Enforcement is now less than twelve months away. The EU Deforestation Regulation (EUDR) requires every operator placing covered commodities — rubber, timber, palm oil, cocoa, coffee, soy, cattle — on the EU market to file a Due Diligence Statement (DDS): a structured declaration that their products are deforestation-free and legally produced. Large and medium operators face enforcement from December 30, 2026. Micro and small enterprises follow on June 30, 2027.
A DDS is a formal declaration submitted to the EU Information System before any EUDR-covered product is placed on, or exported from, the EU market. It is not a one-time filing. Every product requires its own statement, and operators must retain supporting evidence for five years and make it available to competent authorities on request.
Filing a DDS is not the hard part. Filing one that holds up to regulatory scrutiny is.
Why a defensible DDS is harder than it looks
Consider a European timber importer that suspends shipments from three Southeast Asian suppliers after an internal audit reveals it cannot substantiate the geolocation data in its draft DDS filings. The coordinates exist — but they are aggregated at the co-operative level, not traceable to individual plots. Under Article 4, that is not evidence. It is an approximation that a competent authority would reject on first review.
This is not an edge case. It is the gap most operators have not yet found. Here are three more that will surface at enforcement:
- Relying on supplier self-declarations. An operator accepts geolocation coordinates from a trading intermediary without independent verification. When a competent authority asks how the data was validated, there is no answer — because the operator never checked whether the coordinates were real.
- Treating certification as a substitute. An operator assumes that RSPO or FSC coverage satisfies the EUDR's traceability requirement. It does not. Certifications can inform a risk assessment, but they do not replace plot-level geolocation, deforestation screening, or the obligation to file a DDS backed by your own evidence.
- Planning to build the audit trail later. An operator intends to assemble evidence retroactively — going back to suppliers after the fact to collect records. Evidence captured months after the event lacks the provenance and integrity that regulators expect. If you cannot show when and how data was collected at source, it is not evidence. It is reconstruction.
Each of these will become visible at enforcement. The question is which one you find first.
The EUDR explicitly requires operators to demonstrate that due diligence was exercised — that they collected relevant information, assessed risk using that information, and mitigated any identified concerns. The burden of proof sits with the operator, not the regulator. This creates three evidence challenges that most operators underestimate.
1. Geolocation must be traceable to source
Approximate coordinates or aggregated regions are insufficient. Each individual plot must be geolocated. For plots over four hectares, polygon boundaries — not just centroid points — are required. In practice, this means field-level data collection, not estimates derived from administrative boundaries or village-level aggregations.
The polygon requirement matters more than operators typically appreciate. A centroid point tells a regulator where a farm roughly is. A polygon tells them exactly which land parcel was used — and allows cross-referencing against deforestation alerts, protected area boundaries, and land title registries.
2. Deforestation assessment must reference authoritative data
Operators cannot simply assert that their source land was free from deforestation and forest degradation. They must demonstrate it, using data. The most defensible approaches combine multiple independent data sources:
- Multi-spectral satellite imagery — vegetation index baselines anchored to the December 31, 2020 cutoff date, at sufficient resolution to detect change at the plot level
- Independent deforestation alert systems — cross-referencing against established alert datasets to flag post-cutoff activity on or near source plots
- Corroborating data sources — additional independent references for high-risk jurisdictions where a single data source is insufficient
The methodology matters as much as the conclusion. A competent authority will not only ask whether you determined your source land was deforestation-free. They will ask which data sources you used, at what resolution, how they were processed, and what thresholds triggered further review. Getting this pipeline right — the specific combination of sources, the analytical logic, the decision criteria — is where most operators find they need specialist capability.
3. The evidence chain must be auditable end-to-end
Performing the right checks is necessary but not sufficient. If a competent authority requests substantiation of your DDS and you cannot produce the underlying data, methodology, and assessment logic in a reproducible form, you do not have a defensible statement. You have an assertion.
The gap between data collection and evidence-grade compliance
Evidence requires four properties that raw data collection does not provide:
- Provenance — where each data point originated and when
- Integrity — assurance that data has not been altered after collection
- Methodology — documentation of how assessments were derived from the data
- Reproducibility — the ability for any reviewer to reach the same conclusion from the same inputs
Without all four, your data supports a claim. With all four, it supports a defence.
| Dimension | Data Collection Approach | Evidence-Grade Approach |
|---|---|---|
| Geolocation | GPS coordinates collected from farmers | Verified polygon boundaries with timestamped field capture and device attestation |
| Deforestation check | Manual alert review, logged as a checkbox | Automated multi-source satellite analysis, methodology documented and reproducible |
| Legality | Document upload (land title, permit) | Document linked to specific plot, integrity hash recorded, source chain traceable |
| Audit trail | Spreadsheet or system log | Immutable, time-stamped ledger — any reviewer can reproduce the assessment |
Most operators are on the left. Enforcement expects the right.
Thinking about your current EUDR workflow? ResourceLedger maps each of these requirements to structured evidence fields — so every DDS you file can be substantiated on demand. Request a demo →
What each DDS field actually requires
So what does this look like field by field?
