Category: Financial Markets

DORA is bringing resilience to the financial sector and beyond

Does she also bring a lot of bureaucracy and how to manage the compliance process?

The financial sector has been dependent on information and communication technology (ICT) for a long while and this dependency is only increasing with time. ICT is used by the sector for the delivery of its financial services to other sectors and to society. For which delivery the financial sector depends on ICT service providers. 

This chain of dependency, according to the EU, poses a risk of disruptions to financial entities, impacting other sectors and potentially the whole economy, because ICT service providers are not as well-regulated as the financial entities. So, that’s why DORA comes to the rescue! 

Who is DORA?

DORA stands for Digital Operational Resilience Act. It entered into force on 16 January 2023 and will apply as of 17 January 2025. The goal of The Act is to strengthen the IT security of financial entities such as banks, insurance companies and investment firms thus ensuring that the financial sector in Europe is able to stay resilient in the event of a severe operational disruption. 

According to the Council of the EU “the ever-increasing risks of cyber-attacks” and other disruptions in the ICT field need to be addressed. DORA sets uniform requirements for the security of network and information systems for the whole chain of all entities in the financial sector and all third parties providing ICT services to them (e.g. cloud platforms or data analytics services).

These requirements are homogenous across all EU member states. The core aim is to prevent and mitigate cyber threats. Organisations falling in the scope of the regulation need to be able to withstand, respond to and recover from all types of ICT-related disruptions and threats. 

DORA is bringing resilience to the financial sector and beyond
Fintech by u_6af2f287zu from Pixabay

From broader to particular

DORA was part of a larger digital finance package, proposed by the European commission with the aim to lay the foundation for fostering technological development and ensuring financial stability and consumer protection. In addition to the DORA proposal, the package contained a digital finance strategy, a proposal on markets in crypto-assets (MiCA) and a proposal on distributed ledger technology (DLT). You can read more about MiCA and how we can help you to comply by clicking here.

DORA covers six crucial tracks:

The relevant European Supervisory Authorities (ESAs), such as the European Banking Authority (EBA), the European Securities and Markets Authority (ESMA) and the European Insurance and Occupational Pensions Authority (EIOPA), will develop technical standards that all financial service institutions should comply with, from banking to insurance to asset management. The respective national competent authorities will be responsible of the compliance oversight and will enforce the regulation as necessary.

DORA is bringing resilience to the financial sector and beyond
Hacker by Cliff Hang from Pixabay

First batch of policy products

The first set of technical standards developed by the ESAs came out on 17 January 2024. The joint final draft technical standards include:

Regulatory Technical Standards (RTS) on ICT risk management framework and on simplified ICT risk management framework

This section identifies more elements related to ICT risk management. The goal is to harmonise tools, methods, processes and policies. It is stated that these elements are complementary to the ones already identified in DORA. 
The RTS identify the key elements that financial entities subject to the simplified regime and of lower scale, risk, size and complexity would need to have in place, setting out a simplified ICT risk management framework. The RTS ensure the ICT risk management requirements are harmonised among the different financial sectors. 

RTS on criteria for the classification of ICT-related incidents

Here the criteria for the classification of major ICT-related incidents is specified as well as 

  • the approach for the classification of major incidents, 
  • the materiality thresholds of each classification criterion, 
  • the criteria and materiality thresholds for determining significant cyber threats, 
  • the criteria for competent authorities to assess the relevance of incidents to competent authorities in other Member States and the details of the incidents to be shared in this regard. 

The RTS ensure a harmonised and simple process of classifying incident reports throughout the financial sector.

RTS to specify the policy on ICT services supporting critical or important functions provided by ICT third-party service providers (TPPs)

These RTS specify parts of the governance arrangements, risk management and internal control framework that financial entities should have in place regarding the use of ICT third-party service providers. 
They aim to ensure financial entities remain in control of their operational risks, information security and business continuity throughout the life cycle of contractual arrangements with such ICT third-party service providers.

