What are the Key Requirements for Non-SME Downstream Operators and Traders in EUDR 

Downstream operators and traders in EUDR who are non-SMEs face stricter and earlier compliance obligations. They must submit a Due Diligence Statement (DDS) for all covered commodities, including precise geolocation data of production plots, and conduct thorough risk assessments for deforestation and legal compliance. Certification alone is not sufficient; companies must evaluate risks, apply mitigation measures, and maintain audit-ready documentation for at least five years. Traders are required to collect and keep DDS references from suppliers and ensure traceability when reselling. Non-SMEs must comply by December 30, 2025, ahead of the extended deadline given to SMEs. 

The EU Deforestation Regulation (EUDR) is not arriving at the same pace for everyone. While small and medium enterprises (SMEs) have until June 30, 2026, larger organizations — the non-SMEs — face a much stricter timeline, with compliance required by December 30, 2025. This earlier deadline reflects the EU’s expectation that larger operators and traders have greater resources and influence to lead the transition toward deforestation-free supply chains. 

For non-SMEs, this means there is no time to lose. Compliance is not limited to filing paperwork; it involves building a verifiable, end-to-end system that can withstand regulatory scrutiny. From collecting precise geolocation data to assessing deforestation risks and generating Due Diligence Statements (DDS), the requirements are more complex and the margin for error is slim. 

This blog will break down the key obligations for non-SME downstream operators and traders under EUDR, highlight the risks of non-compliance, and provide practical strategies to prepare now — so that compliance becomes not just a regulatory checkbox but a competitive advantage. 

Key Takeaways 

• Who counts as a Non-SME? Companies with ≥250 employees, ≥€50M turnover, or ≥€43M balance sheet. 

• Core Requirements: File Due Diligence Statements (DDS), collect geolocation data, perform risk assessments, apply mitigation, and keep records for 5 years. 

• Traders & DDS: Non-SME traders must file their own DDS referencing upstream filings. SME traders only need to keep records. 

• Example: Importer → Manufacturer → Distributor → Retailer — each larger company must verify upstream due diligence and file their own DDS. 

• Common Challenges: Large supplier bases, poor digital maturity, geolocation for thousands of SKUs, fragmented DDS processes, and higher audit risks. 

• Digital Platforms: Tools like TraceX centralize supplier data, automate DDS filing to EU TRACES, run AI + satellite risk assessments, and scale compliance across global operations. 

Who Counts as a Non-SME Under EUDR? 

A non-SME operator in EUDR is a larger business — such as a multinational trader, leading exporter, or commodity aggregator — that exceeds SME thresholds and must implement full due diligence processes earlier than smaller firms. 

This classification ensures that the biggest players in global supply chains lead the way in proving that products entering the EU are deforestation-free and legally sourced. 

Under the EU Deforestation Regulation (EUDR), companies are classified based on their size. A non-SME operator is any business that exceeds the official SME thresholds: 

• ≥250 employees, or 

• ≥€50 million annual turnover, or 

• ≥€43 million annual balance sheet total. 

These companies are expected to have greater capacity and resources to comply, which is why their deadline for EUDR compliance is set earlier (December 30, 2024) compared to SMEs. 

Still unsure about your role under EUDR? 

Whether you’re an operator, downstream operator, or trader, the rules and obligations differ — but compliance is non-negotiable. 

Dive deeper in our blogs: 

• Guide to Operators and Traders under EUDR 

• Understanding the Full Scope of EUDR 

Get clarity, reduce compliance risks, and stay ahead of deadlines. 

What are the Core EUDR Requirements for Non-SME Downstream Operators and Traders? 

Not every company affected by the EU Deforestation Regulation (EUDR) is the “first placer” of raw commodities (like cocoa beans, soy, or cattle hides) on the EU market. Many larger businesses (non-SMEs) buy from upstream operators who already import or produce these commodities within the EU. These downstream companies still face full compliance obligations — but their due diligence process looks slightly different. 

