Quick Summary UK businesses running SAP Business One face three converging compliance obligations in 2026 that a disconnected ERP-to-channel setup makes progressively harder to meet: HMRC Making Tax Digital Phase 2 quarterly digital reporting, post-Brexit multi-currency VAT treatment across UK and EU channels, and UK GDPR data processing requirements for customer data flowing between SAP Business One and eCommerce or CRM platforms. APPSeCONNECT’s UK-configured SAP Business One integration addresses all three obligations within a single professionally managed package at approximately $99/month. This guide covers each compliance requirement, what it means for your SAP B1 integration architecture, and what UK distributors and manufacturers are doing right now to eliminate the exposure. |
There is a compliance question that every UK Finance Director and Operations Director running SAP Business One should be able to answer immediately.
When a customer places an order on your Shopify store, is the VAT code applied to that transaction in your SAP Business One Sales Order the same VAT code that appears in your HMRC digital VAT records for that quarter?
If you are not entirely certain the answer is yes, if there is any possibility that your eCommerce platform is collecting VAT at one rate while your SAP Business One records are posting at a different rate, or that the two records are reconciled manually at quarter-end rather than by an integrated system, you have a Making Tax Digital compliance exposure that HMRC’s audit capability is increasingly well-equipped to identify.
This is not an abstract risk. HMRC’s Connect system, the HMRC data analytics platform, cross-references digital transaction records from payment processors, eCommerce platforms, and marketplace operators against VAT returns. A VAT amount in a Shopify payment record that does not reconcile against a VAT amount in a SAP Business One A/R document, because the two systems were never integrated, is the type of discrepancy that triggers an HMRC compliance check.
The 2020 Wayfair ruling established economic nexus in the US context. The MTD programme is the UK equivalent, a structural shift in how HMRC validates VAT compliance that assumes digital record-keeping and digital submission as the baseline, and treats manual reconciliation between disconnected systems as a compliance risk indicator rather than an accepted practice.
This guide addresses what that shift means for SAP Business One users specifically, what post-Brexit complexity adds to the picture, what UK GDPR requires for customer data flowing through your integration layer, and how UK distributors and manufacturers are addressing all three obligations simultaneously in 2026.
If your compliance exposure is already clear and you want to discuss the specific configuration for your SAP B1 instance, book a free demo now. You will speak with an integration specialist who has configured SAP Business One VAT and MTD mapping for UK businesses, not a generalist sales representative.
HMRC Making Tax Digital: What It Actually Requires From Your SAP Business One Operation
Making Tax Digital (MTD) is HMRC’s programme to move all VAT record-keeping and reporting to fully digital systems. MTD for VAT has been mandatory for all VAT-registered businesses since April 2022. MTD for Income Tax Self Assessment (ITSA) is being phased in from April 2026 for sole traders and landlords with qualifying income.
For SAP Business One users in distribution and manufacturing, MTD for VAT is the operative requirement, and the specific obligation that creates integration-relevant compliance risk.
What MTD for VAT Requires
MTD for VAT requires that VAT-registered businesses:
- Keep VAT records digitally in functional compatible software
- Submit VAT returns digitally via HMRC’s API, not through the HMRC portal manual entry
- Maintain a digital audit trail that connects each source transaction to the VAT return figure without manual re-keying between any step in the chain
The third requirement is the one that creates direct exposure for SAP Business One users running disconnected eCommerce operations.
The digital audit trail requirement, in plain terms
HMRC requires that every figure in your VAT return be traceable back through a continuous chain of digital records to the source transaction, the individual sales invoice, the individual purchase invoice, the individual import record. If any link in that chain was created by manual data entry, a Shopify order total manually typed into a SAP Business One Sales Order, a VAT amount manually calculated and entered rather than derived from the integrated document, the digital record-keeping requirement is not met.
