The Federation of Bosnia and Herzegovina has moved a long-discussed fiscalization overhaul from “eventually” to “now.” In late January 2026, the Parliament’s House of Peoples adopted the Law on Fiscalization of Transactions, and the Government simultaneously fine-tuned the proposal with amendments that clarify key concepts and raise the financial guarantee required for certified fiscal system manufacturers to 1 million KM.
I’m writing this article based on the webinar “Fiscalization Reform in the Federation of BiH” delivered today (January 29, 2026) by Vukašin Santo, Fiscal Solutions. The full webinar recording will be published on https://www.fiscal-requirements.com.
From “fiscal device” to “fiscal software”, the direction will feel familiar: the Federation is stepping away from a hardware-centric model and toward a software-and-platform model where the tax authority can supervise transactions continuously. The legal backbone is explicit: the law centers on an Electronic System for Recording Transactions, in the legislation abbreviated as ESET, defined as a specialized software system that reliably records business transactions and reports them to the Tax Administration.
In practice, ESET is not your POS. That distinction matters technically and commercially. The webinar framed ESET as the “system layer” that receives transaction data from POS/ERP/webshops, applies required security steps, communicates online with the tax authority’s central platform, and supports archiving and evidence.
How the new architecture works
The cleanest way to understand the new model is as a chain of responsibility. There is a typical POS (or webshop/e-commrece engine) and the ESET becomes the compliance engine. Inside ESET sits a Security Module (SM), which the law defines as a software component responsible for secure processing and protection of transaction data.
The Federation’s concept is built around a central fiscalization platform operated by the tax authority, which verifies transactions and enables real-time oversight. The webinar emphasized a critical operational implication: transactions are expected to be authorized online, and stable internet connectivity becomes a compliance dependency, not an IT nice-to-have.
What changes at the receipt: signatures, verification, QR, and “offline reality”
Modern fiscalization systems always have two audiences: the tax authority and the consumer. Bosnia’s Federation is aligning with that logic. In the webinar, Santo explained that receipts will carry retailer authorization data, tax-authority verification data, and a mandatory QR code that allows verification of fiscalization. He also addressed the uncomfortable question every retailer asks: “What if the connection is down?” The session described an offline/timeout scenario where a receipt can be issued with the retailer-side signature first and then reauthorized within 48 hours to obtain the authority’s verification, with the QR code adapting when the authority code is missing at the moment of sale.
This is where architecture meets store reality: your queues, your network design, your retry logic, and your exception handling become part of your tax risk.
Sales, returns, and the end of the “exchange on one receipt”
The reform also tightens transactional semantics, something POS teams often underestimate until late testing. The webinar highlighted that a sale receipt is meant to represent a positive-value sale only, while returns/corrections are handled as separate negative-value documents linked to a prior sale. If a customer returns and buys something else, the operational expectation is two steps: a return document first, then a new sale receipt.
For retailers, this impacts the entire returns and “exchange” flow: customer service desks, omnichannel returns, and mixed baskets must be reviewed early, not after integration.
ESET is broader than receipts. The law describes ESET as software or a cloud solution that supports composing invoices/receipts, signing them, communicating with the Tax Administration via the Security Module, and archiving transaction data. It can be installed on practically any device, computer, mobile phone, tablet, cash register, and similar endpoints.
It also formalizes three “variants”: an ESET for fiscal receipts, an ESET for e-invoices, and a combined version for businesses that need both. This matters for retail groups that run B2C sales in stores and B2B/B2G flows through ERP, because the compliance layer must span both, cleanly.
What’s excluded now, and why it still matters
Self-service devices and automats (think vending and similar unattended endpoints) are explicitly carved out from what the law considers ESET, with the expectation that the Ministry will further define treatment through by-laws. The webinar echoed this, signaling that details are still pending during the transition period.
Retailers shouldn’t treat “excluded” as “ignored.” Unattended endpoints have a habit of becoming the biggest compliance blind spot, precisely because they sit outside the store’s core POS landscape.
Vendor economics: the market will be regulated, not just the taxpayer
One of the most commercially consequential aspects is how the Federation intends to control who can place compliant fiscal software on the market. In the webinar, Santo outlined conditions for registered manufacturers/representatives, including a local presence hitered business activity, ISO-related requirements, and a significant bank guarantee, described as roughly 1 million KM (about half a million euros), with status granted for five years and subject to renewal.
That direction is consistent with the Government’s January 2026 statement that increased the guarantee for registered/certified fiscal system manufacturers to one million KM, aimed at legal certainty and consistent application. (Vlada Federacije Bosne i Hercegovine)
Timeline: “18 months” is the headline, but transitions are layered
The webinar described the go-live expectation as an 18-month horizon after publication, with the current rules continuing until the new system begins.
For large retailers, the practical takeaway is simple: the critical path will not be coding alone. It will be registration flows, certificate/security lifecycle, store connectivity standards, returns logic, and the readiness of the central platform and its technical documentation.
The strategic point retailers should not miss
This reform is a classic example of where compliance becomes architecture. The Federation is effectively telling the market: fiscalization is no longer feature of the POS; it is an online system that must work across stores, e-commerce, and back office, with auditability built in.
If you treat this as a last-minute “POS change,” you’ll pay for it twice: once in rushed implementation, and again in operational exceptions. If you treat it as a compliance platform integration, where POS is a producer of transactions and ESET is the controlled compliance layer, you’ll end up with something that is not only legal, but resilient.
Note: This article is based on the webinar “Fiscalization Reform in the Federation of BiH” delivered on January 29, 2026 by Vukašin Santo. The complete webinar is published at https://www.fiscal-requirements.com
Source
Recorded webinar https://www.fiscal-requirements.com/webinars/37