What Makes Them “Downstream Operators”? 

• If a company transforms commodities into EUDR-covered products — e.g., using cocoa to make chocolate or hides to make leather — it becomes a downstream operator. 

• Even though the raw commodities have already undergone due diligence, the downstream operator is still “placing” a new listed product (chocolate or leather) on the EU market. 

• If the company qualifies as a non-SME , it must file its own Due Diligence Statement (DDS). 

Non-SMEs — the larger operators and traders in global supply chains — face the most immediate and stringent obligations under the EU Deforestation Regulation (EUDR). Their compliance responsibilities cover the entire due diligence cycle, from data collection to long-term documentation. 

1. Due Diligence Statements (DDS) 

Non-SMEs must submit a Due Diligence Statement before placing regulated commodities or derived products on the EU market. This DDS must confirm that products are deforestation-free and legally produced. The deadline is December 30, 2024, and unlike SMEs, there is no grace period. 

2. Geolocation Data 

Every product placed on the EU market must be linked to its precise geolocation coordinates. This ensures that sourcing locations can be verified against deforestation risk, a cornerstone of EUDR compliance. Downstream operators must ensure upstream suppliers provide this data in a standardized format (e.g., GeoJSON). 

3. Risk Assessment 

Collecting data is not enough. Non-SMEs must conduct a robust risk assessment to evaluate the likelihood of deforestation or illegality in their supply chains. Factors include: 

• Country of production and its risk classification (low, standard, high). 

• Supplier practices and reliability. 

• Commodity-specific risks (e.g., cocoa vs. soy). 

4. Risk Mitigation 

Where risks are identified, companies must implement clear mitigation measures before placing goods on the market. This could involve obtaining additional information, commissioning satellite verification, improving supplier engagement, or suspending trade until risks are resolved. 

5. Record Keeping 

Transparency and accountability don’t end with submission. Non-SMEs are required to retain all due diligence records for at least five years, making them readily available to competent authorities for inspections. This includes DDS submissions, geolocation data, risk assessment documentation, and mitigation evidence. 

How Do They Fulfill Due Diligence? 

Instead of re-collecting all the raw data, downstream non-SME operators can rely on the DDS already submitted by their upstream suppliers. To do this, they must: 

1. Collect Reference & Verification Numbers from upstream DDS filings. 

• Reference number: Assigned by the EU Information System to each DDS. 

• Verification number: A security number ensuring authenticity. 

2. Verify the Numbers via the EU Information System. 

• When a downstream operator files its DDS, the system automatically checks that the upstream DDS references are valid and match the commodities supplied. 

• This can be pre-verified by saving a draft DDS, which unlocks a “Referenced Statements” tab for number validation. 

3. Submit Their Own DDS with the validated reference numbers included. 

This system is designed to reduce administrative burden while maintaining traceability and accountability.

Why Extra Steps May Be Needed 

While referencing upstream DDS is acceptable, legal liability remains with the downstream operator. If the products turn out to be linked to deforestation or illegal sourcing, downstream operators can still face penalties, product withdrawal, and fines. 

That’s why companies often choose to go further, especially in cases where: 

• Commodities come from standard- or high-risk countries. 

• Suppliers are new or untested. 

• There is limited confidence in the upstream operator’s due diligence practices. 

Extra steps might include: 

• Running independent risk assessments on geolocation data. 

• Using satellite or AI tools for verification of sourcing origins. 

• Requesting additional supporting documentation from suppliers. 

For downstream non-SME operators under EUDR, compliance isn’t just about filing reference numbers — it’s about ensuring that upstream due diligence is robust, verifiable, and defensible in case of audits. While the EU Information System makes validation straightforward, responsible companies will often layer in their own checks to reduce risk exposure and protect supply chain credibility.

Do Traders Need to Submit Their Own DDS? 

Yes — but it depends on their size. 