Implementing Technical Standards (ITS) to establish the templates for the register of information

Finally, the ITS set out the templates to be maintained and updated by financial entities in relation to their contractual arrangements with ICT third-party service providers. The register of information will play a crucial role in the ICT third-party risk management framework of the financial entities. It will also be used by competent authorities and ESAs in the context of supervising financial entities’ compliance with DORA and to designate critical ICT third-party service providers that will be subject to the DORA oversight regime. 

Second batch of policy products

The second batch, again developed by the ESA’s, was published exactly 6 months later – on 17 July 2024.  It consists of four final draft regulatory technical standards (RTS), one set of Implementing Technical Standards (ITS) and 2 guidelines. The aim of those documents is to enhance the digital operational resilience of the EU’s financial sector. 

The package focuses on the reporting framework for ICT-related incidents (reporting clarity, templates) and threat-led penetration testing. It also introduces some requirements on the design of the oversight framework.

The final draft technical standards include:

  • RTS and ITS on the content, format, templates and timelines for reporting major ICT-related incidents and significant cyber threats;   
  • RTS on the harmonization of conditions enabling the conduct of the oversight activities; 
  • RTS specifying the criteria for determining the composition of the joint examination team (JET); and 
  • RTS on threat-led penetration testing (TLPT). 

The set of guidelines includes:

  • Guidelines on the estimation of aggregated costs/losses caused by major ICT-related incidents; and 
  • Guidelines on oversight cooperation.


Additionally, a Joint Final report on the draft technical standards on subcontracting was released the following week. These RTS focus on ICT services provided by subcontractors that support critical or important functions, or material parts of them. 
They also specify the requirements throughout the lifecycle of contractual arrangements between financial entities and ICT third-party service providers. In particular, they require financial entities to assess the risks associated with subcontracting during the precontractual phase, including the due diligence process.

Delegated and implementing acts

As part of the implementation process the European Commission adopts different acts to specify how competent authorities and market participants shall comply with the obligations laid down in the regulation

So far there are 5 delegated regulations, related to DORA, with regard to:

  • RTS specifying the criteria for the classification of ICT-related incidents and cyber threats, setting out materiality thresholds and specifying the details of reports of major incidents; 
  • RTS specifying the detailed content of the policy regarding contractual arrangements on the use of ICT services supporting critical or important functions provided by third-party service providers; 
  • RTS specifying ICT risk management tools, methods, processes, and policies and the simplified ICT risk management framework; 
  • Determining the amount of the oversight fees to be charged by the Lead Overseer to critical ICT third-party service providers and the way in which those fees are to be paid; 
  • Specifying of the criteria for the designation of ICT third-party service providers as critical for financial entities.

The regulations will come into force once they are published in the Official Journal of the EU.

DORA is bringing resilience to the financial sector and beyond
Cybersecurity by Pete Linforth from Pixabay

Next steps

The application of DORA starts from 17 January 2025. The oversight activities also start from the beginning of 2025, which means the institutions will be actively monitoring if the new rules are being observed.

How can we support you?

YNG legal is here to support you in the process of transitioning to full compliance with the Digital operational resilience act by: 

  1. guiding you through the whole process of meeting the new regulatory requirements: analysing the current situation, mapping the next steps, creating key documents and working with the authorities; 
  2. closely cooperating with your in-house IT team: our lawyers are tech-savvy and experienced in working with IT specialists in various fields and on different scales: from start-ups to global corporations; 
  3. connecting you with highly specialized IT companies to further consult you, no matter how big or small your in-house IT department is. 

Don’t wait more! Get in touch now to set up your compliance!

Att. Ivan Yankov is now officially listed as a mediator

Att. Ivan Yankov is now officially listed as a mediator

The managing partner of YNG Legal Attorney-at-law Ivan Yankov was just officially listed as a mediator in the The Unified Register of Mediators of the Minister of Justice of Bulgaria. 

Besides being a qualified lawyer with many years of experience and a licensed intellectual property appraiser, Att. Yankov has also undergone special training in mediation. 

Ivan is the second mediator colleague in the team after associate Iveta Ivanova, who was already certified when she joined the team.

