Handling a VAT Increase in a Legacy Real-Time System

Context

Twin v1 served as the core operational system for the distributor business. In 2022, the Indonesian government increased VAT from 10% to 11%, requiring a system-wide update to our financial logic. While the system had been functionally stable for years, this regulatory shift exposed deep-seated architectural debt in how we handled tax calculations.

The Problem

The legacy architecture lacked temporal awareness and data persistence for financial totals. Grand totals and tax amounts were never saved to the database; instead, they were recalculated dynamically "on the fly" every time an invoice was viewed or a report was generated.

This logic was decentralized, with the VAT percentage hardcoded as 0.10 magic numbers directly within dozens of API controllers. Because calculations were performed in real-time rather than persisted at the point of sale, a simple update to 11% would have triggered a retroactive mutation of every historical invoice. We couldn't comply with the new regulation without simultaneously corrupting years of past financial records.

Constraints

Zero Downtime Requirement: The business could not pause transactions; the solution had to be deployed and verified while the system was live and processing orders.

Architectural Rigidity: The lack of a centralized calculation service made a full structural refactor unfeasible within the regulatory deadline. Stability and risk mitigation took precedence over architectural purity.

Testing Deficit: Automated test coverage was virtually non-existent for these legacy flows, providing no safety net for changes to critical financial logic.

Strict Data Security: Given the sensitivity of the financial records and the legal implications of the update, the design and rollout were conducted under highly restricted access, necessitating a siloed execution.

Decision and Approach

Accepting that a rewrite was impossible, I opted for a pragmatic, versioned tax strategy. I introduced a new vat_percentage column directly into the transaction tables to capture and freeze the rate at the exact moment of sale (Point-in-Time Snapshotting ).

For all new transactions, the system would read from a centralized configuration file rather than hardcoded floats. Historical records were constrained to retain their original, implicitly calculated values, while new transactions utilized the injected configuration. It was a defensive measure designed to ensure the dynamic recalculation wouldn't compromise historical data integrity.

Risk Management and Verification

To mitigate the operational risk, I built out end-to-end test suites specifically for the critical APIs. I also introduced a runtime feature flag —a defensive block that would hard-fail any transaction if the calculated VAT didn’t strictly match the legally valid rate during the rollout window.

For two weeks, I worked directly with the finance team, manually cross-verifying live reports to ensure not a single rupiah was miscalculated or retrospectively altered.

Outcome

We navigated the regulatory shift with zero downtime. Invoice totals remained accurate, the integrity of years of historical data was protected, and a significant legal risk was mitigated without interrupting business operations.

Reflection

This wasn't an architectural upgrade; it did nothing to resolve Twin v1’s underlying structural debt. Lacking a centralized calculation engine meant I still had to apply repetitive, defensive patches across the API layer. It was a calculated stopgap to stabilize the system, not a long-term resolution.

However, the friction of managing dynamically recalculated financial data permanently shaped how I build software. In every system I’ve designed since—especially LAAS—pricing and tax logic are treated as immutable, versioned data. Financial state must be captured and frozen, never recomputed on the fly.

Questions & Answers

Q.
Why not backfill historical totals with a one-time data migration?

Mass migration in a test-less legacy environment carried unacceptable risk. A "do no harm" strategy was the most reliable path to compliance, avoiding the compute overhead and potential corruption risks of backfilling millions of rows for a purely regulatory shift.

Q.
Did adding a `vat_percentage` column create significant database overhead?

The storage overhead was negligible compared to the gain in auditability. Trading a few bytes per row for an immutable snapshot replaced unreliable date-based inference with 100% financial accuracy, a high-ROI trade-off for any financial system.