As of today, April 1, 2025, the Goods and Services Tax (GST) regime in India has introduced stricter compliance measures aimed at enhancing transparency, streamlining tax processes, and curbing tax evasion. The Goods and Services Tax Network (GSTN) has rolled out two significant updates: a mandatory 30-day deadline for businesses with turnovers above Rs 10 crore to issue e-invoices, and the enforcement of Two-Factor Authentication (2FA) for all taxpayers using the e-invoicing and e-way bill systems. These changes mark a pivotal step in India’s ongoing efforts to digitize and secure its taxation framework.
E-Invoicing Deadline for Businesses Above Rs 10 Crore
Starting today, businesses with an Annual Aggregate Turnover (AATO) exceeding Rs 10 crore are required to upload their e-invoices to the Invoice Registration Portal (IRP) within 30 days of issuance. This rule, initially implemented for businesses with turnovers above Rs 100 crore in November 2023, has now been extended to a broader segment of taxpayers. The GSTN announced this change on November 5, 2024, providing businesses with a transition period to adapt their systems before the April 1 enforcement date.
Under this regulation, any invoice, credit note, or debit note older than 30 days from its issuance date cannot be reported on the IRP, rendering it ineligible for generating an Invoice Reference Number (IRN). Failure to comply has significant consequences: the invoice is deemed invalid under GST law, buyers cannot claim Input Tax Credit (ITC), and suppliers may face penalties for non-compliance. This measure aims to ensure timely tax reporting, reduce delays in tax payments, and enhance the overall efficiency of the GST ecosystem.
Previously, the e-invoicing threshold had been progressively lowered—from Rs 500 crore in October 2020 to Rs 5 crore in August 2023—covering more businesses in phases. The current Rs 10 crore threshold, effective today, reflects the government’s intent to bring small and medium enterprises (SMEs) into the fold while maintaining a manageable compliance burden. Businesses are encouraged to integrate their Enterprise Resource Planning (ERP) systems or billing software with the IRP to automate the process and avoid manual errors.
Mandatory Two-Factor Authentication for All Taxpayers
In tandem with the e-invoicing update, the National Informatics Centre (NIC) has made Two-Factor Authentication (2FA) mandatory for all GST taxpayers accessing the e-invoicing and e-way bill systems, effective today. This security enhancement requires users to verify their identity using a combination of a password and a secondary method, such as an OTP (One-Time Password) sent to their registered mobile number or email.
The rollout of mandatory 2FA has been phased in over recent months. It began with taxpayers having an AATO above Rs 100 crore on August 20, 2024, followed by an optional phase for those above Rs 20 crore starting September 11, 2023. From January 1, 2025, it became compulsory for taxpayers with turnovers exceeding Rs 20 crore, and from February 1, 2025, for those above Rs 5 crore. Today’s enforcement extends this requirement to all GST-registered taxpayers, regardless of turnover, aligning with government guidelines to bolster the security of digital tax platforms.
The updated e-invoicing and e-way bill systems, launched by the NIC on January 1, 2025, incorporate these security upgrades to prevent unauthorized access and fraudulent activities. Taxpayers must now ensure their registered contact details are up-to-date to receive OTPs seamlessly, as professionals managing multiple clients have noted challenges when OTPs are tied to a single number.
Objectives and Impact
These changes are designed to achieve two primary goals: streamline tax processes and curb tax evasion. The 30-day e-invoicing deadline ensures real-time reporting of transactions, enabling tax authorities to monitor compliance more effectively and reducing opportunities for backdating or manipulating invoices. Similarly, mandatory 2FA strengthens the integrity of the GST system by safeguarding against unauthorized access, a critical measure in combating fraudulent billing practices.
For businesses, the immediate impact includes the need to adapt internal processes. Companies with turnovers above Rs 10 crore must now prioritize timely invoice uploads to avoid disruptions in ITC claims and potential penalties. The 2FA requirement, while enhancing security, may pose logistical challenges for taxpayers relying on shared or outdated contact information, necessitating proactive updates to their GST profiles.
Broader Context and Additional Updates
Today’s changes are part of a broader overhaul of the GST framework in 2025. Other notable updates include restrictions on e-way bill generation, effective January 1, 2025, limiting validity to documents dated within 180 days and capping extensions at 360 days from the original generation date. These measures complement the e-invoicing and 2FA rules, collectively aiming to create a more robust and fraud-resistant tax ecosystem.
The GST Council and the Central Board of Indirect Taxes and Customs (CBIC) continue to refine these policies, with discussions underway to potentially extend e-invoicing to Business-to-Consumer (B2C) transactions following a voluntary pilot proposed in September 2024. For now, the focus remains on ensuring compliance among B2B taxpayers and securing digital interactions.
Conclusion
As of April 1, 2025, India’s GST compliance landscape has tightened significantly with the dual enforcement of the 30-day e-invoicing rule for businesses above Rs 10 crore and mandatory 2FA for all taxpayers. These reforms underscore the government’s commitment to a transparent, efficient, and secure tax system. Businesses and tax professionals are urged to act swiftly—updating systems, training staff, and verifying contact details—to stay compliant and leverage the benefits of a digitized tax regime. With these changes, India takes another step toward a more accountable and streamlined economic framework.
