Must have e-invoicing delivery-service provider ISO/IEC 27001 certificate?
Short answer
Yes. OpenPeppol decided to introduce a mandatory ISO/IEC 27001 certification for all service providers operating in the network Peppol. From 1 January to 31 December The ISO/IEC 27001 or Open certification will be valid on July 2027Peppolan approved equivalent certification condition for the provision of services in the network Peppol. A certificate issued to a parent company is sufficient only if the scope of the certification covers the services provided Peppol and certified entity is also an entity that has concluded a Service Provider Agreement with OpenPeppolom.
From 1 January to 31 December 1 July 2027
Certification of ISO/IEC 27001 or approved equivalent will be a condition for the provision of services in the network Peppol.
OpenPeppol
This is the decision of the Open International Peppol organization, not Slovak Peppol authorities individually.
Implementation plan
Providers without a certificate must follow the Open Implementation Plan and demonstrate the progress of the certification process.
Conditional recognition
A parent company certificate is sufficient only if the scope covers Peppol services and entity has its own contract with OpenPeppolom.
Conclusion
Financial Administration of the Slovak Republic, FAQ 9/VAT/2025/IM k e-invoice, July 2026 update
Not legal advice. Machine-translated answer, not yet manually reviewed. For the exact wording, see the Slovak original.