Software compliance is as much a matter for software publishers as for companies developing their own software in-house, seeking to comply with regulations. Or to justify the quality of their product or reassure their customers. By enrolling in the certification process, a company can benefit from the recognition of the NF mark. The NF mark inspires confidence, quality and safety.
How can I get my software certified?
It's important to remember that by committing to compliance, a company opens up new markets by proving the quality of its product. The certification process will enable the company to optimize its internal practices and processes, in terms of hotline, testing, documentation and so on.
There are 5 stages in the certification process:
Step1: Software compliance registration.
Following a contact request, you will receive an identification form which you will need to complete and return to us. You will then receive a quote for an initial audit to assess your software's compliance.
Stage2: Integration of certification rules
Once the registration has been validated, the software publisher or company will receive the certification rules to be integrated into their software before making an appointment for the audit.
In addition to the certification rules, and depending on the certification involved, for example NF525 - linked to the VAT anti-fraud law, you can take part in a half-day training session. This training will cover the presentation of certification and the integration of certification rules into your software. It could save you precious time in bringing your software into compliance.
Step3: The certification audit.
Once the certification rules have been integrated into your software and development is complete, we'll schedule a certification audit together. During the audit, one or more auditors will carry out verifications. They will assess any discrepancies between the certification rules and your software.
Stage4: Report and decision.
Following the audits, INFOCERT proposes a certification decision to AFNOR Certification. In some cases, an additional audit may be required before certification can be granted. If certification is granted, the certificate of conformity can be accessed directly on our dedicated website - see the list of certificates.
Step 5: Annual monitoring.
Annual monitoring will enable compliance to be assessed over time. The duration of surveillance will depend on changes in regulations or certification rules.
Why get my software certified?
As we saw earlier, software compliance means improved software quality. And opportunities for the software publisher.
Software compliance also means keeping abreast of regulatory changes. In terms of certification, for example, you can be sure of having a product that is maintained and up to date.
This is a crucial point, especially at a time when we are preparing for the implementation of the reform on the generalization of electronic invoicing. As a reminder, this reform represents a real fiscal upheaval. From September1, 2026, French companies will be obliged to receive dematerialized invoices directly from the platform of their choice. You can find out all the important information in our special report, or in our comprehensive training couCSR dedicated to the subject, participation in which can be covered by your OPCO.
As a reminder, software certification is aimed at all types of companies and publishers. Whether it's an ERP, a SaaS solution, software hosted in Cloud mode, and so on. Software compliance can concern many different areas. Whether it's sales management, GDPR, VAT anti-fraud law, invoicing software, and many more.
What are the risks of not complying with software compliance?
By having their software certified, companies and software publishers also protect themselves against potential regulatory sanctions. For example, in the case of the fight against VAT fraud and NF525 certification. Article L-80 of the French tax code (livre des procédures fiscales) stipulates the following penalties for the use of software that does not comply with regulatory requirements:
- A €7,500 fine per collection system and 30 days to comply. Then another 7500€ fine and another 30 days, and so on. And all this, up to and including rejection of the accounts.
- The user will also have to pay all fees corresponding to non-compliant receipts plus an 80% penalty for fraudulent maneuvering.
- For the publisher or integrator, the fine is 15% of sales, and the user is liable for joint and several payment.
How long does it take to achieve software compliance?
To be certified is to be part of a process of transparency, improvement and continuous evolution of your software.
The length of the process is linked to the time it will take to bring your software into compliance. This can vary from 1 to several months. A certificate of effective progress, valid for 6 months, can be sent to you while your product is being brought into compliance. This attestation of effective progress will enable you to justify your progress in the certification process to the tax authorities or potential customers.
The certification audit generally lasts two days. Please note that the stages of the certification process may vary depending on the certification in question. For example, for NF552 certification relating to the GDPR.
How much does certification cost?
The cost of certification depends on the specific features of your software and the certification you are aiming for. The price includes the cost of the specifications, the work done upstream - analyzing and managing the application, managing schedules, etc., the cost of the audit, the audit report, the administrative processing of compliance, and the issuing of the certificate.
If you would like to receive your audit proposal, please do not hesitate to contact us. You can use contact@infocert.org to help us answer any questions you may have.
