be hard evidence on this.
      Is there a chance that a member state’s equivalent of the Data Protection Police could take a different point of view?
      This really should have been clarified in the legislation.
      Either way, I really wouldn’t want my address, phone number and other private data being stored on an insecure laptop on someone’s kitchen table. It’s a data protection / identity theft nightmare waiting to happen.

  • Megan Kerr says:

    Although iBooks supposedly *should* be responsible for the VAT (they set T&Cs, authorise payment, and authorise the download), their latest notice on VAT regulations reads as though they’re trying to distance themselves from that responsibility. I’m not sure if I’m interpreting it right – I’m not a tax / legal specialist. This is what they say:
    “Will Apple send a U.S. Tax Form 1099-MISC for my sales?
    No. Sales on the iBooks Store are sales by you, the seller of copyrighted works, to end users and Apple treats payments made to you for these sales as payments for products or goods, which are specifically exempt from reporting on Form 1099-MISC even though the payments may be reportable a Form 1099-K and may be taxable income to you. You are responsible for determining your own tax obligations with respect to these payments. If you are uncertain of your tax obligations, we recommend that you consult with a tax professional.”

    At first it looks like they’re saying “you have to pay your own income tax” (as normal), but the way they explicitly say “you are the seller” looks like they’re carefully positioning themselves as *not* responsible.

    Here’s the full notice, if anyone wants to try casting a more expert eye over it: http://www.thewritersgreenhouse.co.uk/downloads/iBooksVATnotice.pdf

  • Stephen Mainwaring says:

    The point about HMRC only informing / negotiating with VAT registered businesses is a good one. I have run a LTD Co. for 18 years and yet have received nothing from HMRC informing me of these new VAT rules. It was only because of the Twitter storm last week that I became aware of this.

    I wonder if there is any possibility of something like a judicial review or at least a delay for non VAT registered e-businesses as a gesture of goodwill ?

    • Clare Josa says:

      Hi Stephen,
      Exactly – the Twitter storm was brilliant for raising awareness.
      We met with HMRC and the Treasury – as well as a Cabinet Minister – today and they really did listen. They want to help and I genuinely believe they will.
      I’ll post a link here to the minutes from the meeting here as soon as I have them.
      Fingers very tightly crossed!

    • Philip Cresswell says:

      But Vince Cable assures us that all these changes are clearly and widel communicated. Trust hims – he’s a politician.

      I have been self-employed for thirty years, sometimes VAT-registered and sometimes not, and I can confirm that whatever the communication system may be, it does not reach as far as me.

      • Clare Josa says:

        We’ve just launched our worldwide survey and, so far, from the first 500 responses, 10% had NEVER HEARD of the legislation until the survey. Yet they now realise they are affected.
        It’s crazy how they missed hundreds of thousands of micro businesses and sole traders completely in the past 18 months of communication.

  • Alan Bell says:

    This is a big mess, I managed to clarify one small part of it. What isn’t clear from a straight reading, is that the “presumptions” are optional, for when they are more convenient to use. So, if you are supplying pay per view to cabins in a ship (over the internet somehow, don’t worry about the practicality of the example . . .), then you can presume the place of supply to be the country of the last port visited. If you are selling slingbox type content (that is the decoder) then you can presume that the VAT is to the place you sent the box, even if the consumer moves it. So, these are optional presumptions, that affect particular situations – “you *can* presume” – if it makes life easier for you (which for most people it won’t). In general these presumptions don’t help, however if these presumptions don’t help, then you need 3 bits of evidence to rebut the presumption – this bit makes no sense, but I think it is safe to ignore it if you don’t already have a good reason to presume they apply. What most people need is 2 bits of evidence, if they are not a business that is targetting one of those specific situations. If you are doing stuff for people on ships or trains, and you want to charge VAT at the rate of the home address of the passenger then you can do that, with 3 bits of evidence, otherwise you can presume they got on at the last stop.
    The upshot of it is, that you need lots of evidence and records to trade cross border to consumers. The easy route is to block anyone from outside the UK from your services, unless you are VAT registered and they can provide a VAT number. If you have good faith measures in place to prevent EU consumers from trading with you then you are probably OK, this isn’t really the dream of the common market.
    The problem for VAT registered businesses is that there is no “safe” way to pay too much tax. Before we could charge 20%, and we didn’t have to care where people were. Now we are liable to penalties from 28 tax authorities if we can’t prove that we haven’t accepted a sale from their territory. What we need is something like a 25% rate that we can charge and hand over to HMRC for customers who don’t provide evidence of their location, this would then be redistributed around the EU. Then if the customer wants their local rate of tax (20% or 17% or whatever it might be) then the customer has to provide the evidence that we need, but we can still safely trade.
    Did you know that the Italian rate of VAT changes in May? Do you care? You have to care now. When is the next Belgian VAT change?