HMRC’s guidance on this is explicit: “There must be a digital link between the data in your software at each step of the journey from the original data entry to the VAT return.” A manual re-key between any step breaks the digital link. A disconnected Shopify store feeding manually entered orders into SAP Business One breaks the digital link for every eCommerce transaction processed through that manual workflow.
What VAT Code Mapping in SAP Business One Means for MTD Compliance
SAP Business One handles VAT through tax codes, alphanumeric codes assigned to each transaction at the line item level that determine the VAT rate applied and the VAT account posted. UK SAP Business One configurations typically use tax codes such as:
- S1 or SR: Standard rated – 20% VAT applied
- RR: Reduced rated – 5% VAT applied (domestic energy, children’s car seats, certain renovation services)
- Z: Zero rated – 0% VAT, but VAT-able and reportable (most food, children’s clothing, books, exported goods)
- E or EX: Exempt – 0% VAT, not VAT-able (financial services, insurance, education, healthcare)
- OS: Outside scope – transactions not subject to UK VAT (certain cross-border services)
For MTD compliance, every Shopify or eCommerce transaction must arrive in SAP Business One with the correct tax code applied at the line item level, not at the document header level, not as a manually applied adjustment, and not as a batch estimate. The tax code applied determines which VAT box on the VAT return is populated.
The specific MTD failure mode for disconnected SAP B1 + eCommerce
When Shopify collects VAT on an order, standard rated at 20% for a UK consumer order, and the order is manually entered into SAP Business One by an operations team member, the tax code applied in SAP B1 depends entirely on the person entering the order. If they apply the correct S1 tax code, the VAT return is correct. If they apply a different tax code, apply no tax code, or enter the order in a way that defaults to a wrong tax treatment, the VAT amount in SAP Business One does not match the VAT collected by Shopify.
HMRC’s Connect system, cross-referencing Shopify payment processor data against VAT return data, can identify this discrepancy. The result is not automatically a penalty, it is an HMRC compliance check, a request for explanation, and potentially a VAT enquiry that requires your finance team to produce the transaction-level documentation. At 50 eCommerce transactions per week, producing that documentation manually is measured in days. At 500 transactions per week, it may not be producible at all from manual records.
The MTD solution
APPSeCONNECT’s UK-configured SAP Business One integration maps tax codes from Shopify transaction data to SAP Business One tax codes at the document line item level for every order, automatically, at the point of order creation. The Shopify tax rate applied (20%, 5%, 0%) maps to the corresponding SAP B1 tax code (S1, RR, Z) and is embedded in the SAP B1 Sales Order and A/R Reserve Invoice at line level. The digital link from Shopify transaction to SAP B1 document to VAT return is maintained without any manual re-keying at any step.
Post-Brexit VAT Complexity: The New Reality for UK Distributors Selling Across Borders
Leaving the EU Single Market introduced a layer of VAT complexity for UK distributors and manufacturers that did not exist before January 2021. For SAP Business One users, this complexity manifests in five specific operational scenarios where a disconnected system creates either compliance risk or operational overhead, often both simultaneously.
Scenario 1: UK to EU B2C Sales – Distance Selling Replaced by Import VAT
Before Brexit, UK businesses selling goods to EU consumers through Shopify applied the Distance Selling rules, charging UK VAT until the distance selling threshold in each EU member state was exceeded, then registering for VAT in that country.
After Brexit, the Distance Selling rules no longer apply to UK-origin goods. UK exports to EU consumers are zero-rated for UK VAT at the point of dispatch (they are exports). The EU consumer (or the parcel delivery agent) pays Import VAT at the EU border.
What this means for SAP Business One
Every EU consumer order dispatched from a UK warehouse should be zero-rated in SAP Business One, tax code Z or equivalent, not standard-rated at 20%. If your Shopify store is charging EU customers UK VAT (20%) and your SAP B1 is posting those orders as standard-rated, you are over-collecting VAT from EU customers and posting incorrect figures to your VAT return. The VAT you collected from EU customers must be refunded or transferred, it is not UK output tax.
