EUDRComplianceEU

EU Deforestation Regulation Compliance

Build EUDR compliance around the legal sequence: product scope, actor role, Article 9 information, Article 10 risk assessment, Article 11 mitigation where needed, and a due diligence statement before EU market placement or export.

This page focuses on what operators, downstream operators, and traders need to evidence so a relevant product file can withstand independent review or competent-authority questions.

Back to main artifactReview sources
Author
Sorena AI
Published
May 9, 2026
Updated
May 9, 2026
Sections
6

Structured answer sets in this page tree.

Primary sources
10

Cited legal and guidance references.

Publication metadata
Sorena AI
Published May 9, 2026
Updated May 9, 2026
Overview

The EU Deforestation Regulation makes compliance a product-and-supply-chain control, not a generic sustainability policy. For each relevant commodity or Annex I product, teams need to show that the product is deforestation-free, produced in accordance with relevant legislation of the country of production, and covered by the required due diligence statement or simplified declaration before the regulated EU activity occurs.

Section 1

Start with the EUDR actor role and product trigger

The first compliance file should identify the exact relevant commodity or Annex I product, the EU activity, and the actor role. Operators place relevant products on the market or export them. Traders make relevant products available on the market and are not operators or downstream operators. Downstream operators and traders have their own information, registration, notification, and recordkeeping duties where Article 5 applies.

Do not file a due diligence statement from a generic supplier questionnaire alone. The file should connect the product to the covered commodity, country of production, supplier chain, plot or establishment information, and the internal owner who can stop placement, availability, or export if the EUDR evidence is incomplete.

  • Product classification: map the relevant commodity or Annex I product, SKU, customs or product reference, and supplier lot to the EUDR scope record.
  • Actor classification: record whether the entity is acting as an operator, downstream operator, trader, or micro or small primary operator for the specific transaction.
  • Activity trigger: identify whether the file supports placing on the EU market, making available on the EU market, or export from the EU.
  • Stop condition: block the release when the product is not covered by the required due diligence statement, simplified declaration, or downstream Article 5 information.
Sources for this answer
Regulation (EU) 2023/1115, key definitions and obligations
Supports the actor-role distinction and the Article 3 market-access conditions used to scope the compliance file.
Section 2

Operator compliance: due diligence before the EU activity

Operators need a due diligence system that runs before placing a relevant product on the market or exporting it. The system should combine Article 9 information collection, Article 10 risk assessment, and Article 11 risk mitigation where the risk is not negligible. If the due diligence conclusion is no or only negligible risk, the operator makes the due diligence statement available through the Article 33 information system and assumes responsibility for Article 3 compliance.

The practical compliance owner is usually split across sourcing, sustainability, trade compliance, and legal. Sourcing obtains supplier and plot-level inputs; sustainability checks deforestation-free and legality evidence; trade compliance controls release and statement references; legal handles substantiated concerns, non-negligible-risk decisions, and competent-authority correspondence.

  • Article 9 intake: collect and keep product description, quantity, country of production, supplier and recipient details, geolocation or allowed substitute information, and evidence of deforestation-free and legal production.
  • Article 10 review: assess country and area risk, commodity risk, supply-chain complexity, circumvention or mixing risk, source reliability, and any substantiated concerns before concluding risk status.
  • Article 11 mitigation: require additional information, independent checks, supplier corrective action, segregation, or other controls before release when risk is not negligible.
  • DDS control: submit or authorize submission of the due diligence statement only after the compliance file supports a no-or-negligible-risk conclusion.
  • Five-year evidence file: keep due diligence statement records, supplier inputs, risk conclusions, mitigation actions, and downstream reference-number communications traceable for review.
Sources for this answer
Regulation (EU) 2023/1115, key due diligence articles
Supports the operator sequence of Article 9 information collection, Article 10 risk assessment, Article 11 mitigation, due diligence statement submission, responsibility, and five-year DDS records.
Commission Implementing Regulation (EU) 2024/3084 on the EUDR information system
Supports the operational need to control due diligence statement submission through the EUDR information system.
Recommended next step

Prepare an EUDR evidence file before DDS filing

Use this guide to connect product scope, supplier evidence, Article 9 information, Article 10 risk assessment, Article 11 mitigation, and due diligence statement records before covered products move.