We would especially like to thank Academy “Sporazumeniya” (Agreements) and Sevdalina Alexandrova – one of the founders and teachers at the Academy. Not only was the training filled with meaningful content, but the process was easy and purposeful.

  

Mediation is a way to reach a mutually beneficial agreement, within or outside of court proceedings. This process is conducted by a mediator – a third party neutral to the dispute, who aims to assist the disputing parties in reaching the optimal resolution of the issues in question. Mediators, in addition to being good intermediaries, need to be specially trained and selected before they are officially registered. 

The listing of Att. Ivan Yankov in the Unified Register of Mediators is a testimony to his high level of training in various areas of law and its accompanying activities. Anyone who chooses to try to reach a settlement can do so with the help of Att. Yankov.

The new AI Office brings the AI Act one step closer

Will it bring more bureaucracy or will it ease the compliance process?

The artificial intelligence (AI) sector is booming. More and more tools for various purposes and on various scales from ones for end-users to those tailored for large-scale enterprises are emerging and growing with a fast pace. Recently the European Union introduced a full-spectre legislation called the AI Act, covering every important aspect of the sector with the aim of not only guaranteeing human rights but also encouraging and nourishing innovation in the sector. 

Now the European Commission (EC) established the AI Office which will oversee the observing of that legislation. The EC states that the goal is to enable the future development, deployment and use of AI in a way that fosters societal and economic benefits and innovation, while mitigating the eventual risks. The AI Office will have a vital role in the implementation of the AI Act and it will also work to foster research and innovation in trustworthy AI. The EC also states that the AI Office will aim to position the EU as a leader in international discussions on the topic.

Structure of the AI Office

 The AI Office will consist of five units overseeing different key aspects of AI: 

  • Regulation and Compliance Unit – this unit works closely with member states to facilitate the uniform application and enforcement of the AI Act across the Union. It will also contribute to investigations and possible infringements, administering sanctions; 
  • AI safety Unit – responsible for the identification of systemic risks of very capable general-purpose models, possible mitigation measures as well as evaluation and testing approaches; 
  • Excellence in AI and Robotics Unit – responsible for building a thriving ecosystem by supporting and funding research and development. It also coordinates the GenAI4EU initiative (robotics, health, biotech and other fields), stimulating the development of models and their integration into innovative applications; 
  • AI for Societal Good Unit – deals with crucial topics such as weather modelling, cancer diagnoses and digital twins for reconstruction; 
  • AI Innovation and Policy Coordination Unit – oversees the execution of the EU AI strategy, monitors trends and investment, stimulating the uptake of AI and fosters an innovative ecosystem by supporting regulatory sandboxes and real-world testing.
Photo by Aidin Geranrekab on Unsplash
Photo by Aidin Geranrekab on Unsplash

Tasks ahead of the AI Office

The staff of the AI Office is interdisciplinary and consists of experts in technology, administration, economics, law and politics. They will help member states govern the implementation of the AI Act in order to ensure the process is coherent across the block. The AI Office will also directly enforce rules for general-purpose AI models, request information, apply sanctions and will coordinate the creation of “state-of-the-art codes of practice” by working with developers and scientists. 

The AI Office will work not only with member states representatives in the so-called European Artificial Intelligence Board, but also with independent experts in science, business, civil society and other fields. 

The new administrative body will also work to promote innovation by providing advice and information, and by giving access to different environments and services for experimentation. It will also work to stimulate investment by ensuring that AI models created in Europe and trained on EU supercomputers are well integrated into the economy.  

AI Chip Photo by Igor Omilaev on Unsplash
AI Chip Photo by Igor Omilaev on Unsplash

The AI Act

The so-called AI Act was introduced in May 2024 making the EU a pioneer in regulating this field. The new regulation aims to ensure safety and compliance with fundamental rights and also boost innovation. The AI Act follows a risk-based approach – the higher the risk to society, the stricter the rules. That exact regulation is the legal framework the AI Office will be responsible for enforcing. 