The SAP B1 integration requirement:
The integration must identify EU-destination orders from Shopify (delivery address country code within EU), apply the zero-rated tax code in SAP Business One at the line item level, and flag the order for export documentation requirements. Without this geographic tax code routing logic, every EU order processed through a manual entry workflow risks incorrect VAT treatment.
Scenario 2: UK to EU B2B Sales – VAT Zero-Rating With Evidence Requirements
When a UK business sells goods to an EU VAT-registered business, the supply is zero-rated for UK VAT, but only if the supplier can demonstrate that the goods left the UK and the buyer is VAT-registered in the EU. HMRC requires specific evidence: proof of dispatch, the EU buyer’s VAT registration number, and in some cases, a signed customer declaration.
What this means for SAP Business One
B2B EU orders must be zero-rated in SAP Business One with the EU customer’s VAT registration number recorded in the Business Partner record. If a EU customer’s VAT number is not recorded in the SAP B1 BP record, and an audit requires you to demonstrate the basis for zero-rating, the absence of the VAT number is a compliance exposure, HMRC can deny the zero-rating and apply UK VAT retrospectively, plus penalties.
The SAP B1 integration requirement
The integration must verify that EU B2B customers have a VAT registration number in their Salesforce Account or Shopify customer record, create the SAP B1 Business Partner with the EU VAT registration number in the correct field, and apply the correct zero-rated tax code to the Sales Order. Without this configuration, EU B2B orders may be processed without the required VAT number evidence maintained in the ERP.
Scenario 3: Landed Cost and Import Duty Allocation for EU-Origin Stock
UK distributors who source goods from EU suppliers face import duty and freight costs, a category that did not exist before Brexit. Import duty paid on EU-origin goods can be a significant cost, and for SAP Business One users, this duty must be correctly allocated to the landed cost of the inventory for accurate margin reporting and correct stock valuation.
SAP Business One’s Landed Costs module handles import duty allocation, but only if the purchase invoice and the import duty invoice from the freight forwarder are correctly linked in the SAP B1 document chain. A disconnected system where purchase invoices arrive in SAP B1 through a manual entry workflow and freight invoices are processed separately, without linking them through the Landed Costs module, produces stock valuations that understate the true cost of EU-origin inventory.
The integration requirement
Integration between the SAP B1 procurement workflow and supplier/freight invoicing must maintain the Landed Costs document linkage for EU-origin purchase orders. This is a Procure-to-Pay integration requirement rather than a direct eCommerce integration requirement, but for businesses that both source from EU suppliers and sell through UK/EU eCommerce channels, the Procure-to-Pay and Order-to-Cash integrations interact at the inventory valuation level.
Scenario 4: Northern Ireland – The VAT Protocol Complexity
For businesses operating in or through Northern Ireland, the Windsor Framework maintains Northern Ireland’s participation in the EU single market for goods. This means:
- Goods moving from Great Britain to Northern Ireland are treated as domestic UK movements for VAT purposes
- Goods moving from Northern Ireland to the Republic of Ireland (and vice versa) follow EU VAT rules, not post-Brexit UK-to-EU rules
- Northern Ireland has its own VAT registration prefix (XI rather than GB)
For SAP Business One users with operations in Northern Ireland, the tax code configuration must distinguish between GB-to-NI movements (UK domestic VAT rules), NI-to-ROI movements (EU VAT rules for goods), and NI-to-GB returns (domestic UK movements). A single tax code configuration that applies UK domestic rules uniformly across all UK locations produces incorrect VAT treatment for Northern Ireland-specific transactions.
Scenario 5: GBP/EUR Multi-Currency VAT Reporting
UK VAT returns are submitted in GBP. Transactions conducted in EUR, EU customer orders priced in EUR, EU supplier invoices in EUR, must be converted to GBP for VAT reporting using the appropriate exchange rate. HMRC accepts either the spot rate on the day of the transaction or HMRC’s published period rate.