Research workflow
Open Research Copilot

Answer EUDR implementation questions with cited source material.

Explore next step
Talk to Sorena
Discuss EUDR implementation

Review operator, trader, and due diligence evidence workflows with Sorena.

Explore next step
Section 3

Downstream operator and trader compliance

Downstream operators and traders should treat supplier references as controlled compliance data. Article 5 grounding requires them to possess specified supply-chain information, including supplier details and due diligence statement reference numbers or declaration identifiers where the supplier is an operator, and to keep the information for at least five years.

Non-SME downstream operators and non-SME traders have additional Article 5 controls. They register in the Article 33 information system before the relevant activity, and if they obtain information indicating non-compliance or a substantiated concern before placement, availability, or export, they verify due diligence and do not proceed unless verification demonstrates no or negligible risk.

  • Supplier intake: capture supplier name, address, contact details, product identity, and the upstream due diligence statement reference number or simplified declaration identifier where required.
  • Recipient traceability: retain downstream recipient details so the product chain can be reconstructed if an authority or customer asks for the EUDR file.
  • Information-system readiness: for non-SME downstream operators and non-SME traders, confirm registration before the regulated activity.
  • New-risk escalation: if relevant new information indicates a product at risk of non-compliance, notify competent authorities and downstream recipients as Article 5 requires.
  • Release gate: where prior information indicates non-compliance or a substantiated concern, verify the upstream due diligence and block release unless no or negligible risk is demonstrated.
Sources for this answer
Regulation (EU) 2023/1115, Article 5 obligations summary
Supports downstream operator and trader information, registration, notification, verification, and five-year recordkeeping duties.
Section 4

Article 9 information file

Article 9 information is the foundation for the rest of the EUDR compliance file. A useful record is structured enough for a reviewer to connect product, supplier, country of production, plot or establishment, legality evidence, and deforestation-free evidence without hunting through email attachments.

Where simplified treatment is available for micro or small primary operators, do not erase the compliance trail. The file should still show why the simplified declaration route applies, what declaration identifier was assigned, and what production-location substitute information is being used where the grounding allows it.

  • Product and quantity: describe the relevant product, commodity, batch or lot, commercial reference, and quantity covered by the file.
  • Production origin: record country of production and plot geolocation, or the allowed postal-address or establishment substitute for micro or small primary operators where applicable.
  • Supplier chain: capture direct supplier and upstream operator identifiers, contact details, and DDS reference numbers or declaration identifiers.
  • Deforestation-free evidence: retain satellite, certification, audit, supplier, or other evidence only when it is linked to the product, plot, and time period being reviewed.
  • Legality evidence: retain documents demonstrating production in accordance with relevant legislation of the country of production.
Sources for this answer
Regulation (EU) 2023/1115, Article 9 information requirements summary
Supports the Article 9 evidence categories, including geolocation, deforestation-free evidence, legality evidence, and authority availability.
Regulation (EU) 2023/1115, simplified regime summary
Supports the limited simplified-declaration treatment for micro or small primary operators, including the declaration identifier and possible location-data substitute.
Section 5

Article 10 risk assessment and Article 11 mitigation

A compliant EUDR risk assessment should explain why the product is no or negligible risk, not simply state that a supplier is approved. The record should evaluate production location, commodity and product characteristics, supplier reliability, supply-chain complexity, mixing or circumvention risks, and any substantiated concerns.

If risk is not negligible, Article 11 mitigation happens before the product is placed on the market or exported. The release decision should show which mitigation actions were required, who approved the result, and why the remaining risk is no or negligible. If the conclusion cannot be supported, the product should not proceed under that compliance file.