You can read more details about the AI Act and how it affects different actors in the field in our article here.

We are here to support you! 

YNG Legal takes care to always be up to date with not only official regulations, but with emerging trends in law, innovation and business. We approach every case diligently and proactively. That is also what we advise our clients – to take proactive action and not wait until it is too late and thus risk administrative or other penalties. 

Reach out to us today and get your consultation about AI regulation compliance! 

The AI Act: Preserving civic rights or hindering innovation in the EU? 

The first set of regulatory frameworks aiming at responding to the new challenges this technology brings

In recent years artificial intelligence tools of various applications and scales became more and more included in our life. And the faster the technology developed, the more present and available it became outside of specific industries and big corporations. To a point of a commercial boom so wide, that such AI tools swiftly reached small and medium enterprises (SME) and end-customers en mass. 

This quick and wide spread of a technology which evolves every day inevitably brought threads to information, personal data, intellectual property, jobs, businesses, human rights. That is why the European union moved to regulate artificial intelligence. 

A robot looking at a digital image of scales, symbolizing the regulation of artificial intelligence which comes into force in the European union.
Image by Freepik

The AI Act’s aim

On 13 March The European Parliament adopted the first amendments to the proposal for a Regulation of the European Parliament and of the Council laying down harmonised rules on artificial intelligence the so-called Artificial Intelligence Act.  

The new regulation aims to ensure safety and compliance with fundamental rights and also boost innovation. 

According to the first recital the purpose of this legislation is to: 

improve the functioning of the internal market by laying down a uniform legal framework in particular for the development, placing on the market, putting into service and the use of artificial intelligence systems in the Union in conformity with Union values, to promote the uptake of human centric and trustworthy artificial intelligence while ensuring a high level of protection of health, safety, fundamental rights enshrined in the Charter, including democracy and rule of law and environmental protection, against harmful effects of artificial intelligence systems in the Union and to support innovation.” 

Whom will the AI Act apply to?

  • Providers
    • placing on the market or putting into service AI systems or 
    • placing on the market general-purpose AI models in the Union, irrespective of whether those providers are established or who are located within the Union or in a third country.
  • Deployers of AI systems that have their place of establishment or who are located within the Union.
  • Providers and deployers of AI systems that have their place of establishment or who are located in a third country, where the output produced by the system is used in the Union.
  • Importers and distributors of AI systems.
  • Product manufacturers placing on the market or putting into service an AI system together with their product and under their own name or trademark; 
  • authorised representatives of providers, which are not established in the Union; 
  • affected persons that are located in the Union. 

What does the AI Act actually regulate?

The new regulation works in several directions to protect the interests of EU citizens and businesses. 

  1. The AI Act defines AI applications which pose a significant threat and completely bans them, such as certain cases of biometric categorisation, emotion recognition, social scoring, predictive policing, manipulation of human behaviour or exploitation of people’s vulnerabilities. 
  2. It provides an exception for strictly and narrowly defined situations in which biometric categorisation could be used by law enforcement only if strict safeguards are met: such as limited use in time and geographic scope and prior judicial or administrative authorisation. 
  3. The Act defines and regulates high-risk systems, for example AI uses in critical infrastructure, education and vocational training, employment, essential private and public services (e.g. healthcare, banking), certain systems in law enforcement, migration and border management, justice and democratic processes (e.g. influencing elections). It also gives citizens the right to submit complaints about AI systems and receive explanations about decisions based on high-risk AI systems that affect their rights. 
  4. The regulation imposes transparency requirements, including compliance with EU copyright law and publishing detailed summaries of the content used for training. Artificial or manipulated images, audio or video content (“deepfakes”) will need to be clearly labelled as such. Systems posing systemic risks will need to undergo additional evaluations. 
  5. The AI Act also requires measures at the national level to ensure SMEs and start-ups have a healthy environment to develop and train innovative AI before its placement on the market. 
A robot left hand and a human right hand typing on a laptop keyboard, symbolizing the development of artificial intelligence (AI) technologies. Image by Freepik.
Image by Freepik

What’s next?