In SAP Business One, every foreign currency transaction must have a GBP equivalent recorded using a consistent exchange rate methodology. If EUR-denominated orders enter SAP B1 through a manual workflow where the person entering the order applies an exchange rate from memory or from an incorrect source, the GBP equivalent in SAP B1 does not match the rate that should be used for VAT reporting.
The integration requirement
The APPSeCONNECT UK configuration applies exchange rate handling for GBP/EUR (and other currency) transactions at the point of SAP B1 document creation, using the configured exchange rate source, HMRC period rate or transaction-day rate, consistently across all channel transactions. This eliminates the exchange rate inconsistency that produces VAT reporting discrepancies between the SAP B1 multi-currency records and the sterling VAT return.
UK GDPR: What It Requires for Customer Data Flowing Through Your SAP Business One Integration
The UK GDPR (General Data Protection Regulation as retained in UK law post-Brexit) and the Data Protection Act 2018 govern how personal data is collected, processed, stored, and transferred. For businesses running SAP Business One alongside Shopify, Salesforce, or other customer-facing platforms, the integration layer, the connection between your ERP and your channel platforms, is a data processing activity under UK GDPR.
This has three specific implications that UK distributors and manufacturers must address.
Implication 1: The Integration Layer Is a Data Processing Activity
Under UK GDPR Article 4, data processing includes any operation performed on personal data, including transmission, storage, structuring, or combination with other data. When your integration layer transfers customer name, email address, postal address, and purchase history from Shopify to SAP Business One (or vice versa), it is processing personal data under UK GDPR.
This means:
- The integration must operate under a lawful basis for processing, typically legitimate interests (processing necessary for business contract fulfilment) or contractual necessity
- If you use a third-party integration platform (APPSeCONNECT), that platform is a Data Processor under UK GDPR, processing personal data on your behalf as the Data Controller
- You must have a Data Processing Agreement (DPA) in place with your integration platform, specifying what data is processed, for what purpose, how it is stored, and how long it is retained
- The ICO can investigate and enforce against Data Controllers (you) for the data processing activities of Data Processors operating on their behalf
What this means practically
If your SAP Business One integration platform does not provide a compliant Data Processing Agreement, does not specify where customer personal data is processed and stored geographically, and does not operate under the same security standards required of Data Controllers under UK GDPR, your integration layer is a GDPR compliance gap, one that the ICO can enforce against the Data Controller.
APPSeCONNECT provides a full UK GDPR-compliant Data Processing Agreement as standard. The DPA specifies the categories of personal data processed (customer name, email, postal address, purchase history), the lawful basis for processing, the data retention period, the security measures in place (SOC 2 Type II, ISO/IEC 27001), the subprocessors used, and the procedure for data subject access requests and erasure requests. This DPA is available to all UK customers as part of the service agreement.
Implication 2: Data Subject Rights Must Be Addressable Across Both Systems
Under UK GDPR, data subjects (your customers) have rights including:
- Right of access: The right to know what personal data you hold about them
- Right to erasure (Right to be forgotten): The right to request that their personal data be deleted
- Right to rectification: The right to correct inaccurate personal data
When a customer makes a Subject Access Request (SAR) or erasure request, you must be able to locate and address their data across every system where it exists, including both your Shopify/Salesforce front-end and your SAP Business One back-end.
If Shopify and SAP Business One contain different versions of the same customer’s data, because they were entered manually without consistent synchronisation, a SAR requires manual cross-referencing of both systems. An erasure request requires manual deletion from both systems, with confirmation that no copies remain in either. At scale, this is both operationally burdensome and procedurally risky.
With an integrated system where Shopify customer data and SAP Business One Business Partner data are maintained in sync through a single managed integration layer, SAR responses and erasure requests can be processed systematically, the integration layer provides a single mapping from customer identity to records in both systems.