Under EUDR Article 4, a DDS must cover product identification, geolocation, production date, deforestation status, legality, and risk assessment. Here is what regulators will examine in each — and the evidence standard each field demands:
| DDS Field | What regulators will examine | Evidence requirement |
|---|---|---|
| Product identification | HS code accuracy, volume reconciliation | Linked to source lots and production records |
| Geolocation (< 4 ha) | Coordinate precision, plot-level traceability | Individual GPS point per plot, field-capture timestamp |
| Geolocation (≥ 4 ha) | Polygon boundary completeness, no overlap with deforested land | Polygon boundary captured in field or verified against cadastral data |
| Production date | Post-cutoff confirmation (after Dec 31, 2020) | Harvest records linked to plot and season |
| Deforestation assessment | Methodology, data source, date of assessment | Multi-source satellite analysis with documented and dated methodology |
| Legality verification | Country-of-origin law compliance, document authenticity | Sourced documents with integrity hash; land title or concession linked to plot |
| Risk assessment | Rationale for negligible risk conclusion | Structured assessment with documented inputs and mitigation steps |
What operators should be doing now
With enforcement less than twelve months away, the time for scoping exercises has passed.
-
Map your supply chain to plot level. Regional or co-operative level aggregation will not satisfy Article 4. For rubber, palm oil, and timber supply chains in Southeast Asia, this typically means working directly with smallholders to capture individual farm boundaries — not relying on intermediary estimates.
-
Establish satellite baselines now, not later. Vegetation index baselines must be anchored to the December 31, 2020 cutoff. The further from that date you establish your baseline, the harder it becomes to demonstrate continuity of forest cover. Waiting until Q3 2026 is a material risk.
-
Test your evidence chain before enforcement does it for you. Pick one shipment and walk it backwards: from the DDS fields to the underlying data, to the source plot, to the collection timestamp. If any link in that chain requires a phone call or a manual lookup, that is the gap a competent authority will find.
-
Assess your current tooling gap. If your existing systems collect data but do not produce structured, verifiable evidence — with traceable provenance, integrity assurance, and documented methodology — you have a gap that will become visible at enforcement. The question is whether it becomes visible to you first, or to a competent authority. See how different roles in the supply chain are affected.
How ResourceLedger can help
We built ResourceLedger because the tools available to operators today solve the wrong problem. Most EUDR platforms focus on data collection — gathering coordinates, uploading documents, tracking shipments. That is necessary, but it is not what regulators will ask for. They will ask for evidence: structured, verifiable, reproducible proof that due diligence was actually exercised. The gap between collecting data and producing evidence is where most operators will come unstuck.
That gap is what ResourceLedger closes. The platform is designed around four principles: every data point must have traceable provenance, every document must have integrity assurance, every assessment must have documented methodology, and every conclusion must be reproducible by any reviewer. If it cannot be independently verified, it does not belong in a DDS.
In practice, this means:
- Field-level GPS boundary capture — smallholders capture polygon boundaries on their own phones, with timestamped collection and device attestation baked in at the point of capture
- Automated satellite deforestation screening — a multi-source analysis pipeline combining optical and radar satellite data at sub-hectare resolution, run against every plot, with the methodology documented so a regulator can follow the logic
- Immutable audit trails — every DDS field links back to its underlying data source, so the chain from raw input to final statement is never broken
- DDS generation structured to Article 4 — ready for submission to the EU Information System, with every field substantiated
Here is what that looks like in practice. A rubber processor sources from 200 smallholders in southern Thailand. Each farm's GPS polygon boundary is captured in the field. Automated satellite analysis runs against the cutoff baseline for every plot. Each land title links to its specific parcel with an integrity hash.
The platform generates a complete DDS package — every field traceable to its underlying evidence. Eighteen months later, a competent authority requests substantiation. Every data point, methodology step, and assessment conclusion is reproducible from the immutable audit trail.
ResourceLedger does not certify compliance — that determination belongs to operators and their regulators. What it provides is the evidence infrastructure that makes a defensible DDS possible. You can see how the platform works or explore the technical architecture in detail.
Frequently asked questions
What happens if my DDS is incomplete or indefensible?
Competent authorities in EU member states can request substantiation of any DDS at any time. If you cannot produce the underlying evidence — geolocation data, deforestation assessments, legality documentation, and your risk assessment methodology — your statement is treated as non-compliant. Penalties vary by member state but can include fines, product seizure, and exclusion from public procurement.
Can I use a third-party certification as my DDS evidence?
Third-party certifications (FSC, PEFC, RSPO, etc.) can be part of your risk assessment, but they do not replace the DDS requirement. The EUDR explicitly states that certifications alone are not sufficient — operators must still perform their own due diligence and retain the underlying evidence. A certification can reduce risk but does not eliminate the obligation to demonstrate traceability to plot level.
How do operators handle mixed-origin consignments?
If a single shipment contains commodities from multiple source countries or plots, each origin must be traced and declared separately in the DDS. The EUDR does not allow operators to average risk across origins — every plot must be individually assessed. In practice, this means your traceability system must support lot-level segregation from source through to the point of export.
Is geolocation data considered commercially sensitive?
Operators sometimes resist sharing farm-level coordinates because they view supplier networks as proprietary. The EUDR does not require operators to publish geolocation data — but they must make it available to competent authorities on request. The data stays between the operator, the EU Information System, and the regulator. Withholding it is not an option; the question is how you store and control access to it.
If you are preparing for EUDR enforcement and want to see how evidence-grade provenance works in practice across your commodity flows, request a platform walkthrough.