The development of The AI Act took 3 years until it reached this point. Now the final Regulation needs to be formally adopted by both European Council and European Parliament before its publication to the Official Journal of the European Union. After the adoption from the European Parliament, the European Council is expected to adopt in due time the text without further changes or negotiations as the two institutions reached a deal on the Regulation at the beginning of December last year. 

The European Union is thus becoming a global pioneer in the regulation of the artificial intelligence sector, as happened a few years ago with the regulation of personal data. Since the introduction of the General Data Protection Regulation (GDPR) in the EU, similar regulations have been introduced elsewhere in the world. 

The new legislation enters into force 20 days after its publication in the official Journal and should fully apply from 2026. Yet there are some exceptions:

  • bans on prohibited practises will apply 6 months after the entry into force date; 
  • codes of practise – 9 months after entry into force; 
  • general-purpose AI rules including governance – 12 months; 
  • and obligations for high-risk systems – 36 months. 

 

Only the time will tell to what extent and how the new Regulation will face the many challenges the AI technology brings to the legislative and economic landscape within the member states of the European Union. Our team will analyse and stay up do date with the new set of rules making sure your business needs comply with the Regulation. We are committed to help companies navigate through the complexities of the European Union’s legal landscape. 

If you work in the field of AI, do not hesitate to get in touch and prepare your business ahead of time for the new legislation before its mandatory provisions kick-in.

MiCA: New set of recommendations for cryptocurrency regulation in the EU

MiCA aims to regulate the crypto-asset market in the EU, similarly to that of traditional financial instruments, ensuring transparency and preventing abuse.

Tax credit in case of goods being defective, subsequently sold, or destroyed. 

Is a correction of the deducted tax credit necessary? What does the Court of Justice of the EU say?

This piece was written in due course following the CJEU judgment in May 2023.

On 1 January 2024, changes to the Bulgarian Value Added Tax Act (VAT Act) came into force, in particular Article 80(2), which harmonises Bulgarian with European legislation in accordance with the Court’s judgment. Thus, cases such as the one described here should no longer arise.

Consult us about your tax obligations by emailing us at: ivanova@ynglegal.com.

Introduction

In May 2023, the Court of Justice of the European Union (CJEU) issued a landmark decision (Decision of 04.05.2023 in Case C-127/22) in the field of the right to deduct tax credit, clarifying questions of practical importance. The Court’s decision concerns the need for a correction of the initially determined amount for deduction in cases of goods being defective, subsequently sold as waste, or destroyed. 

The tax credit allows registered persons under the VAT law to deduct from their tax obligations the tax paid on taxable supplies of goods and services. One of the conditions for exercising this right is for the goods or services to be subject of subsequent taxable supplies. Often, certain goods need to be declared defective after the tax credit has already been deducted.

After the process of declaring the goods defective is completed, a decision regarding their subsequent treatment should be made. In some cases, the defective goods are subject to destruction, which practically excludes the possibility of them being the subject of subsequent taxable supplies. However, it is not excluded that the goods may be sold as waste. 

Many businesses have raised the question of whether they should return the deducted tax credit to the budget in cases where the defective goods have been destroyed or have become the subject of a subsequent taxable supply but as waste. This question now has a clear and categorical answer. It was initially prompted by the incompatibility of the national regulations regarding the correction of deducted tax credit with European rules. We have paid special attention to the collision between the provisions of Council Directive 2006/112 (the “Directive”) and the provisions of the VAT Act. 

The dispute in the context of which the preliminary question was made

The dispute concerns a tax-related issue that arose between the Appeals and Tax Insurance Practice Directorate (ODOP) of the National Revenue Agency (NRA) and “BTK” EAD – a Bulgarian company providing telecommunications services. In the course of its activities, the company acquired various long-term assets through taxable supplies.