Implication 3: International Data Transfers – UK to Non-UK Processing
Since Brexit, the UK operates its own data transfer adequacy framework separate from the EU. UK personal data transferred to a country without UK adequacy status requires a legal transfer mechanism, typically UK Standard Contractual Clauses (UK SCCs) or the UK International Data Transfer Agreement (IDTA).
For businesses using cloud-based integration platforms, the location of data processing servers matters. If your integration platform processes customer data on servers located in the US or in a country without UK adequacy status, and no UK IDTA or equivalent is in place, the data transfer is non-compliant under UK GDPR.
APPSeCONNECT’s processing infrastructure complies with UK GDPR international transfer requirements. For UK customers, data processing operations are conducted under the applicable transfer safeguards, documented in the Data Processing Agreement. The processing locations, the applicable safeguards, and the subprocessor list are available to UK customers in the DPA on request.
The Trimwel LTD Case Study - UK B2B Distribution in Production
Trimwel LTD is a UK-based sign and print materials distributor running SAP Business One alongside a Shopify B2B portal for trade customers across the UK and Ireland.
The compliance context for Trimwel is directly representative of the scenarios described in the above sections.
- UK MTD compliance required for all Shopify transactions flowing to SAP Business One VAT records
- Cross-border trade between Great Britain and the Republic of Ireland, requiring post-Brexit VAT treatment for the Ireland channel
- Customer-specific pricing for trade accounts, contracted prices per customer maintained in SAP Business One price lists
- UK GDPR obligations for customer data flowing between Shopify and SAP Business One
Before APPSeCONNECT, Trimwel’s primary operational problem was pricing consistency, trade customers were not reliably seeing their contracted prices on the Shopify portal, creating pricing disputes that consumed significant operational time. The compliance dimension, correct VAT treatment across UK and Ireland channels, UK GDPR-compliant data handling, was a secondary concern that the manual integration workflow was also failing to address consistently.
After APPSeCONNECT’s SAP Business One & Shopify integration:
- Customer-specific pricing disputes: eliminated. SAP Business One price lists for every trade account map correctly to Shopify B2B customer groups, every customer sees their contracted price on every order, every time.
- MTD-compliant VAT code mapping: operational from day one. Every Shopify transaction arrives in SAP Business One with the correct UK tax code applied at line item level, standard rated, zero rated, and cross-border Ireland transactions treated correctly.
- UK GDPR-compliant data processing: covered under APPSeCONNECT DPA. Customer data flowing between Shopify and SAP Business One is processed under a compliant Data Processing Agreement.
“We could not have achieved this seamless integration without APPSeCONNECT.”, Columb McCluskey, Managing Director, Trimwel LTD
Trimwel’s integration runs at approximately £80/month, the GBP equivalent of APPSeCONNECT’s $99/month Growth package at current exchange rates. Professional management is included. The APPSeCONNECT team handles all configuration, monitoring, and maintenance, including UK compliance configuration updates when HMRC MTD requirements evolve.
What a UK-Configured SAP Business One Integration Covers, In Full
The APPSeCONNECT predefined SAP Business One + Shopify UK integration package includes the following UK-specific configuration as standard, not as add-ons, not as separate compliance modules, not as configuration items that require separate scoping.
UK VAT Code Mapping: The MTD Foundation
- Standard-rated (20%) mapping: All UK domestic consumer orders with standard-rated goods, Shopify 20% VAT collected, map to SAP Business One standard-rated tax code (S1 or equivalent per your instance configuration) at the line item level. VAT amount in Shopify payment record = VAT amount in SAP B1 A/R Reserve Invoice. Digital link maintained.
- Reduced rate (5%) mapping: Orders containing reduced-rate items, domestic energy, children’s car seats, energy-saving materials, map to the SAP B1 reduced rate tax code at line item level. If your Shopify store sells mixed-rate product categories, line-level tax code mapping handles each product’s rate independently rather than applying a blanket document-level rate.