  • Simon Dunant says:

    Hi Clare,
    Really great blog post about the whole VATMOSS fiasco. You know small and micro businesses need help here, theres an opportunity to create something new to help micro buisnesses, something that fills the massive gap between micro business and global platform. If the VAT MOSS rules aren’t going to change we need to build a buffer that’s going to have a stake in helping micro businesses to succeed, not just take a fee for payment processing. Now that’s an opportunity. Masterminds welcome, apply within…

    • Clare Josa says:

      Hi Simon,
      Thanks for taking the time to comment.
      Yes, fiasco… HMRC admitted yesterday that there are several hundred thousand businesses they forgot to talk to about this. Basically all communications went through to VAT registered firms, missing almost all nano biz and self employed – who are equally hit under this legislation as corporates like Amazon and iTunes.
      We’ve been working hard on that since we found out about all of this a couple of weeks ago. Already massive progress, now we have been told that ‘nano businesses’ will be able to register for VAT-MOSS whilst keeping their UK exemption threshold.
      The next hurdle is an exemption for the required 3 pieces of information to prove someone’s country (i.e. place of supply). Most of it simply isn’t available to Nano Biz using mainstream payment processors. Masterminds welcome!
      Here’s a summary of yesterday’s HMRC webinar: http://www.clarejosa.com/vat-moss-webinar-2nd-december-2014/
      And I’ll publish a summary of our meeting with them tomorrow.

  • Florian says:

    collecting the IP-Adress during checkout on your site is relatively easy, as it is part of the environment variables that your webserver passed to any script.
    But the show stopper is, that there is no reliable way of locating the geographic location of an IP address on the globe. The address is telling you the network location, that is in what IP-Network the Address is located. But as soon as the user is using tor or a company VPN or is part of a bigger company this address is not related to him anymore. Adn it gets worse. When using your e.g. australian mobile phone via roaming in the US, it is possible that the internet traffic is routed to australia first, so the IP will be ‘located’ in australia. Forthermore one network can be split over several continents without being noticed.

    Speaking of the country-code of the SIM card: This is completely impossible to access via website/checkout whatsoever.


    • Clare Josa says:

      Really useful extra info Florian – thanks for the post!
      Yes, IP address is available on the server. The challenge for so many of the thousands impacted by these regulations is that they’re not tech experts – they have no idea how to build a system that would check this real-time against the customer address and, as you say, even if they could it’s not as simple as HMRC is making out.
      Sounds like a really complex issue, from what you describe.
      Let’s hope we find a workable solution soon!

    • Philip Cresswell says:

      And what about proxy servers?

    • Gary Molnár says:

      And as a point of interest, when I visit Hungary, my mobile thinks I’m in Slovakia as the village is right on the border. So if I was ordering via mobile the evidence would not match. I’m sure this must be the case around all the EU borders.

  • Bill Seddon says:

    Clare you state: ‘You also need to keep the data for 10 years, on an EU-based server’ The 10 years part is part of primary legislation. Where does the ‘on an EU-based server’ come from. Nothing I have read – and that a lot – states that VAT records must be held on an EU server.

    Is there a chance you are confused between the VAT requirements and data privacy legislation? A vendor outside the EU can work around the data protection act through the simple expedient of making assent of the buyer to store any information pertinent to the legal record keeping requirements of the sale, a part of the checkout process. If the user does not offer their assent, they are effectively stating their intent not to by. But that’s no different to trying to buy from a shop using a credit card and refusing to hand over the credit card number.

    Your correspondent Sergio Maldonado may have heard that EU Data Protection agencies have been telling businesses to stop collecting IP address information but can you name one that has done so? The IP address is a fundamental part of the communication between the browser and the web server. I mean fundamental in that it is part of the specification of the protocol they use to communicate. If a web server were not to store the IP address, it would not know to which IP address a page response should be returned.

    • Clare Josa says:

      Hi Bill – I had the info on the server location from an EU VAT specialist, however I will go back to them this coming week to ask them to confirm their source and get back to you. And, yes, they were talking in the context of the new EU VAT legislation, not general data privacy legislation.

      However, even if it only applies under data privacy legislation, if we’re keeping the VAT-MOSS records for 10 years, surely they still have to comply with data privacy legislation, too?

      And, no, I can’t name a company that has stopped collecting IP addresses. But that’s not the point I was trying to make. The reason I raised Sergio’s point is that it beautifully illustrates the lack of joined-up thinking on these regulations and how, if we try to comply with all of the various types of EU legislation that are coming in, it will create chaos.

      Your point about having a tick box on the checkout asking the customer to agree to the retention of their data is, of course, valid. However, most micro businesses are using payment processors like PayPal, not highly customisable shopping carts, and they have no influence over whether PayPal would make these changes for them.