A calculator and a pen on top of a tax document.
Image by Steve Buissinne/ Pixabay

After availing itself of its right to deduct input tax credit, between October 2014 and December 2017, the company disposed of various goods that had become unfit for use or sale due to wear and tear or defects. It is important to note that some of the goods were sold as waste, while others were destroyed. Subsequently, the company made corrections to the utilized VAT credit based on Article 79, paragraph 3 of the Value Added Tax Act (VATA) (in its version effective until December 31, 2016) and Article 79, paragraph 1 of the VATA (in its version effective until January 1, 2017).

These provisions provide for the refund of the deducted tax credit (in full or in part) in case of destruction, disposal, or identification of shortages of goods. The corrections were made by issuing protocols under Article 117 of the VATA and reflecting them in the respective monthly VAT returns. 

On January 18, 2019, BTK submitted a request to the NRA for the refund of the returned tax credit, maintaining that there was a discrepancy between the provisions of the VATA and the Directive. The request was rejected by the NRA, leading BTK to file an appeal with the Sofia City Administrative Court (SAC). In its appeal, the company argued that the dispute was purely legal and is related to the question whether the VATA requires the correction of the utilized tax credit in cases of destruction or disposal of goods when duly proven or confirmed, in violation of the Directive.

The appeal was dismissed, with SAC stating that our national legislation (Article 80, paragraph 2 of the VATA) lists exceptions where no corrections are made under Article 79 of the VATA, including the disposal of goods, but under additional conditions. The company appealed SAC’s decision to the Supreme Administrative Court (SAC), which stopped the proceedings and referred a preliminary question to the Court of Justice of the European Union (CJEU). 

Where does the problem stem from?

The root of the problem lies in the contradiction between the provisions of Article 78 and subsequent articles of the VATA, regulating the matter, and the European rules on correction of deducted tax credit provided for in Directive 2006/112.

 

What does Directive 2006/112 provide for?

The fundamental possibility of adjusting the initially determined amount for deduction is provided for in Article 184 of the Directive. Article 185 clarifies that the correction is made in cases where there is a change in the factors used to determine the deduction amount after the preparation of the VAT return. Article 185, paragraph 2, provides that in cases of destruction, loss, or theft of goods, duly proven or confirmed, the utilized tax credit is not subject to refund, regardless of the change in factors. The Directive grants Member States the freedom to establish detailed rules for the application of Articles 184 and 185 and to adapt their national legislation according to the requirements of the Directive.

A caliper "measuring" money on top of a tax document.
Image by Steve Buissinne/ Pixabay

What does Bulgarian legislation provide for?

In Bulgaria’s legislation, the regulation of the matter is in Articles 79 and subsequent articles of the VAT Act. Contrary to Article 185, paragraph 2 of the Directive, Article 79, paragraph 1 of the VAT Act provides that in cases of destruction, loss, and disposal of goods, taxable persons must refund the deducted tax credit.

Article 80, paragraph 2 of the VAT Act (in its version effective from January 1, 2017) regulates the exceptions to this rule. It specifies that there is no obligation to refund the utilized tax credit only when destruction, loss, or disposal are caused by any of the events listed in the provision. For example, taxable persons are not obligated to refund the tax credit when destruction is caused by force majeure (item 1) or accidents or disasters (item 2). 

Analysis of Article 185, paragraph 2 of the Directive and Article 80, paragraph 2 of the VAT Act shows that there is a collision between them. The VAT Act provides that as a rule, in cases of destruction, loss, and disposal of goods, the tax credit should be refunded. Only in cases where they are caused by the events listed in Article 80, paragraph 2, there is an exception to the rule, and the utilized tax credit is not subject to correction and refund. On the other hand, the Directive regulates that as a rule, destruction, loss, or disposal of goods does not require the refund of the utilized tax credit, without considering the specific events that led to them. 

This contradiction leads to significant practical problems for many businesses, which are obligated to refund the utilized tax credit.

