What does a tamper-evident invoice ledger actually do for me?

When you send an invoice, Plain Statement locks the key fields — number, parties, dates, totals — and adds them to a chain that can be checked end-to-end. If anyone ever changed a sent invoice, the chain would surface it. You don't have to look at it day to day; it just sits there, ready.

What is in the downloadable audit pack?

A single file with every issued invoice, the chain that links them, a list of any sent invoice that has been changed since it was sent, and a check for missing invoice numbers. The pack works without a Plain Statement account on your accountant's side.

Which plan includes the audit ledger?

The audit ledger, integrity check, and downloadable audit pack are part of the Basic plan (€50/year). They're also included in Pro.

An invoice audit trail your accountant can actually verify

Every invoice you send is locked the moment it leaves your account. The day a tax authority asks, the answer is one file. The other 364 days, you stop thinking about your invoicing software.

Create Invoice Free

Chain verified · 0 gaps · 0 mutations

Audit ledger verification modal in Plain Statement showing Chain verified with 5 entries, 0 gaps, 0 mutations, the last seal hash, and a Download PDF report action — This is what verification looks like in your dashboard — one click, instant chain check, downloadable report.

Most invoicing tools let you change a sent invoice at any time, with no record of what changed. That sounds harmless until an auditor asks why the invoice in your books reads €1,847 and the one your client paid against reads €1,475. Plain Statement makes that question impossible to be on the wrong side of.

This is the part of the product you'll hopefully never need to use. It's also the part that lets you stop worrying about whether your invoicing software is safe to rely on for the next ten years.

What gets locked in

When an invoice transitions to sent, the fields that should never change after that moment get snapshotted: the invoice number, the issue and due dates, both parties' details, the line items, the tax, the total, your notes. Everything that matters in an audit. The things that legitimately change later — paid status, payment date, reminder history, internal tags — stay editable, because changing them isn't a problem.

How the chain catches a change

Each sent invoice gets a unique fingerprint (a SHA-256 hash) that depends on the fingerprint before it. If anyone ever altered an old entry — to nudge a date, soften a total, hide an invoice — every fingerprint after it would stop matching, and a single check would surface exactly which entry broke. The chain checks itself. You don't have to trust the software; the math does the trusting.

What an integrity check finds

Walking the chain end-to-end is one part of the check. Plain Statement also runs two adjacent ones:

Quiet edits to sent invoices. Even if the chain entry is intact, the live invoice in your dashboard could drift. The integrity check compares each sent invoice against its snapshot and flags any difference — colour-coded by how serious it is. A typo fix in the notes shows as a quiet flag; a change to the total shows as a loud one.
Missing invoice numbers. Tax authorities expect a clean sequence — INV-2026-001, -002, -003, and so on. If -003 is missing, the check surfaces it. If you deleted a draft and the number got skipped, you'll know before the auditor does.

The audit pack

One file. Every sent invoice, the chain that links them, any drift that has been detected, any missing numbers, and a recipe your accountant can follow to verify the whole thing for themselves. They don't need a Plain Statement account. They don't need to trust us. They need the file.

The format is plain JSON — the simplest container that doesn't lock you in. If Plain Statement vanished tomorrow, the pack would still be readable, still verifiable, still meaningful to a tax authority.

See a sample audit pack report (PDF) — the human-readable summary that ships alongside the JSON.

For the technically curious. The chain is SHA-256 over a canonical, key-sorted JSON representation of each snapshot. A developer can write a verifier in about twenty lines of any language using nothing but standard tools. The recipe is included in the pack.

When this earns its keep

The audit ledger is the kind of thing you hope never to need. The point is to have it ready — and to know exactly what changed, when, and on which invoice the moment anyone asks. The five minutes a year you spend running an integrity check buys you the peace of mind to stop thinking about it the other 364.

Who this is for

Freelancers, consultants, agencies, and small studios operating in the EU, the UK, or anywhere a tax authority looks at primary documents. If your current audit trail is a folder of PDF copies — or worse, a folder of editable Word files — this is the upgrade. You don't need to understand the cryptography to benefit from it.

Pricing

The audit ledger, integrity check, and downloadable audit pack are included in the Basic plan (€50/year). They are also part of Pro. The free, no-account invoice generator doesn't produce ledger entries — entries are created when you save an invoice to your account and mark it sent.

Want the long version?

The blog post Building an Invoice Audit Trail Your Tax Authority Will Trust walks through the design decisions in detail — what goes in the chain and why, how to draw the line between "locked" and "editable" without making the audit log noisy, and why hashing is the right tool for the job.

Frequently asked

Can I edit an invoice after I've sent it?

The key fields are frozen the moment you send. To correct a sent invoice, issue a credit note and a fresh invoice — the procedure most tax authorities require anyway.

What if my accountant doesn't know what a hash chain is?

Most don't need to. They get a file and a one-page recipe. If they want to dig deeper, the recipe walks any developer through verification in under twenty lines of code. The vast majority of accountants never have to look that far.

What happens to my existing invoices?

They're added to the chain in the order you sent them. The first time you run an integrity check, the backfill happens automatically. After that, every new sent invoice extends the chain.

Is this overkill for a freelancer?

The integrity check runs in the background. You'll see a green badge in your dashboard, and that's most of what you'll notice. The "overkill" only becomes visible the day someone asks a question you couldn't otherwise answer — and on that day, it isn't overkill at all.

Send your first invoice in under 2 minutes

Create Invoice Free