The EU Deforestation Regulation (EUDR) changes how companies handle sourcing and reporting. From December 2025, placing or exporting regulated commodities in the EU will require a Due Diligence Statement (DDS) that proves products are both deforestation-free and legally produced. Many businesses are asking: which department is actually responsible for compliance?

The answer is both. ESG teams can’t meet operational requirements without supply chain support, and supply chain teams can’t manage governance, reporting, and audit-readiness without ESG. This guide explains why, what each team contributes, and how to build a shared responsibility model that keeps shipments moving and meets legal obligations.

Why EUDR compliance is a shared responsibility

What makes EUDR stand out is that it’s not simply a sustainability disclosure or a procurement standard. It’s a compliance control with real operational impact. The law requires companies to prove that their products are deforestation-free and legally produced before they can be placed on or exported from the EU market. In practice EUDR doesn’t just influence reporting; it changes how you run procurement, logistics, and supplier management every day. A shipment cannot be delivered if there is no DDS submitted.

To meet the law, companies must address two interconnected dimensions:

• Governance and reporting (Article 12): Establishing a due diligence system, aligning internal policies, defining what “negligible risk” means, and preparing for compliance.
  
  
• Operational controls (Articles 9–11): Collecting geolocation and legality data from suppliers, verifying deforestation-free status, running risk assessments, and applying mitigation before shipment deadlines. These tasks sit squarely in procurement and supply chain operations.

Because the regulation blends these two worlds, governance oversight and supply chain execution, no single function can own it outright. ESG teams lack the direct supplier touchpoints to get the data; supply chain teams lack the governance mandate to ensure audit-ready compliance. Only a structured partnership can close the gap.

{{custom-cta}}

How ESG teams contribute to EUDR compliance

ESG teams function as the architects of compliance. Their role is to translate the regulation into a structured system that fits the company’s reality while standing up to regulatory scrutiny. In practice, ESG teams:

• Create the due diligence system: They design and maintain the internal framework that ensures compliance. This includes mapping legal requirements from the EUDR against the company’s own processes. This system sets the rules of the game: how data is collected, how risks are assessed, and how evidence is stored.
  
  
• Develop and implement risk assessments: ESG defines what “negligible risk” means in practice for the business. They build the methodology, set risk criteria, and craft mitigation processes that suppliers and procurement teams must follow when red flags appear.
  
  
• Set out and standardise data requests: ESG determines the exact supplier information required under the law, from geolocation coordinates to legality documents, and ensures there is a clear protocol for collecting and recording this data in an audit-ready way.
  
  
• Coordinate annual reporting: For non-SME operators, ESG is responsible for producing the annual public report on due diligence activities, showing regulators, investors, and stakeholders that the system is active and effective.

By doing this, ESG teams ensure the company has a defensible compliance backbone. Their frameworks and oversight don’t replace supply chain action, but they make sure every operational step can be traced back to a structured, legally aligned system.

In a practical example the ESG team leads the creation of a scoring framework that weights country risk, plot-level verification, and supplier history. This framework becomes the reference point for every shipment review but ESG needs accurate, timely supplier data from operations to apply it.

What supply chain teams bring to EUDR compliance

Supply chain teams function as the operators of compliance. They work at the frontline of supplier engagement and logistics. In practice, supply chain teams:

• Manage supplier relationships and data requests: They are the direct link to suppliers collecting geolocation, legality documents, and other required data. Supply chain teams also help suppliers on the day-to-day, guiding them through formats, systems, and deadlines so that information flows smoothly.
  
  
• Provide product traceability: From inbound raw materials to outbound finished goods, supply chain teams maintain the chain of custody. They ensure compliant and non-compliant goods are not mixed, and that every product can be traced back to its verified origin.
  
  
• Execute mitigation with suppliers: When risks are identified, supply chain needs to act by chasing missing documents, requesting corrective actions, or even switching suppliers when mitigation fails. Their responsiveness ensures no risky shipment moves forward unchecked.
  
  
• Organise DDS’ before shipments: Supply chain monitors and coordinates the deadlines for DDS submissions so that all the requirements have been fulfilled before the shipments are ready for departure.

By doing this, supply chain teams ensure the company’s compliance system works on the ground.  For example, if a supplier in Indonesia provides incomplete plot coordinates, the supply chain is the one following up, standardizing data formats, and ensuring the update reaches ESG for risk assessment all before the shipment is ready to go.

How the shared responsibility model works in practice

The EUDR doesn’t name which job title signs the DDS, it simply states that the operator or non-SME trader placing or exporting the product is responsible. This makes internal clarity essential.

A practical approach is to map responsibilities using a RACI framework (Responsible, Accountable, Consulted, Informed). In this model:

• ESG is accountable for the due diligence process and methodology.
  
  
• Supply chain is responsible for supplier data collection and execution of mitigation steps.
  
  
• Legal reviews ensure alignment with the regulation.
  
  
• Procurement aligns sourcing decisions with compliance requirements.
  
  
• IT supports data integration and traceability systems.
  