      • Bill Seddon says:


        That will be great. I cannot find this requirement in primary legislation. Though a UK business most of our clients are in the US so we run our servers there and I would like to know if this breaks some hard to find feature of the new rules. I’m already aware of one person in the US that is quoting this aspect of your post as fact and broadcasting it on twitter (https://twitter.com/mtekkmonkey?cn=cmVwbHk%3D&refsrc=email). Personally I don’t care but it is an example of how comments in a blog can influence the uninformed.


        That is *if* the assertion is valid. I’m not convinced it is. Anyway, I’ve written to him asking if he would provide actual examples. I’m not holding my breath. I’ve also written to Christopher Graham, the UK’s Information Commissioner for their views on the use of IP addresses. I will be staggered because the IP address is the meta-data law enforcement agencies request in order to track individuals of interest (with a warrant of course).

        You are trying to raise opposition to the extent of change in regulation but it’s hard to imagine Vince is in a position to change pan-European legislation 1 month from its start and 9 years from its inception in 2005. I hope you are taking steps to find a practical solution so you are able to continue selling products that comply with the new rules.

        Do you think there are many like you that could do with a simple mechanism to sell a file while remaining compliant? It will be a straight-forward thing for any existing web site with a shop to make sales by 3rd parties like you compliant even when using PayPal as the payment gateway.

        • Clare Josa says:

          Hi Bill,
          We are not trying to raise opposition to the extent of change in regulation. We are not asking Vince Cable to change pan-European legislation. We are trying to find workable ways to allow small micro businesses, who fall below the UK VAT threshold, not to be forced to close their doors to non-UK EU sales (which are hard to prevent) or digital products. And HMRC is working with us – which is brilliant. We are hopeful that we will find a way – somehow.

          As promised, I will do my best to find the source for the point on server location. You have given me less than 24 hours since your initial request – and that was on a Sunday. Please bear with me. 🙂 We have been back to the ICO, which we thought was the source, but there have been major changes to their website and lots of info has moved / gone. So we’re still on the case.

          However, with all of the meetings we’re having with HMRC and others this week, and other awareness-raising activities, my current priority is helping thousands of business owners to get answers to their burning questions, to allow them to stay in business after 31st December and to make sure the new changes don’t ruin their Christmas.
          Thank you again for taking the time to comment.

    • Clare, Bill – I’m late to the party, but it’s my opinion, that Bill is right here in that there is no data must be in EU-only requirement. Certainly not with respect to VAT regulations, but that’s largely academic as Data Protection laws will apply to the evidence you need to store to comply with those regulations.

      However, event with regards to Data Protection – those laws do allow for data to be stored outside of the EU. That opinion is based on this brief: https://ico.org.uk/for-organisations/guide-to-data-protection/principle-8-international/ – which allows for data to transferred to countries of “adequate” protection. The US is not included in that list, but it is **potentially** allowed (depending on the company storing the data) under the “Safe Harbor”.

      Thankfully, my host is registered as a “Safe Harbor” – but you would need to check with yours that they are too. I should imagine that any host worth using is.

  • Here’s another thing about the location data issue. EU citizens now spend extended periods in other member countries. My husband works for the UK subsidiary of a Dutch firm which also has a Romanian subsidiary & it’s not unusual for Dutch employees to spend 6 months in UK, or English employees to spend 6 months in Romania.

    What’s the position there? How is the seller supposed to collect the two non-contradictory pieces of information to identify the buyer’s location when the credit card comes from a Dutch bank and the IP address and telephone number of the landline delivering the product is in the UK or Romania?

    • Clare Josa says:

      Great points Juliet. That’s exactly what we’re lobbying HMRC about at the moment.
      And for micro businesses, most of them don’t get any information about their customer other than the address the customer used to register with PayPal or equivalent – which could be in completely the wrong country.
      You have to collect 2 pieces of non-contradictory evidence and, if they contradict, then a third piece is needed.
      Most micro businesses don’t have access to that at the moment.

      • Philip Cresswell says:

        And what if the third piece contradicts both the other two?

        • Clare Josa says:

          Precisely 😉
          Actually, the rules are – so HMRC says – that you take the two that agree as the correct country.
          But it still requires API programming for PayPal, so the collection and checking of the data is well beyond most micro biz and sole traders.

  • Phillipp says:

    I’m not sure how you got some of the information. The regulation is, judging from all the information I gathered to update my ecommerce platform, not so incredibly hard to implement in most cases. Maybe it would be good if you just read the practical guide of the EU carefully, a lot of your exact cases and problems are described in it.

    For example the “where the customer is located at the time of the checkout” – that’s simply wrong. Important is where “the customer is establish or has his permanent residence”. So the Paypal country would be exactly what you need.

    After that, I skipped the rest of the article because frankly it seems like you didn’t do your homework.

