UAE e-invoicing mandate · compliance middleware
Every invoice, automatically validated.
Every invoice you submit gets checked against every required field before it reaches your Accredited Service Provider, so you always know exactly where it stands: never a black hole, never a surprise at month-end.
Why UAE-first
One mandate, done properly, not a hundred, done adequately.
We’re not building a global platform with a UAE checkbox. The PINT-AE spec, the Emirates-specific TRN and Peppol scheme rules, the Wave-1/Wave-2 timeline: we built against the actual document, in the actual region, for a market we understand. Depth over breadth, with residency in-region as the deployment stands up.
What gets automated
Three things Kodowo does for you, end to end.
Compliance validation, automated
Every invoice checked against the full field set before it ever reaches your ASP.
- All 51 official MoF fields checked, plus 11 more we validate for completeness
- Caught before transmission, not after rejection
- A full audit trail for every invoice, automatically
ERP-to-ASP integration, automated
Connect your existing system once. The mapping and routing run on their own from there.
- Works with any ERP or POS system, API or file-based
- Field mapping handled automatically, not by hand
- One pipeline to your chosen Accredited Service Provider
Multi-client automation for practices
One login, every client entity, the same automated pipeline running for each one.
- Switch between client workspaces instantly
- The same validation and audit trail, per client
- Built for accounting firms managing many entities
Path to live
Three steps, and the second one is free.
Step 1
Get tenant credentials
Early-access onboarding: an admin issues your API key out-of-band. It's shown once at creation.
Step 2
Loop on /validate until clean
Same payload, zero persistence. Iterate on your field mapping against the real validator until every check passes.
Step 3
Switch to /submit
Identical checks, now persisted, queued, and routed to your ASP, with status webhooks back to you at every terminal state.
The mandate is a network, not a file format
The 5-corner model, explained once.
UAE e-invoicing runs on the Peppol 5-corner Decentralized CTC and Exchange model. Your invoice never goes straight to the tax authority: it moves seller → your Access Point → the network → the buyer’s Access Point → buyer, with the FTA receiving its copy from the network side. Getting a validated, audited path into that network is the actual integration problem. That path is what we built.
We sit in front of your Accredited Service Provider, in every submission: the layer that decides whether an invoice is ready before it ever reaches the network.
Architecture
The 5-Corner DCTCE Network
What Kodowo does
Ledger, validation, audit.
What your ASP does
Signing, exchange, FTA reporting.
Any source in, any gateway out
Seamless routing to any accredited gateway.
Kodowo is built to interface directly with the UAE’s officially recognized compliance framework. We remain gateway-agnostic, validating your data before it reaches your chosen provider.
Source side
Any ERP or POS system, in.
We ingest invoice data from any system that can export a file or call an API: export a CSV or Excel file from your accounting system and import it in minutes, or push invoices straight to our API. A native one-click connector for a given ERP or POS platform isn’t built yet; this is a standard API and file-import path today.
Gateway side
Your Accredited Service Provider, out.
Once validated, your invoice routes to the ASP you choose. Your ASP credentials are yours: bring your own key, encrypted end-to-end with AES-256-GCM, never stored in plaintext. We don’t claim partnerships with specific providers; we connect to whichever one you’ve appointed.
View the official pre-approved ASP registry on the MoF website →The real alternative is DIY
An invoice POST is a sprint. Staying compliant isn’t.
Any team can wire up a JSON endpoint in an afternoon. What’s actually hard (and stays hard, indefinitely) is everything below.
| Concern | Building it yourself | With us |
|---|---|---|
| Field normalization | Map your own JSON to 62 PINT-AE fields by hand | POST arbitrary JSON: alias mapping is built in |
| VAT category coherence | Track 6 categories, allowed-rate sets, exemption reasons yourself | Checked on every submission against the official codelist |
| TRN / TIN cross-checks | Re-derive and compare identifiers on every request | Enforced automatically, with exact-cause error codes |
| Idempotent, retry-safe transmission | Build your own dedup key, backoff, and circuit breaker | Idempotent on (tenant, source_reference), chaos-tested |
| Tenant isolation | Enforce it in application code, and hope nothing skips the check | Postgres Row-Level Security, FORCE-enabled at the database |
| Audit trail | A table you can UPDATE, which means it isn't really an audit trail | Append-only, trigger-enforced, immutable by design |