- Zero-rated mapping: Zero-rated goods (food, children’s clothing, books, exports) map to the SAP B1 zero-rated tax code. Exports to non-UK destinations (including EU post-Brexit) are mapped with geographic routing logic, UK delivery address = apply domestic tax code per product rate; non-UK delivery address = apply export zero-rating.
- EU B2B VAT zero-rating: EU B2B orders with a verified EU VAT registration number map to SAP Business One’s EU B2B zero-rated tax code. The EU VAT registration number from the Shopify customer record maps to the Business Partner’s EU VAT Number field in SAP B1, maintaining the evidence requirement for HMRC’s zero-rating basis.
- Republic of Ireland-specific treatment: For businesses selling from Northern Ireland to the Republic of Ireland, or from Great Britain to the Republic of Ireland, the geographic routing logic applies the correct post-Brexit VAT treatment based on the ship-from location and the ship-to country code.
HMRC Making Tax Digital Digital Link Maintenance
Every Shopify order processed through APPSeCONNECT creates a SAP Business One document, Sales Order, A/R Reserve Invoice, Incoming Payment, with the correct tax code applied at line item level, the correct VAT amount, and the gateway transaction ID embedded for the digital audit trail. No manual re-keying between any step in the chain. The digital link from Shopify transaction to SAP B1 document to VAT return is maintained automatically at every stage.
For the quarterly VAT return submission, the SAP Business One VAT report, which aggregates all transactions by tax code across the quarter, reflects the actual tax amounts from every Shopify transaction processed through the integration. The submission via HMRC’s MTD API uses the SAP B1 VAT report figures directly, no manual reconciliation between Shopify and SAP B1, no manual adjustment for transactions missed in the manual entry workflow.
Post-Brexit Multi-Currency Handling
GBP is the functional currency of the SAP Business One database. EUR-denominated orders from EU customers are converted to GBP at the point of SAP B1 document creation using the exchange rate source configured during setup, either HMRC’s published period exchange rate or the transaction-day spot rate from a configured exchange rate feed. The GBP equivalent is embedded in the SAP B1 document for VAT reporting purposes. All EUR-to-GBP conversion uses the same source and methodology, consistently, without manual rate application.
UK GDPR Compliant Data Processing
APPSeCONNECT provides:
- A UK GDPR-compliant Data Processing Agreement (DPA) covering all personal data processed between SAP Business One and connected channel platforms
- Documentation of processing locations and applicable transfer safeguards for any non-UK processing
- SOC 2 Type II certification – independently audited security controls
- ISO/IEC 27001 certification – information security management system certification
- Subprocessor list available on request
- Support for Data Subject Access Requests and erasure requests, mapping between channel customer identity and SAP B1 Business Partner record for systematic SAR response
B2B Shopify Plus UK-Specific Configuration
For UK distributors running B2B Shopify Plus portals, trade customer accounts with contracted pricing:
- SAP Business One price lists map to Shopify B2B customer groups where each trade account sees their contracted GBP prices
- EU B2B accounts: EU VAT registration number maintained in SAP B1 BP record for zero-rating evidence
- Net payment terms per account: Net 30, Net 60, 90-day credit are inherited from SAP B1 Business Partner payment terms
- Multiple delivery addresses per account: different branch or site delivery addresses maintained in SAP B1 BP address records
The HMRC Compliance Risk Timeline: Why 2026 Is the Year to Act
Three specific developments make 2026 the operative year for UK SAP Business One users to address their integration compliance:
HMRC Connect System: Increasing Cross-Reference Capability
HMRC’s Connect system, described by HMRC as “one of the most sophisticated data analytics systems in the world”, aggregates data from multiple sources including payment processors, eCommerce platforms, land registry, Companies House, financial institutions, and the VAT returns submitted through MTD. Its purpose is to identify discrepancies between what a business reports on its VAT return and what HMRC’s data sources indicate it should be reporting.