How to align ESG and supply chain teams for EUDR

EUDR is a challenge to onboard, and without clear organisation it can quickly create conflicts and bottlenecks. Aligning ESG and supply chain from the start is key to avoiding issues. To make this collaboration work in practice:

1. Dedicate time for training and onboarding: Create internal sessions where both teams learn about the regulation, map responsibilities, and agree on the game plan. Everyone should leave knowing their role in the DDS process.
   
   
2. Work from one system, not scattered files: A central compliance tool, like Coolset’s EUDR module, is essential to stay proactive. It avoids last-minute scrambles by keeping supplier data, risk assessments, and DDS drafts in a single source of truth.
   
   
3. Set timelines and expectations: Define how the teams will handle urgent or fast orders, and build compliance checks into logistics workflows so that no shipment is blocked at the last minute.
   
   
4. Hold regular syncs: Schedule standing meetings, weekly, bi-weekly, or monthly depending on your risk profile, to review open points, supplier issues, and upcoming deadlines.
   
   
5. Start supplier onboarding now: Don’t wait for December 2025. Begin collecting data and engaging suppliers early, so they have time to adapt and you have time to resolve gaps before enforcement kicks in.

By building these habits, ESG and supply chain move from reactive firefighting to a predictable, proactive compliance rhythm.

Common pitfalls when teams work in silos

When ESG and supply chain don’t work in sync, small gaps can quickly snowball into compliance or operational failures. Some of the most common pitfalls include:

• Missing information and misaligned supplier communication: If suppliers are contacted by different people with conflicting requests, they can become frustrated or confused. In practice, this often leads to incomplete or inconsistent data which means the DDS can’t be filed on time.
  
  
• Compliance issues: Without consistent cross-checks, there’s a risk of submitting a DDS without proper controls. For example, procurement might accept a simple supplier self-declaration as legality evidence, while ESG would have required official permits or government records. This creates exposure if an authority audits the file.
  
  
• Operational blockers: Without clear expectations and responsibilities, EUDR checks can be missed in procurement timelines. The result is shipments held back at the last minute because the DDS isn’t ready, causing delays in logistics and lost revenue.

The consequences are serious: blocked shipments, unsatisfied suppliers and customers, and potential fines of up to 4% of EU turnover. In short, siloed working makes EUDR compliance harder, riskier, and more costly than it needs to be.

How technology can bridge the ESG–supply chain gap

Technology can take much of the friction out of EUDR compliance by bridging the natural gaps between ESG oversight and supply chain execution. With the right system in place, ESG gains visibility into operational workflows, and supply chain gains clear compliance guidance without needing to become legal experts.

In practice, this looks like:

• Compliant processes built-in: Supplier data needs are pre-set through questionnaires and guides, so supply chain teams know exactly what to collect. Risks are surfaced in a streamlined platform, visible to both ESG and supply chain. Shipments can’t progress until all information is uploaded, checked, and signed off eliminating the need for constant back-and-forth meetings.
  
  
• AI-driven efficiency: Automated checks and risk scoring reduce human touchpoints and highlight potential issues early, minimising errors and delays.
  
  
• One-click DDS generation: Once data is complete, the system produces a Due Diligence Statement in the correct EU TRACES format at the click of a button. Either ESG or supply chain can trigger it with no technical expertise or direct login to TRACES required.
  
  

The result is a smoother, faster compliance process where both teams work from the same dataset, stay aligned in real time, and avoid bottlenecks.

By replacing scattered files and email chains with a single platform, both ESG and supply chain teams work from the same real-time dataset which means fewer delays, less duplication, and a stronger audit trail.

FAQs

Who signs off on the DDS under EUDR?

The operator (or non-SME trader) placing products on, or exporting them from, the EU market is legally responsible for submitting the Due Diligence Statement (DDS). Submission of a DDS implies that due diligence has been properly carried out and shifts accountability directly to that operator. Internal delegation (e.g. ESG, legal, supply chain teams) is possible, but the operator remains liable.

Can supply chain teams submit a DDS without an ESG team?

Yes, but it’s risky. Supply chain can gather and submit supplier data, yet the EUDR requires risk assessments that are consistent and audit-ready. ESG teams provide that governance by supervising the process, defining risk criteria, and validating evidence. The strongest model is supply chain executing the work under ESG’s oversight.

Do SMEs need both teams involved?

SME operators have simplified obligations: they are not required to conduct full due diligence if their products were already subject to a DDS upstream. SME traders only need to keep and provide supplier/client identity and DDS reference numbers. However, SMEs remain responsible for traceability and must demonstrate compliance to authorities. This makes some form of coordination (procurement and compliance) necessary even if ESG resources are limited.

What’s procurement’s role in EUDR?

Procurement ensures that contractual relationships and sourcing practices deliver the data required under Article 9 (e.g. geolocation, production date, legality documents). They also manage suppliers’ ability to meet deadlines for risk mitigation where needed. In other words, procurement operationalizes compliance upstream, while ESG/legal validate and document it.

Can third parties replace internal coordination?

Third-party certification and verification schemes can support risk assessments, but they cannot substitute an operator’s due diligence obligations. Certifications may provide useful evidence on legality and deforestation-free status, but operators remain liable and must still submit a DDS. External audits or platforms are helpful tools, not a shield from liability.

‍