GnuCash and Swedish accounting legislation

[Mike or Penny Novack]

On 1/18/2016 4:16 AM, Draug wrote:
> After some more research I discovered the day treshold option which 
> effectively disables me to make any edits after some day, but
>> According to Swedish accounting legislation, you are not allowed to 
>> use accounting software that allows you to edit registered 
>> transactions (where they use Excel as an example), which to my 
>> knowledge is quite easy to do in GnuCash, even after reconcilation. 
>> Swedish accounting legislation requires that every mistake is 
>> corrected with another transaction, and that the mistake is left 
>> intact in the records.
>>
>> Is there anything that I've missed that makes it possible to use 
>> GnuCash in accordance with Swedish law? I really want to avoid 
>> switching to some proprietary, cloud-based accounting software that 
>> costs $12 a month to use.
>>
>> Yours sincerely,
>> Draug 
No, nothing allows the existence of any software system that can satisfy 
the intent of those legislators who apparently haven't a clue about what 
a competent software person could do (to get around imagined protections).

If you are asking whether gnucash can be used in a way that complies 
with this requirement, the answer is yes. To the same extent that old 
fashioned pen and ink on paper accounting can << you know, I could 
always copy over in its entirety a set of bound paper books except for 
altering certain entries and destroy the first set >> You simply don't 
fix things by editing a transaction but by entering a correcting 
transaction (follow the rules).

Tell me something. Does Sweden interpret this law to mean "any 
computerized accounting shall be done on OUR machines (no physical 
access to them) and the data shall be kept on OUR machines (no physical 
access to it).

Look, I used to work for one of the world's largest financials. ONE of 
the things I did a lot of was to write programs to alter the data 
outside of the normal security checks (example -- normally the data 
entered by humans from terminals one at a time and full audit trail 
produced. Because an error was discovered affecting 150,000 accounts 
those need to be corrected,  a correction transaction entered. That 
would be a lot of workers sitting at terminals for lots of weeks. Or 
somebody like me writing a special program to generate that effect. Now 
naturally, I would design that special program so that it ALSO produced 
the same audit trail, looked exactly as if had been done normally. but 
......

In other words, if the software is running on a machine that I can 
access (alter programs if I wish) and the data is being kept on machines 
that I can access (and trust me, if I can alter the programs, 
encryption, security hashing, etc. will NOT keep me from altering the 
data) then the Swedish legislature is fooling itself. Any large Swedish 
company would have people in its IT shop who could alter the data.

Michael

PS: The software being open software only makes it easier (and legal) to 
create an altered program (which gets around the security). Just because 
doing that to proprietary software where you don't have the source code 
is much harder and illegal does not mean can't be done. I've wielded 
tools like "monitors" and "disassemblers" in my day << for perfectly 
legal purposes, having to alter a program that hadn't changed in the 
previous several decades and the source code lost -- say never made it 
from card to disk when all the punch card decks were retired >>