    • Clare Josa says:

      Dear Phillipp,
      Thank you for your comments.
      I notice from your email address that you seem to be based in Germany, rather than the UK, and I wonder if the German tax authorities are interpreting the rules differently?

      The information for the rules on place of supply and how to evidence it were taken directly from UK HMRC documentation on the VAT-MOSS requirements and that is what UK businesses have to work to.

      The information from HMRC makes it very clear that the customer’s address at the time they registered for a PayPal account will not suffice. For a start, it’s only one piece of evidence, and the rules require us to collect 2-3. We also need to know the phone location or IP address used for the purchase. It is highly possible that this might be different to their registered PayPal address, which creates further complications, especially as micro businesses don’t currently get this information from their payment processor.

      I’m sorry you feel I haven’t done my homework. I can assure you I have and the statements made were both referenced (see all the links) and checked by 3 VAT specialists before it was published. If there are genuine inaccuracies I would, of course, be happy to correct them.

      In fact, we are lobbying HMRC for an exemption from the high burden of proof for micro businesses to allow just the solution you suggest (just using the customer’s declared address) to be acceptable. Without it, many are saying they will have to cease trading at the end of this year.

      I wish you every success with your changes to your e-commerce platform. Thank you for taking the time to comment on the article.

  • Astrid Aregui says:

    Thanks for that great summary, Clare. I’m currently trying to set up a business as a … free-lance translator. Needless to say that people will not want to use my services if they can’t sell abroad without breaching the law.
    In addition, I think that some people are still under the illusion that they can stay out of trouble by selling only in the UK. Not only is that difficult to control online, but my understanding is that this would not solve anything. They’d still have to collect the necessary data to prove that their customer was indeed in the UK at the time of purchase (and not, say, on a Eurostar they boarded in Belgium).
    I’m writing to Vince Cable this weekend…

    • Clare Josa says:

      Hi Astrid – thank you for your comments. And yes, you’re spot on with the fact that we still have to prove that our customer was in the UK at the time of purchase – as the rules currently stand.

      At the moment, this only impacts ‘digitally-supplied’ services and products where there is minimal human intervention.
      So if you sell your translations services abroad, as long as you’re actually doing the translation and not using a computer programme for it, there is plenty of human interaction and the rules don’t apply to you – so sell away!

      Where it would come in is if you launched, say, an e-book on something like ‘how to find the right translator for your project’ or ‘how to do basic translation on your own’. If you sold those via an automated system, the new rules would apply.

      I say ‘at the moment’ because we have been told that the intention is to roll these changes out to cover all products and services in the future. However, by the time that happens, we’ll have helped to get workable solutions in place and the headache will be much smaller.

      Good luck with your project!
      Please write to Vince, anyway 🙂

  • jackie says:

    Thanks Clare. I agree its impossible to comply. It has to be altered if not abolished.

    • Clare Josa says:

      Spot on, Jackie.
      We’re lobbying for (1) the right for micro businesses to keep their VAT exemption threshold on UK sales (something they currently forfeit if they register for VAT-MOSS) and (2) an exemption from the impossible evidence requirements for place of supply for micro biz.
      I believe in miracles 🙂

  • jackie says:

    Thanks for addressing this in this great and very helpful post.
    There is one other issue I don’t think you’ve covered..I may be wrong.
    Vat ‘MOSS’ is a ‘Mini One stop Shop’ for which those already liable for vat in UK can register. It will solve their problems .
    However, if you are NOT liable for vat in UK, ie below the threshold, you are unable to use MOSS So you have to do it yourself. That is why it unfairly hits very small businesses. We need to lobby to maintain the exemption threshold for micro businesses, or allow them to register with MOSS.

    • Clare Josa says:

      Thank you for your feedback, Jackie.
      I have to confess that I deliberately stayed away from the whole VAT registration / not registering side of it – it has been well written about elsewhere and the point I wanted to make with this article was that we CANNOT comply because we can’t get the information.
      So even if we could uphold the VAT exemption threshold for micro businesses, they still wouldn’t be able to comply with the legislation.
      Unfortunately VAT-MOSS isn’t actually a help for us. We can’t get hold of the required proof of place of supply, which would make it impossible to accurately do the VAT-MOSS return.
      And yes, the petition is lobbying for just what you’re suggesting – here’s where everyone can sign and share it: https://www.change.org/p/vince-cable-mp-uphold-the-vat-exemption-threshold-for-businesses-supplying-digital-products
      I hope that makes sense, Jackie!
      Thanks again. Clare

  • Rosie Slosek says:

    Bravo. I’ve added it to my post What To Do – EU VAT Changes 2015. It isn’t about not wanting to pay tax, it’s about not being able to comply with the law.

    • Clare Josa says:

      Thank you Rosie. And thank you for the once-over.
      As you say, it’s not about us objecting to the legislation – though we could… It’s about how we cannot physically comply with it.

Leave a Reply