For a business where Shopify payment data and SAP Business One VAT records are disconnected, reconciled manually at quarter-end rather than maintained in sync through an integrated system, the HMRC Connect cross-reference may identify discrepancies between payment processor transaction totals and VAT return figures. The Connect system does not automatically generate penalties. It generates compliance checks, letters requesting explanation, invitations to enquiry, and in cases where discrepancies cannot be explained, VAT enquiries that can result in assessments, penalties, and interest.
The HMRC compliance check process is time-consuming, requires financial and legal expertise to navigate, and disrupts normal business operations regardless of whether a penalty is ultimately levied. The cost of a single VAT enquiry, in internal staff time, professional fees, and operational disruption, typically exceeds the annual cost of compliant integration by a significant margin.
ICO Enforcement Appetite: UK GDPR Actions Are Increasing
The Information Commissioner’s Office (ICO) issued £7.5 million in total fines in 2024 for UK GDPR infringements. ICO enforcement has historically focused on large organisations and high-profile data breaches. The trend in 2025-2026 is toward more systematic enforcement of data processing obligations for mid-market businesses, specifically targeting inadequate data processor agreements and undocumented data flows.
For UK distributors and manufacturers where customer personal data flows between Shopify and SAP Business One through an integration layer that does not have a documented Data Processing Agreement, the ICO enforcement risk is real and growing. The ICO’s enforcement priority for 2026 includes “unlawful use of personal data in automated processing”, which covers undocumented automated data transfer between business systems including integration platforms.
A Data Processing Agreement with a compliant integration platform is not an optional compliance nicety. It is a demonstrable, documentable safeguard that can be produced in any ICO investigation to show that the Data Controller exercised appropriate due diligence over their Data Processors.
MTD Phase 2 Expansion: The Widening Scope
HMRC’s MTD programme is expanding beyond VAT returns. MTD for Income Tax Self Assessment is being phased in from April 2026. HMRC has confirmed that MTD for Corporation Tax, requiring digital record-keeping and digital submission for corporation tax returns, will follow. The direction of travel is unambiguous: every significant tax obligation will eventually fall under MTD digital record-keeping requirements.
For SAP Business One users, the time to establish compliant digital integration, maintaining the unbroken digital link from source transaction to tax return, is before the MTD scope expands further, not after. Building compliant integration architecture for MTD for VAT now also establishes the foundation for MTD for Corporation Tax compliance when that requirement arrives.
The Decision UK Distributors Are Making Right Now
The UK distributors and manufacturers who read this guide and take no action face a compliance exposure that is growing rather than static. HMRC’s Connect cross-referencing capability is expanding. The ICO’s enforcement of UK GDPR data processor obligations is increasing. The MTD programme’s scope is widening.
The businesses that act in 2026, establishing compliant integration between SAP Business One and their channel platforms before the next compliance threshold is reached, are not spending $1299/year on integration software. They are spending $1299/year to eliminate a compliance risk that could cost multiples of that figure in VAT enquiry costs, professional fees, and operational disruption.
Trimwel LTD made this decision. The result was not just compliance, it was the elimination of pricing disputes, the recovery of operational hours, and a sustainable eCommerce operation that does not require a finance team member to spend part of every quarter manually reconciling two disconnected systems.
Your SAP Business One configuration, your Shopify store type, and your specific UK compliance requirements determine exactly what the integration scope looks like for your business. That scope confirmation is free, takes 15 minutes of your time, and comes back from an APPSeCONNECT UK specialist within 1 business day.
Fill in the integration requirement form. Tell us your SAP B1 version, your Shopify store type (B2C, B2B, or both), your trading geographies (UK domestic, EU cross-border, Northern Ireland), and your specific compliance concerns. The specialist who reviews it will confirm your scope, your go-live timeline, and your exact pricing, in GBP, specific to your operation.