  • Assessment inputs: use Article 9 evidence, country or area risk, supply-chain complexity, supplier performance, and substantiated concerns as named inputs.
  • Conclusion standard: record whether the assessment reveals no or only negligible risk of non-compliance.
  • Mitigation actions: document requests for additional information, supplier remediation, independent verification, segregation, or other controls used to reduce risk.
  • Approval record: require accountable approval before DDS filing or release where mitigation was needed.
  • Low-risk simplification: where production is in a low-risk country or part thereof, keep documentation showing negligible risk of circumvention or mixing if Articles 10 and 11 are not performed.
Sources for this answer
Regulation (EU) 2023/1115, Articles 10 and 11 summary
Supports the risk-assessment conclusion standard and the requirement to mitigate non-negligible risk before the regulated activity.
Regulation (EU) 2023/1115, Article 13 low-risk simplification summary
Supports the limited low-risk simplification and the continued need to document negligible risk of circumvention or mixing.
Section 6

DDS filing, records, and enforcement-readiness

The due diligence statement is the controlled output of the EUDR file. Operators should not let commercial teams, brokers, or automated trade systems submit statements until the Article 9 file, Article 10 assessment, Article 11 mitigation where needed, and release approval are complete.

Enforcement-readiness means the evidence can be produced quickly, not that it sits somewhere in procurement. Keep a single file index for each DDS reference or declaration identifier, with the product, supplier, origin, Article 9 evidence, risk conclusion, mitigation record, authority communications, downstream reference communications, and retention owner.

  • Pre-filing check: product in scope, actor role confirmed, Article 9 file complete, risk conclusion recorded, mitigation closed if required, and approval captured.
  • Statement log: retain due diligence statement references, simplified declaration identifiers, submitter details, submission date, product coverage, and downstream communication status.
  • Authority response pack: prepare the Article 9 evidence, risk assessment, mitigation record, DDS reference, and contact owner for competent-authority requests.
  • Change trigger: reopen the file when new supplier, product, origin, plot, evidence, substantiated concern, or non-compliance information affects the prior conclusion.
  • Retention control: keep operator DDS records and Article 5 downstream information for the five-year periods supported by the EUDR grounding.
Sources for this answer
Regulation (EU) 2023/1115, operator and trader recordkeeping summary
Supports the five-year records for operator due diligence statements and Article 5 downstream operator and trader information.
EUDR overview, European Commission
Supports the high-level Commission context for EUDR application planning and regulated-market readiness.
Primary sources

