Introduction

The Infocomm Media Development Authority (IMDA) is the Peppol Authority in Singapore. As the Peppol Authority, IMDA governs the registration of Peppol IDs for businesses and organisations and, owns and manages the centralised Service Metadata Publisher (SMP) where such Peppol IDs are published. 

IMDA approves and certifies Peppol Service Providers (SP), who will oversee end user business (Participant) registrations and e-invoice routing. 

This guide is intended to provide an overview of the Peppol Service Provider Accreditation process and requirements for parties interested to provide Peppol Access Point services in Singapore. Peppol Service Providers who are interested to provide Access Point services in Singapore will be required to comply with the Peppol Authority Specific Requirements as listed in OpenPeppol website and attain the Peppol Service Provider Accreditation instituted by IMDA.

Peppol Service Provider Accreditation Requirements

The table below describes the key accreditation requirements to become a Peppol Service Provider.

SN Requirements Description
1. Member of OpenPeppol AISBL The SP’s OpenPeppol membership status will be verified against the member list on OpenPeppol website. 
The SP needs to maintain the OpenPeppol membership status throughout the accreditation period.
2. Have a paid-up capital of SGD 10,000 or equivalent in local currency for overseas organisations The SP is required to submit the company registration document showing the paid-up capital. 
3. Comply with the Information Security Requirements The SP is required to declare compliance with the Information Security Requirements stated in the SP Accreditation Application Form.
4. Successfully complete interoperability testing with IMDA’s appointed SP The SP is required to demonstrate compliance with the latest Singapore BIS Specifications at www.peppolguide.sg and the ability to send and receive invoices with IMDA’s appointed SP.

Peppol Service Provider Accreditation Process

Please refer to the table below for the Peppol Service Provider Accreditation process for Service Providers interested to become an IMDA accredited Peppol Service Provider. Do refer to the last column under “Applicability” to check if the step stated is applicable.

SN Step Description Responsibility Applicability
1. Submit the SP Accreditation Application Form 

a) Please register your interest by writing to einvoice@imda.gov.sg to request for the SP Accreditation Application Form. 

b) Upon completing the form, please sign and email a PDF copy to einvoice@imda.gov.sg

SP
  • All SPs1
2. Obtain IMDA’s in-principle approval IMDA will review the SP’s accreditation application and provide an in-principle e-mail approval that the application is ready to move to the next stage. IMDA
  • All SPs
3. Become a member of OpenPeppol AISBL

The SP must be a member of OpenPeppol AISBL, in the category appropriate for the type of Peppol Services intended to be offered on the Peppol Network. 

a) Please contact OpenPeppol at membership@peppol.eu to obtain a registration form. 
b) Upon completing the form, please sign it and email a PDF version to membership@peppol.eu. OpenPeppol will review the application and notify the applicant on the result.

Send a copy of the notification of the successful application to einvoice@imda.gov.sg.  

SP
  • Local New SP
  • Foreign New SP
4. Sign Peppol Service Provider Agreement a) Obtain a copy of the SP Agreement from IMDA.
b) The SP is to submit a signed copy of the SP Agreement to einvoice@imda.gov.sg.
SP
  • Local New SP
  • Local Existing SP
 
5. Request and obtain a PKI test certificate

The SP is to request for a PKI test certificate through Peppol Service Desk at https://openpeppol.atlassian.net/servicedesk/customer/portal/1

A request for a PKI test certificate must be accompanied by a completed and signed copy of the SP Agreement Annex 3 and a copy of business registration document attached in the Peppol Service Desk request.

The request for a PKI test certificate through OpenPeppol will be routed to IMDA for approval. After IMDA’s approval, OpenPeppol will enrol the PKI test certificate for the SP to download.

