What ERPNext Doesn't Do Out of the Box — and What Saudi Businesses Need to Configure Before Go-Live

Gulf Smart Advisory·26 June 2026

ERPNext is genuinely impressive software. It covers accounting, purchasing, sales, inventory, HR, payroll, manufacturing, projects, and more — all in a single open-source system with no per-user licence fees. For a Saudi SME that is currently running on a combination of spreadsheets, WhatsApp approvals, and a basic accounting package, ERPNext is a significant step forward.

But ERPNext is built for a global audience. The default install does not know about ZATCA, does not understand GOSI, has no concept of End of Service Benefits under KSA Labour Law, and has no procurement controls whatsoever. If you install ERPNext and go live without configuring these things, you are running a non-compliant, unprotected system — and you will discover this at the worst possible moment.

This post covers exactly what ERPNext does not do out of the box for Saudi businesses, and what needs to be configured before you go live.

1. ZATCA e-invoicing — not included

ZATCA Phase 1 has been mandatory since December 2021. ZATCA Phase 2 is being rolled out in waves and is now mandatory for a large portion of Saudi VAT-registered businesses. A standard ERPNext install does none of this.

Out of the box, ERPNext produces a standard sales invoice in PDF format. It does not generate XML invoices in the UBL 2.1 structure that ZATCA requires. It does not embed a QR code on simplified invoices. It does not connect to ZATCA's Fatoora platform for Phase 2 clearance or reporting. It does not have a ZATCA compliance dashboard or submission status tracking.

What needs to be built: Phase 1 requires configuring ERPNext to generate structured XML invoices, compute QR codes in Base64 TLV format, and produce a ZATCA-compliant invoice PDF. Phase 2 requires connecting ERPNext to the Fatoora API, building a submission workflow into the Sales Invoice form, handling clearance for B2B invoices, handling batch reporting for B2C invoices, and building a failure-handling and retry mechanism. This is not a plugin — it is a custom integration that needs to be built and tested against the ZATCA sandbox environment before going live.

2. GOSI payroll — not included

The General Organization for Social Insurance (GOSI) requires monthly contributions from both employers and employees. The rates differ between Saudi nationals and non-Saudi employees: Saudi nationals have a 9% employee contribution plus 9.75% employer contribution; non-Saudis have a 2% employer-only contribution. These rates apply to basic salary plus housing allowance, not total compensation.

A standard ERPNext salary structure does not know any of this. If you run payroll on an unconfigured ERPNext, GOSI contributions will not be calculated, will not appear on payslips, and will not be included in any reports. Your monthly GOSI submission will need to be calculated manually outside the system — defeating the purpose of having an ERP.

What needs to be built: the salary structure needs to be configured with the correct GOSI components for Saudi and non-Saudi employees. A monthly GOSI report needs to be built and mapped to the GOSI portal submission format. The contribution logic needs to handle edge cases such as employees who join or leave mid-month.

3. End of Service Benefits (EOSB) — not tracked

Under KSA Labour Law, every employee is entitled to an End of Service Benefit calculated as half a month's salary per year for the first five years of service, and one month's salary per year thereafter. This is a real liability that sits on your balance sheet, accruing every month for every employee.

ERPNext has no EOSB module. There is no calculation, no liability tracking, no balance sheet account, and no report. Most Saudi businesses calculate EOSB in a spreadsheet when an employee leaves — which means the liability is invisible until it becomes payable.

What needs to be built: an EOSB calculation that runs based on each employee's start date and salary history, a report that shows the current entitlement per employee, and a balance sheet account (typically account 2330) that tracks the cumulative liability. The calculation should update automatically when an employee's salary changes.

4. Iqama and work permit tracking — not included

Every non-Saudi employee needs a valid Iqama (residency permit) and, in most cases, a work permit. These documents expire. A business that employs non-Saudi workers and fails to renew their Iqama on time faces fines and potential complications with the Ministry of Human Resources.

ERPNext has employee document fields, but no built-in expiry tracking or alert system. There is no dashboard that shows you which employees have Iqamas expiring in the next 30 or 60 days, and no automatic notification to HR when a renewal is due.

What needs to be built: Iqama and work permit expiry dates need to be captured on each employee record, and an automated alert needs to be configured to notify the HR Manager 30 days before any document expires.

5. KSA leave types — incomplete

KSA Labour Law specifies leave entitlements that differ from the ERPNext defaults. The default ERPNext leave types do not include Hajj Leave (5 days, once in service), do not set the correct Maternity Leave entitlement (60 days), do not include Paternity Leave (3 days), and do not configure Emergency Leave correctly.

Running leave management on the default ERPNext configuration means your leave policy is not aligned to KSA Labour Law — which creates both compliance risk and employee relations issues.

What needs to be built: all leave types need to be configured to match KSA Labour Law entitlements, with the correct accrual rules, carry-forward policies, and encashment settings for each type.

6. Procurement controls — not included

This is the gap that surprises most finance managers. ERPNext out of the box allows any user to create a purchase order and approve it themselves. It allows supplier bank details to be changed by anyone with access to the supplier record. It allows invoices to be processed without a matching purchase order. It allows the same person who prepares a payment to also authorise it.

These are not minor inconveniences — they are the exact control gaps that enable the most common forms of business fraud: fake suppliers, diverted payments, fictitious invoices, and unauthorised spending. The absence of procurement controls is not an ERPNext flaw; it is a configuration responsibility. But it is a responsibility that many implementations ignore entirely.

What needs to be built: at minimum, a Saudi SME running ERPNext should have purchase request approval before any PO is raised, two-level PO approval for amounts above a defined threshold, supplier bank detail change protection requiring finance approver sign-off, invoice-to-PO matching for invoices above a threshold, and separation of duties between payment preparation and payment authorisation.

7. Chart of accounts — generic by default

ERPNext ships with a generic chart of accounts. The default account structure does not align to SOCPA (Saudi Organization for Certified Public Accountants) standards, does not include the correct VAT accounts for 15% KSA VAT, does not have a dedicated GOSI payable account, and does not include the EOSB liability account.

Starting with the wrong chart of accounts means your financial reports will be incorrect from day one, your VAT return preparation will require manual adjustments, and your auditors will flag the account structure in their first review.

What needs to be built: the chart of accounts needs to be configured to SOCPA standards before any transactions are entered. This includes the correct VAT accounts, GOSI payable accounts, EOSB liability accounts, and the correct classification of all balance sheet and income statement accounts.

The bottom line

ERPNext is excellent software. The gaps listed above are not criticisms of the product — they are the expected result of building a global platform that cannot make jurisdiction-specific assumptions. The question is not whether ERPNext can handle Saudi compliance requirements. It can. The question is whether your implementation partner has actually built these things before going live.

At GSA, every ERPNext implementation includes ZATCA Phase 1 and Phase 2, GOSI payroll, EOSB tracking, Iqama expiry alerts, KSA leave types, procurement controls, and a SOCPA-aligned chart of accounts. These are not optional extras — they are the minimum required to run a compliant, controlled business on ERPNext in Saudi Arabia.

If you are evaluating ERPNext for your business, or if you are already running ERPNext and are concerned about any of the gaps above, speak to our team. We will assess your current configuration and tell you honestly what is missing and what it would take to fix it.

Ready to get started?

Talk to our team. We'll understand your business and tell you honestly what we can do for you.