The MTD compliance question asked at the opening of this guide, can you trace every Shopify VAT figure in your last quarterly return back to a specific SAP Business One document line item, with the correct tax code, without any manual adjustment?, has a clear answer for every business running APPSeCONNECT’s UK-configured integration. It should have a clear answer for yours too.
Book Your UK SAP Business One Compliance Integration Assessment
Tell us your SAP B1 version, Shopify store type, trading geographies, and specific compliance concerns, MTD, post-Brexit VAT, UK GDPR, or all three. An APPSeCONNECT UK specialist will confirm your compliance scope, go-live timeline, and GBP pricing within 1 business day.
Frequently Asked Questions
No. HMRC’s Making Tax Digital for VAT requires a continuous digital link between source transactions and the VAT return, meaning every Shopify transaction must create a SAP Business One document with the correct VAT code applied digitally, without manual re-keying at any step. A setup where Shopify orders are manually entered into SAP Business One breaks the digital link at the point of manual entry. This is non-compliant with MTD for VAT as mandatory since April 2022 for all VAT-registered businesses.
Post-Brexit, goods shipped from a UK warehouse to EU consumers are zero-rated for UK VAT at dispatch, they are exports. UK VAT should not be charged to EU consumers (if it is charged, it must be refunded). The EU customer pays Import VAT at the EU border. In SAP Business One, EU consumer orders must be mapped to the zero-rated/export tax code based on the delivery country code. For EU B2B orders where the buyer is VAT-registered in the EU, the supply is also zero-rated but requires the EU VAT registration number to be recorded in the SAP B1 Business Partner record as evidence.
Yes. APPSeCONNECT provides a full UK GDPR-compliant Data Processing Agreement as standard to all UK customers. The DPA covers the categories of personal data processed (customer name, email, postal address, order history), lawful basis for processing, data retention periods, security measures (SOC 2 Type II, ISO/IEC 27001), subprocessors, international transfer safeguards, and procedures for responding to data subject rights requests. The DPA is available as part of the service agreement, not as an additional cost item.
APPSeCONNECT’s UK configuration applies exchange rate conversion for EUR-denominated orders at the point of SAP Business One document creation, using the configured exchange rate source, either HMRC’s published period rate or the transaction-day spot rate from a configured rate feed. The GBP equivalent is embedded in the SAP B1 document for VAT reporting, consistently across all transactions, without manual rate application.
Yes. APPSeCONNECT’s UK configuration supports Northern Ireland-specific VAT treatment under the Windsor Framework, distinguishing between GB-to-NI movements (UK domestic VAT rules), NI-to-Republic of Ireland movements (EU goods VAT rules), and NI-to-GB movements (domestic UK movements). Geographic routing logic based on ship-from and ship-to addresses applies the correct tax treatment for each scenario.
APPSeCONNECT’s predefined SAP Business One + Shopify integration package costs approximately £80/month (equivalent to $99/month USD at current exchange rates). UK VAT is not applied to SaaS subscription fees under the B2B reverse charge mechanism for VAT-registered UK businesses. There are no additional costs for UK-specific compliance configuration (MTD VAT mapping, post-Brexit configuration, UK GDPR DPA), these are included in the standard managed service.
As part of APPSeCONNECT’s professionally managed service, the team monitors HMRC MTD requirement updates and applies configuration changes to maintain compliance. When HMRC updates its digital record-keeping guidance, expands MTD scope, or modifies its VAT reporting requirements, the APPSeCONNECT team reviews the impact on the SAP B1 integration configuration and updates as required. This maintenance is included in the £80/month managed service fee.
Yes. APPSeCONNECT holds both ISO/IEC 27001 certification (information security management) and SOC 2 Type II certification (independently audited security controls over a sustained period). Both certifications are typically required by UK enterprise and public sector procurement processes for cloud-based data processing services. Certification documentation is available on request for procurement and IT security due diligence processes.
