Peppol updates that you need to know for 2026

Across Europe, governments are tightening digital VAT controls and pushing for structured e-invoicing to reduce fraud, improve transparency, and modernise tax collection. At the EU level, the VAT in the Digital Age (ViDA) package was adopted on 11th March 2025, with measures rolling out progressively through to January 2035. (Taxation and Customs Union)

In parallel, Peppol itself continues to evolve:

• Specification releases (formats, code lists, and validation rules)
• Network updates (eDelivery, participant discovery/routing, and identifiers)
• Security changes (PKI and certificate trust)

OpenPeppol publishes regular updates to Peppol BIS (Business Interoperability Specifications) which include changes to invoice rules and code lists. There are three main specification updates that are particularly relevant: 

• Peppol BIS Billing 3.0 EU was published on 24th November 2025, becoming mandatory on 23rd February 2026.
• BIS Self-Billing 3.0 was published on 12 March 2025 (covering self-billed invoices and credit notes).
• PINT (Peppol International Invoice) continues to receive updates, signalling a broader direction of travel towards harmonised invoice modelling across jurisdictions. 

These updates matter to your organisation and its processes because even small changes to code lists and validation can trigger invoice rejection if trading partners are on different versions.

Peppol issued an updated policy for the use of identifiers (v4.4.0) back in February 2025, describing how identifiers should be formed and used across the network. It’s critical to maintain a standardised set of identifiers, or when updating these, the supply chain conforms to the same updates to maintain a successful flow of information.

From an eDelivery perspective, a phased transition to implement a participant identifier retrieval (lookup) change (often described as a move from older DNS approaches to newer methods) was outlined as such and is now complete:

• Phase 1: 1st May – 1st November 2025 (implement changes)
• Phase 2: 1st November 2025 – 1st February 2026 (run old and new in parallel)
• Phase 3: after 1st February 2026 (new method becomes mandatory)

This is the kind of change that can break routing if an Access Point or SMP is behind, not because the invoice is wrong, but because discovery fails.

OpenPeppol has published a Peppol PKI (Public Key Infrastructure) 2025–2026 Certificate Authority (CA) migration plan. Two dates are especially important here, highlighted below in a more detailed timeline for completeness:

• 11th February 2026 (T1): Production certificate issuance starts under the new PKI, and production issuance under the old PKI stops.
• 1st April 2026 (T2): Network-wide revocation of old certificates. Only the new CA trust chain remains accepted.

If you operate (or rely on) Peppol connectivity, this is not optional; it’s foundational security and trust infrastructure for the whole network.

Security change timeline

• 12th March 2025: BIS Self-Billing 3.0 published
• 1st May 2025: start of participant lookup migration implementation phase
• 24th November 2025: BIS Billing 3.0 EU release published
• 1st November 2025: lookup migration moves into “parallel run” phase
• 23rd February 2026: November 2025 BIS Billing release becomes mandatory
• 1st February 2026: new participant lookup method becomes mandatory
• 11th February 2026: Production certificate issuance starts under the new PKI, and production issuance under the old PKI stops. 
• 1st April 2026: Network-wide revocation of old certificates. Only the new CA trust chain remains accepted.

Belgium: mandatory B2B e-invoicing from 1st January 2026

Belgium’s timing makes it a near-term forcing function for supplier onboarding and AP/AR process change. For multi-country organisations, it’s also a preview of how quickly “B2G-first” e-invoicing expands into B2B. If this is going to impact your organisation, you need to make sure you can send and receive structured invoices at scale and support supplier enablement so invoice flows don’t revert to exceptions.

Germany: ability to receive e-invoices compliant with EN 16931 from 1st January 2025

Even where issuance ramps in phases, “receiving readiness” typically drives the earliest operational impact (inbox/process, validation, routing, and AP workflows). Readability enforces that invoices need to be machine-readable and standards-aligned, not just PDFs. This isn’t only “technical connectivity”, it’s the ability to validate, ingest, match and route invoices into finance processes reliably.

France: phased e-invoicing reform from 1st September 2026

France is emphasising the need to use an approved platform as part of the phased e-invoicing reform. This will accelerate standardisation, supplier onboarding programmes, and the need for robust exception handling. The guidance is clear:

• 1st September 2026: all businesses must be able to receive e-invoices; large companies and mid-sized companies must also issue e-invoices.
• 1st September 2027: SMEs and micro-businesses must issue e-invoices.

Peppol compliance is increasingly an operational capability: release management, testing, partner comms, and data quality controls. When changes occur across an organisation’s supply chain, it can be easy to misinterpret an update or miss a key date, leading to mistakes which can be easily avoided if operational resilience is enforce:

• Rejections and exceptions rise when validation rules or code lists shift (you’ll see this around “mandatory dates”).
• Connectivity risk increases during network migrations (lookup and PKI), even if the invoice data is perfect. 
• Supplier enablement becomes a programme, not a one-off onboarding process, particularly ahead of Belgium 2026 and France 2026–2027.

• Build a Peppol change calendar: track publishing dates and mandatory dates for BIS artefacts, plus PKI and lookup milestones. 
• Run a ‘trust and routing’ check with your provider(s).
• Treat validation and enrichment as first-class: the goal is fewer ERP exceptions, not just “successful delivery”. This is exactly where automated enrichment, pre-validation, duplicate handling, and referencing logic reduce downstream disruption.

If you operate across Europe, updates to the Peppol network are critical to the ongoing operational stability of your organisation and its supply chain workflows. Using Netix and partnering with Cegedim Business Services gives you the confidence and reassurance that these updates will be enforced within your network, so your day-to-day activities continue to run smoothly, with fewer manual interventions and payment delays.