Non-SME Traders (Large Companies) 

If a trader is larger than an SME (≥250 employees, ≥€50M turnover, or ≥€43M balance sheet), they must submit their own Due Diligence Statement (DDS) under the EUDR. Even though they are not the first to place commodities on the EU market, their role in reselling products means they must: 

1. Collect DDS References from suppliers (reference & verification numbers linked to the original upstream DDS). 

2. Maintain Traceability so that the products they sell can be linked back to their verified origin. 

3. Ensure No Gaps in Compliance — the chain of custody must remain unbroken, so compliance covers both the purchase and resale transaction. 

In practice, their DDS refers back to the supplier’s DDS, but filing it ensures accountability at every stage of the supply chain. 

SME Traders (Smaller Companies) 

If the trader is an SME, they do not need to file a DDS. Instead, they must keep records for five years of who they bought from, who they sold to, and the DDS references provided. 

Non-SME traders must actively file a DDS to maintain compliance, while SME traders have a lighter obligation but must still guarantee traceability and record-keeping. 

For SME traders, the obligations are lighter: 

• No need to file a new DDS. 

• Instead, they must keep records for at least five years of: 

• The operators and traders they buy from, 

• The companies they sell to, 

• And the DDS details that accompanied those products. 

This ensures traceability while recognizing the limited resources of SMEs. 

In both cases, the responsibility doesn’t disappear: every company in the chain must help prove that products placed on the EU market are deforestation-free and legally produced. 

Real World Example of Downstream Operators and Traders in Practice

Let’s take the case of coffee beans moving through the EU supply chain, with all companies being non-SMEs (larger firms). 

• Spanish Company A (Operator): 
  This company imports raw coffee beans from Brazil into the EU. As the first to place an EUDR-listed product (coffee) on the EU market, Spanish Company A is classified as an operator. It must perform full due diligence (collect geolocation, verify legality, assess risk) and file a Due Diligence Statement (DDS) when placing the coffee beans on the market. 

• French Company B (Downstream Operator): 
  This company buys the raw coffee beans from Spain, roasts and packages them into ground coffee, which is also an EUDR-listed product. French Company B is a downstream operator, because it transforms one listed commodity (beans) into another listed product (ground coffee). It must confirm that Spanish Company A carried out due diligence correctly and then file its own DDS for the finished coffee. 

• Italian Company C (Trader): 
  This company buys the packaged coffee from France and distributes it to cafés and restaurants. Since Italian Company C doesn’t transform the product, it is a trader. Its obligation is to confirm that both Spanish Company A and French Company B performed due diligence, and then file its own DDS. 

• Dutch Company D (Trader): 
  This company buys the coffee from Italy and sells it through retail channels to final consumers. As a trader, Dutch Company D must also verify that due diligence was completed at each prior stage and then submit its own DDS. 

What This Shows 

• Operators (Spanish Company A) carry the full burden of collecting and verifying data when commodities first enter the EU. 

• Downstream operators (French Company B) must build on that due diligence and file again when transforming listed products. 

• Traders (Italian Company C and Dutch Company D) must keep the compliance chain unbroken by filing their own DDS referencing upstream filings. 

In short, every link in the chain has a responsibility. No matter how far the product is from its origin, each company must ensure traceability and compliance before making it available on the EU market.

What are the Common Challenges for Non-SMEs Downstream? 

For large companies classified as non-SMEs, meeting the requirements of the EU Deforestation Regulation (EUDR) is far from straightforward. Their scale, complexity, and visibility in global supply chains create unique hurdles: 

Large Supplier Bases with Poor Digital Maturity 

Non-SMEs often work with hundreds or even thousands of suppliers across different countries. Many of these suppliers, especially smallholders, still rely on paper-based or fragmented systems and lack the digital tools required for EUDR compliance. This creates bottlenecks in collecting reliable data and increases the risk of incomplete or inconsistent records. 