References and citations

EUDR overview, European Commission
environment.ec.europa.eu
Referenced sections
  • Supports the high-level Commission context for EUDR application planning and regulated-market readiness.
"2026-12-30: Main EUDR application date."
Regulation (EU) 2023/1115, Article 13 low-risk simplification summary
eur-lex.europa.eu
Referenced sections
  • Supports the limited low-risk simplification and the continued need to document negligible risk of circumvention or mixing.
"Operators are not required to fulfil Articles 10 and 11 if they have assessed supply chain complexity and risks of circumvention or mixing and have ascertained low risk production."
Regulation (EU) 2023/1115, Article 5 obligations summary
eur-lex.europa.eu
Referenced sections
  • Supports downstream operator and trader information, registration, notification, verification, and five-year recordkeeping duties.
"Downstream operators and traders collect and keep supply chain information including supplier details and due diligence statement reference numbers or declaration identifiers."
Regulation (EU) 2023/1115, Article 9 information requirements summary
eur-lex.europa.eu
Referenced sections
  • Supports the Article 9 evidence categories, including geolocation, deforestation-free evidence, legality evidence, and authority availability.
"Article 9 includes collecting and keeping information and evidence including geolocation of plots of land or establishments, and documentation demonstrating deforestation-free and legal production."
Regulation (EU) 2023/1115, Articles 10 and 11 summary
eur-lex.europa.eu
Referenced sections
  • Supports the risk-assessment conclusion standard and the requirement to mitigate non-negligible risk before the regulated activity.
"Operators do not place on the market or export unless the risk assessment reveals no or only a negligible risk of non-compliance."
Regulation (EU) 2023/1115, key definitions and obligations
eur-lex.europa.eu
Referenced sections
  • Supports the actor-role distinction and the Article 3 market-access conditions used to scope the compliance file.
"Relevant commodities and relevant products must not be placed or made available on the market or exported unless they are deforestation-free, produced in accordance with relevant legislation, and covered by a due diligence statement or simplified declaration."
Regulation (EU) 2023/1115, key due diligence articles
eur-lex.europa.eu
Referenced sections
  • Supports the operator sequence of Article 9 information collection, Article 10 risk assessment, Article 11 mitigation, due diligence statement submission, responsibility, and five-year DDS records.
"Due diligence includes information collection (Article 9), risk assessment (Article 10), and risk mitigation (Article 11)."
Regulation (EU) 2023/1115, simplified regime summary
eur-lex.europa.eu
Referenced sections
  • Supports the limited simplified-declaration treatment for micro or small primary operators, including the declaration identifier and possible location-data substitute.
"For micro or small primary operators, the Article 9(1)(d) geolocation may be replaced by postal address of plots of land or the establishment."
Related guides