A sculpture of goddess Themis, symbolizing justice.
Изображението е от Sang Hyun Cho/ Pixabay

The interpretation by the Court of Justice of the European Union (CJEU)

The interpretation by the CJEU resolves the disputed points and provides a clear answer to the questions posed. The CJEU comments on two hypotheses, which differ depending on how defective goods, for which the taxable person has determined cannot be realized due to physical wear or damage, have been treated. In the first hypothesis, the goods were destroyed after being declared defective, while in the second, they were sold as waste under a taxable supply 

The first question relates to the interpretation of Article 185, paragraph 1 of the Directive. The CJEU is expected to clarify whether there is a “change in the factors” used to determine the deductible tax credit when the declaration of defective goods is followed by a sale of those goods as waste subject to VAT. 

According to the CJEU, such a hypothesis should not be considered a “change in the factors” within the meaning of Article 185 of the Directive. It specifies that one of the conditions allowing for the deduction of tax credit is met—the goods have become the subject of a subsequent taxable supply in form of a waste. According to the decision, it is irrelevant that the sale of waste does not relate to the usual economic activity of the taxable person.

The second, third, and fourth questions are considered together by the CJEU. With them, the referring jurisdiction essentially seeks to establish the following: 

Whether there is a “change in the factors” used to determine the deductible amount when the declaration of defective goods is followed by their voluntary destruction? 

If the answer to the previous question is affirmative, then the CJEU is asked to clarify whether the declaration of defective goods in such circumstances constitutes “destruction” or “loss” within the meaning of Article 185, paragraph 2 of the Directive, even though it is not an event beyond the control of the taxable person, and which could not have been foreseen and prevented by the latter.

A computer mouse and a pen on top of tax documents.
Image by Steve Buissinne/ Pixabay

The Court of Justice of the European Union specifies that destruction and spoilage should undoubtedly be classified as “changes in the factors” within the meaning of Article 185 of the Directive, insofar as they lead to the impossibility of using the goods for subsequent taxable supplies. On the other hand, they fall within the scope of Article 185, paragraph 2 of the Directive, which lists hypothesis where no adjustment and repayment of input tax credit is required. Therefore, no correction should be made in this case either.  

However, there are two additional requirements that must be met to conclude that destruction falls within the scope of Article 185, paragraph 2 of the Directive. Firstly, the destruction must be properly proven. In addition, the destruction must be result of a decision taken beforehand by the taxable person to destroy the goods due to the impossibility of using them for their usual economic activity. 

The CJEU also pays attention to the terms “destruction” and “spoilage”, highlighting the differences between them and clarifying that the spoilage of an item could not result from the voluntary action of its owner or possessor, whereas this is not ruled out in the case of destruction. In the dispute between ODOP and BTK destruction is present, as the existence of the goods has been terminated as a result of actions by the taxable person. 

The decision also addresses the second question, which essentially seeks to establish whether destruction must be beyond the control of the taxable person in order for Article 185, paragraph 2 of the Directive to apply. The CJEU clarifies that from the text of the provision, it cannot be inferred that destruction must necessarily result from an event beyond the control of the taxable person. 

Considering the above, according to the CJEU, there is no need to repay the input tax credit when the scrapping of the goods is followed by their voluntary destruction, provided that the destruction is properly proven or confirmed and there is no longer any benefit from the goods in economic activity. 

Additional notes

It is important to recall that directives are acts of EU law that give Member States freedom in their choice of form and means to achieve the objectives set out in them. It is precisely in this sense that Article 186 of the Directive provides Member States with the freedom to determine detailed rules for the application of Articles 184 and 185.

However, they must refrain from introducing rules that contradict those in the Directive or are more restrictive than them. In this regard, in its decision, the CJEU explicitly notes that the Directive does not allow provisions of national legislation that provide for the correction of deducted VAT in cases where the scrapping of goods is followed by their subsequent sale as waste, destruction, or disposal. 

Practical consequences of the CJEU decision

The commented decision poses a challenge to the Bulgarian legislative authority to undertake legislative changes through which the VAT Act will be brought into compliance with the interpretation provided by the CJEU. We expect changes in the VAT Act to put an end to the existing practical problem. In the meantime, taxable persons who have made adjustments to deducted tax credit have the opportunity to request a refund of the returned tax, citing the commented decision, as it is binding on Bulgarian courts.