Employer's liability for VAT on empty invoices issued by an employee - NSA judgment of 3 September 2024 (ref. I FSK 1212/18)

Last Tuesday (i.e. 3 September 2024), the Supreme Administrative Court [hereinafter: NSA or the Court] issued a judgment (I FSK 1212/18) in a case that was the subject of a ruling by the Court of Justice of the European Union [hereinafter: CJEU], relating to the issue of assessing an employer’s liability for so called empty invoices (fake invoices) issued by its employees. The Court had previously referred a preliminary question on the matter to the CJEU.

On 30 January 2024, the CJEU ruled that a company’s employee who issued false invoices was liable for VAT, unless it was the employer (the VAT taxpayer) who failed to exercise due diligence in supervising such employee (Case C-442/22, P sp. z o.o. v Director of the Tax Administration Chamber in Lublin). However, the CJEU left the issue of assessing the employer’s due diligence to the Supreme Administrative Court.

Thus, in Tuesday’s judgment, the NSA held that liability for issuing empty invoices will be borne by the employee, but only if the employer acted in good faith and exercised due care in this respect. Otherwise, the liability and obligation to pay VAT shifts to the employer!

Regarding the lack of supervision, the NSA pointed out that throughout the long period when the employee’s practice of issuing empty invoices continued (more than 1,600 fictitious invoices were issued in 4 years), her computer was not subjected to any control. In the oral reasoning of the judgment, the Judge-Rapporteur stressed that:

‘The employer authorised the employee to issue invoices on his behalf (…). Therefore, he (the employer – note MDDP) should set up a system to monitor the reliability of the implementation of this procedure (issuing invoices – note MDDP), either by internal control, by an employee specialised in this area or by an external entity professional in this area.”

In addition, it was pointed out that the Supreme Administrative Court, when ruling in the present case, had in mind the fact that if an employee wants to act to the detriment of the employer in order to obtain a personal benefit, he or she can always find an opportunity to do so. However, in order to prevent such actions, the employer is obliged to organise the work and the system of monitoring the actions of employees in such a way as to make it difficult for such a dishonest employee to do so and to be aware of the possible prompt detection of his/her behaviour.

It was noted, however, that in the situation of (possible) issuance of fictitious invoices by an employee outside the employer’s structure, the allegation of failure to adequately supervise the invoicing process would not burden the employer.

Moreover, the Court compared the issue at stake in this ruling to the issue of home insurance and burglary by a thief. The Court pointed out that a well-organised thief is able to break into any house, regardless of the type of security features operating in the house. However, if the door to the home is left open and a theft occurs, then the insurer will not pay the insurance due to the insured’s failure to exercise due diligence. On the other hand, when the house is fully secured and a burglary occurs, no one can make such an allegation (failure to exercise due care).

Undoubtedly, the conclusions of the judgment are very important for companies that want to consciously manage the tax function and reduce tax risks. According to the interpretation presented by the CJEU, the employer should be expected to act reasonably in supervision, within the limits of so-called common sense. It is also important that, despite the fact that the NSA referred the question to the CJEU for a preliminary ruling and that the Court left it to the NSA to assess the exercise of due diligence, the Court did not deepen its considerations as to the omissions on the part of the employer in the supervision of employees issuing invoices on its behalf.

The question that employers are now left with, following this NSA ruling, is

what supervisory procedures should companies implement so that their level and scope can be considered appropriate and sufficient in terms of business tax security?

If you have any questions in relation to the above ruling or need support in this area, please feel free to contact us:

or your advisor from MDDP.

This Tax Alert does not constitute legal or tax advice. MDDP Michalik Dłuska Dziedzic i Partnerzy spółka doradztwa podatkowego spółka akcyjna is not responsible for the use of the information contained in the Alert without prior consultation with legal or tax advisers.