Explore more topics

EU Deforestation Regulation FAQ
Concise EU Deforestation Regulation answers on scope, covered commodities, operator and trader roles, due diligence statements, geolocation, low-risk countries, customs release, SME timing, enforcement, and records.
EUDR Annex I product lookup: how to check scope
How to check whether a product is in EUDR Annex I, connect it to a covered commodity, and keep supplier and trade evidence without relying on unsupported code lists.
EUDR Applicability Test: Products, EU Market Activity, and Actor Roles
Test whether the EU Deforestation Regulation applies by checking Annex I product scope, EU market placement or export, operator/trader status, downstream role, SME status, and simplified due diligence conditions.
EUDR compliance checklist for products, suppliers, and DDS filing
A practical EU Deforestation Regulation checklist covering product scope, supplier evidence, geolocation, risk assessment, mitigation, due diligence statements, recordkeeping, and customs readiness.
EUDR country benchmarking and simplified due diligence
How EUDR country-risk benchmarking affects low-risk simplified due diligence, full due diligence, information collection, risk monitoring, and evidence records.
EUDR country benchmarking FAQ: low, standard, and high risk
What EUDR country benchmarking means, how low-risk production affects simplified due diligence, and what operators still need to collect.
EUDR country benchmarking triage workflow
Route EUDR consignments and suppliers after country benchmarking: low-risk simplification checks, standard or high-risk due diligence, monitoring triggers, and evidence records.
EUDR customs and import release FAQ
How to prepare EUDR due diligence statement references, information-system handoffs, importer checks, and release evidence before customs or export clearance.
EUDR DDS Reference Numbers: What to Record and Pass Down
FAQ on EU Deforestation Regulation DDS reference numbers, including operator submissions, downstream handoffs, Article 33 information-system context, and evidence records.
EUDR deadlines and compliance calendar
A grounded EUDR calendar covering application dates, benchmarking milestones, the due diligence statement system, and preparation tasks for operators and traders.
EUDR deadlines, phasing, and first actions
Source-grounded EUDR readiness guide covering application dates, operator and trader first actions, geolocation evidence, due diligence statements, the information system, and country benchmarking.
EUDR Due Diligence Statement Evidence: DDS records, geolocation, and supplier proof
Build an EUDR evidence file for due diligence statements: Article 9 information, geolocation records, supplier proof, risk assessment, mitigation, reference numbers, and retention.
EUDR due diligence statement filing workflow
A grounded workflow for filing EUDR due diligence statements: prerequisites, Article 33 information-system use, reference numbers, role handoffs, and records.
EUDR Due Diligence Statement Template
A source-grounded EUDR due diligence statement template covering operator data, product scope, geolocation evidence, risk conclusion, reference numbers, and attachment records.
EUDR Geolocation Data Requirements: plots, suppliers, and DDS evidence
How to collect, check, and use EUDR geolocation evidence for relevant commodities and products, Article 9 information, risk assessment, supplier records, and due diligence statements.
EUDR Geolocation Evidence and Annex I Commodity Lookup
Build an EUDR evidence file that links Annex I commodity scope, supplier and trader records, geolocation evidence, product lots, risk assessment, and due diligence statement support.
EUDR geolocation plots and polygons FAQ
How EUDR teams should collect, link, and use plot-level geolocation evidence for due diligence statements, suppliers, consignments, and risk assessment.
EUDR Geolocation Traceability Systems: records, DDS handoffs, and supplier evidence
How to structure EUDR traceability records for geolocation, supplier evidence, product lots, risk assessment inputs, and due diligence statement handoffs.
EUDR in-scope commodities and products
How to check EUDR scope for the seven commodities, Annex I relevant products, operator and trader roles, and the evidence needed to support a scope decision.
EUDR information system filing: DDS references and handoffs
FAQ guidance on EUDR information system filing, due diligence statement submission, declaration identifiers, downstream handoffs, representatives, and evidence retention.
EUDR non-negligible risk: what stops product release?
FAQ on how EUDR Articles 10 and 11 handle non-negligible risk, when operators should stop placement or export, and what evidence belongs in the file.
EUDR operator, trader, and downstream roles FAQ
How to classify EUDR operators, downstream operators, and traders, including market-placement triggers, DDS reference handoffs, non-SME duties, and evidence records.
EUDR Penalties and Enforcement: Checks, Corrective Action, and Sanctions
Grounded guide to EUDR enforcement: competent authority checks, interim measures, corrective action, EU penalty categories, and records to keep ready.
EUDR Penalties, Fines, and Enforcement Consequences
Grounded guide to EUDR enforcement exposure: Member State penalties, competent authority checks, corrective measures, product holds, and evidence records without invented national fine tables.
EUDR requirements for operators, traders, and DDS filing
Source-grounded guide to EU Deforestation Regulation requirements: scope, due diligence, geolocation, risk assessment, mitigation, DDS filing, records, and simplified regimes.
EUDR risk assessment and mitigation under Articles 10 and 11
How to run an EUDR Article 10 risk assessment, decide when risk is not negligible, apply Article 11 mitigation, and keep release evidence before placing products on the EU market or exporting.
EUDR simplified due diligence: low-risk country evidence FAQ
FAQ answer on when EUDR simplified due diligence applies, what Article 9 information remains required, when Articles 10 and 11 return, and what records to keep.
EUDR SME timing: which dates apply to micro, small, and medium businesses?
FAQ on EUDR SME timing, including the 30 December 2026 main application date, the 30 June 2027 later date for certain micro and small undertakings, and first evidence records to prepare.
EUDR Supplier Evidence FAQ
What supplier evidence to collect for EUDR Article 9 information, geolocation, risk assessment, due diligence statements, and downstream recordkeeping.
EUDR Supplier Onboarding Template
A practical EUDR supplier onboarding template for Annex I product scope, supplier roles, geolocation evidence, risk inputs, mitigation records, DDS references, and five-year records.
EUDR vs CSDDD: product due diligence vs corporate due diligence
Compare EUDR product-level deforestation controls with high-level corporate due-diligence workstreams, focusing on scope, actors, due diligence statements, geolocation, country benchmarking, and evidence.
How is the EU Deforestation Regulation enforced?
EUDR FAQ on competent authority checks, evidence requests, due diligence records, and grounded non-compliance consequences.