Collecting Precise Geolocation for Thousands of SKUs 

EUDR requires that every commodity and product can be traced back to its exact geolocation. For non-SMEs dealing with thousands of SKUs across multiple commodities, this becomes a monumental data management task. Ensuring accuracy, avoiding duplication, and aligning with EU TRACES formatting (e.g., GeoJSON files) demands advanced systems that many firms don’t yet have. 

Coordinating DDS Filing Across Multiple Business Units 

Large operators and traders often have multiple divisions, subsidiaries, or regional entities handling imports, processing, or resales. Each must generate and submit Due Diligence Statements (DDS) in a consistent, compliant way. Without centralized oversight, the process risks becoming fragmented, leading to gaps, errors, or duplication that could result in non-compliance. 

Higher Exposure to Audits and Penalties 

Because of their size, non-SMEs face greater scrutiny from regulators. They are more likely to be audited, and failures in compliance carry not just legal penalties (fines, product withdrawal) but also severe reputational risks. A single compliance failure can disrupt exports, strain buyer relationships, and damage brand credibility in sustainability-conscious markets. 

For non-SMEs, the EUDR isn’t just a compliance requirement — it’s a high-stakes operational challenge. Managing scale, ensuring accurate data, and coordinating DDS filings across global operations require robust digital traceability platforms, not manual or piecemeal approaches. 

How Digital Platforms Simplify Compliance for Non-SMEs 

For large downstream operators and traders, the complexity of EUDR compliance can feel overwhelming. TraceX provides an AI-powered, blockchain-based traceability platform that transforms these challenges into manageable, automated workflows: 

Centralized Data Collection 

TraceX consolidates supplier information, geolocation coordinates, certifications, and transaction records into a single digital platform. Instead of chasing fragmented spreadsheets across different business units, non-SMEs get a real-time, unified view of their entire supply chain — from farm to shipment. 

Automated DDS Generation and TRACES Submission 

Manually creating Due Diligence Statements (DDS) is time-consuming and error-prone. TraceX automates the process by linking supplier, SKU, and geolocation data directly to DDS templates, making them EU TRACES-ready. Non-SMEs can generate and file DDS in just a few clicks, ensuring consistency and reducing rejection risk at EU customs. 

Risk Assessment Dashboards with AI + Satellite Data 

TraceX integrates AI-powered analytics and satellite monitoring to assess deforestation risks across sourcing locations. Companies can see a risk heatmap of their supply chain, flagged by country benchmarks, supplier practices, and real-time geospatial alerts. This allows for proactive mitigation instead of reactive firefighting. 

Scalable Compliance Workflows Across Global Operations 

For multinational traders and operators, TraceX enables multi-entity compliance management. Different business units can feed into one centralized platform, while leadership gets audit-ready dashboards. This ensures compliance workflows are scalable and consistent across thousands of SKUs and multiple countries — critical for non-SMEs with global supply chains. 

TraceX transforms EUDR compliance from a fragmented, manual burden into a streamlined, scalable, and transparent process. For non-SMEs, this means less risk, less cost, and more confidence when placing products on the EU market. 

The Road Ahead for Non-SME Compliance 

For non-SME downstream operators and traders, EUDR compliance is not just a regulatory checkbox — it’s a transformation in how supply chains are managed. From filing accurate DDS to validating upstream due diligence and maintaining five years of records, the responsibility lies in ensuring every product placed on the EU market is deforestation-free and legally sourced. Companies that act early, invest in digital traceability, and embed due diligence into daily operations will not only avoid penalties but also build stronger, trust-based relationships with EU buyers. 

Want to go deeper into EUDR compliance? 
Explore our expert blogs to strengthen your knowledge and stay audit-ready: 

• Guide to EUDR Due Diligence – step-by-step process to file compliant DDS. 

• What is EU TRACES? – the digital backbone of EUDR reporting. 

• EUDR Risk Assessment & Mitigation – how to identify, score, and reduce risks. 

Read more and get ahead of compliance challenges today. 

Frequently Asked Questions (FAQ’s)