SP
  • Local New SP
  • Foreign New SP
6.  Complete OpenPeppol’s onboarding test

a) To verify that the SP is able to send and receive a valid Peppol BIS document in compliance with the current Peppol specifications, the SP will need to execute a self-testing process (the SP can send to and receive from its own Access Point implementation to test the file exchange, in order to be fully prepared for the Acceptance Test).  Please see the link below for an online validation service where the SP can ensure that the  documents comply to the current Peppol specifications https://singapore.validex.net. The SP will need to register for an account, which is free, before using the tools available. 

b) When ready, the SP is to initiate the Acceptance Test with OpenPeppol. OpenPeppol provides a common testbed for new SPs. The testbed will support AS4 testing and will be based on self-initiated test using automated testing procedures with minimal human interaction as is feasible. The automated testing will generate a test result which will need to be positive before OpenPeppol can issue a Peppol PKI production certificate allowing the new SP to enter production mode.

c) The SP is to follow the testing instructions provided at https://peppol.org/library/. In particular, the SP is to download and follow the testing instructions guide provided at https://peppol.eu/wp-content/uploads/2018/12/Peppol-Testbed-and-Onboarding_v1p2.pdf
The tests will include:
i. Verification of certificates (both the Peppol and the SP’s HTTPS certificate);
ii. Sending of a document from the SP’s Access Point service to OpenPeppol’s Test Access Point service; and
iii. Receiving of a document from OpenPeppol’s Test Access Point service to the SP’s Access Point service.

d) Once the SP has successfully completed the testing activities, the SP will get the result document which should show the successful completion of the testing. 

SP  
  • Local New SP
  • Foreign New SP
7. Complete interoperability testing in sandbox environment (optional)

The Service Provider is to request for a Singapore SMP sandbox account. The SMP sandbox environment will be used for interoperability testing with IMDA.

When ready with the setup, the SP is to work with IMDA to perform a series of tests to demonstrate connectivity with the Peppol network. These tests include (i) design-time validation using Validex (ii) run-time validation and (iii) sending and receiving of invoices with IMDA’s appointed SP. Sample invoices and test instructions will be provided by IMDA.

SP and IMDA
  • Local New SP
  • Foreign New SP
8. Countersign Peppol Service Provider Agreement Upon completion of accreditation activities, IMDA will countersign the SP Agreement and return a copy to the SP. IMDA
  • Local New SP
  • Local Existing SP
9. Request and obtain PKI production certificate

The SP is to request for its PKI production certificate through the Peppol Service Desk https://openpeppol.atlassian.net/servicedesk/customer/portal/1.

The SP must download their test report from the testbed and attach it for review and approval by OpenPeppol as part of the request for a PKI production certificate.

OpenPeppol will do a verification with IMDA that the SP has passed all local accreditation requirements and that the SP Agreement has been signed. 

Once the required verification has been confirmed, IMDA will approve the PKI request and OpenPeppol will enrol the PKI production certificate for the SP to download. 

SP
  • Local New SP
10. Enter production Upon successful enrolment, the SP will be able to download the PKI production certificate and enter production. SP
  •  Local New SP
11. Set up SP configuration in Singapore SMP2 a) The SP will be granted access to the Singapore SMP www.peppolsmp.sg.
b) After obtaining the PKI production certificate and being granted access to the Singapore SMP, the SP is to successfully set up its SP configuration in the SMP within 10 working days. The SP is to also monitor its SP certificate expiry date and renew the certificate with OpenPeppol through Peppol Service Desk before expiry. 
 
SP
  • Local New SP
  • Foreign New SP
12. Complete interoperability testing in production environment When ready with the production setup, the SP is to work with IMDA to perform a series of tests to demonstrate connectivity with the production Peppol network. These tests include sending and receiving of sample invoices provided by IMDA.  SP and IMDA
  • Local New SP
  • Foreign New SP
13. Obtain confirmation of accreditation

After the above activities have been successfully completed, IMDA will email the SP on the confirmation of the accreditation.  The accredited SP will be added to the following communication channels:
- SP email distribution list;
- SP WhatsApp group chat; and
- SG Peppol Service Provider Microsoft Teams Channel.

The SP is now ready to register end user participants onto the InvoiceNow network. Upon the SP’s confirmation, the SP’s company name and website URL will be listed on IMDA’s website on Service Providers

SP
  • All SPs
14. Renew accreditation The accreditation status is valid for 12 months from the date of confirmation of the accreditation. The accredited Service Provider shall write to einvoice@imda.gov.sg to apply for renewal of the accreditation status at least 1 month before the expiry date of the accreditation status.  SP
  • All SPs

1 All SPs refer to Local New SP, Foreign New SP, Local Existing SP and Foreign Existing SP.

2 SPs are referred to as Access Points in the Singapore SMP.

Last updated on: 25 Apr 2022