✅ Who Must Comply (Scope in Plain Terms)

🎯 You are in scope if BOTH are true

1- You are a Union importer of 3TG minerals or metals listed in Annex I (CN codes), and

2- Your annual import volume for each relevant mineral/metal is at or above the Annex I thresholds.

🚫 You are out of scope if any applies

• Your annual import volume is below Annex I thresholds (thresholds are set so ≥95% of EU import volumes under those CN codes are covered).
• You import recycled metals (generally excluded), except for a specific disclosure duty under Article 7(4).
• You can prove stocks were created in the current form before 1 February 2013.
• Note: Annex I minerals/metals obtained as by-products can still be covered.

🧭 CAHRAs: How to Treat the EU Lists

The Commission provides an indicative, non-exhaustive CAHRA list prepared by external expertise and updated every three months.
Even if a sourcing area is not on the list, importers still remain responsible for meeting due diligence obligations.

📌 What EU 2017/821 Requires (Articles 4–7)

🏗️ Article 4 — Management System (build the program)

You must implement a documented management system that includes:

• Public supply chain policy aligned with the OECD model policy referenced in the Regulation.
• Senior management oversight and recordkeeping for at least 5 years.
• Supplier engagement (policy expectations embedded into supplier relationships).
• Grievance mechanism (early warning / risk awareness channel).

🔗 Traceability evidence (the “must-have” data)

• Minerals: supplier, origin, quantities, and additional upstream information where CAHRA/red flags exist.
• Metals: supplier plus smelter/refiner identification, with audit evidence where available.

🔍 Article 5 — Risk Management (identify → mitigate → track)

You must:

• Identify and assess risks in your supply chain using your traceability information.
• Implement a response strategy: continue with measurable mitigation, temporarily suspend, or disengage if mitigation fails.
• For metals, rely on available smelter/refiner audit reports; if they’re missing, you must assess risks and arrange independent audit of your own due diligence.

🧪 Article 6 — Independent third-party audit

• Importers must undergo independent third-party audit covering management system, risk management, and disclosure.
• Metals importer audit exemption: possible if you provide substantive evidence all smelters/refiners comply—deemed fulfilled when sourcing exclusively from smelters/refiners listed by the Commission under Article 9.

🗣️ Article 7 — Disclosure + annual public report

You must:

• Provide authorities with audit reports (or proof of conformity with a Commission-recognized scheme).
• Share due diligence information with immediate downstream customers (respecting confidentiality/competition).
• Publish an annual report describing Article 4 & 5 steps and a summary of audits (including auditor name).
• If concluding metals are only recycled/scrap, publicly disclose that conclusion and describe the measures used.

🛠️ Step-by-Step Compliance Checklist (Implementation Roadmap)

1) 📦 Scope confirmation (Annex I + volumes)

• Map imports to Annex I CN codes and calculate annual volumes.
• Document your in-scope/out-of-scope conclusion (repeat annually).

2) 🧱 Policy + governance pack (Article 4)

• Publish a 3TG policy.
• Assign senior owner; set RACI; define record retention (≥5 years).
• Establish grievance channel and escalation workflow.

3) 🔗 Supplier & smelter/refiner data collection (Article 4)

• Implement supplier onboarding + questionnaires for required fields.
• Maintain a controlled evidence library (shipment → supplier → origin → smelter/refiner → audit evidence).

4) 🔍 Risk assessment (Article 5)

• Screen for CAHRA/red flags; document the rationale.
• For metals: validate smelter/refiner audit coverage; log gaps.

5) 🧯 Risk mitigation plan (Article 5)

• Create measurable actions (owners, KPIs, deadlines).
• Apply continue/suspend/disengage decision rules and retain approvals/evidence.

6) 🧪 Audit readiness (Article 6)

• Prepare an audit pack aligned to Articles 4, 5, 7.
• If using the metals exemption, maintain proof of sourcing exclusively from Commission-listed compliant smelters/refiners.

7) 🧾 Annual reporting (Article 7)

• Publish an Article 7-ready annual report on your website.
• Prepare controlled disclosures for customers and competent authorities.

8) 🕵️ Inspection readiness (Article 11)

Member State competent authorities perform risk-based ex-post checks that can include: reviewing your implementation, examining records, checking audit obligations, and on-the-spot inspections at your premises.
The Commission publishes and keeps updated a list of Member State competent authorities.

📄 Evidence Pack (What You Must Be Able to Show)

• ✅ Supply chain policy + supplier clauses
• 🧾 Import scope memo (Annex I CN codes + volumes)
• 🔗 Traceability records (supplier/origin/smelter-refiner/audit evidence)
• 📊 Risk assessment method + risk register
• 🧯 Mitigation plans + KPI tracking + management approvals
• 🧪 Third-party audit report(s) or recognized scheme conformity evidence
• 🗂️ Annual public report (web-published)

❓ FAQ

Does EU 2017/821 apply to finished products (electronics, jewelry, automotive)?

The legal obligations target Union importers of Annex I 3TG minerals/metals above thresholds, not downstream product manufacturers—though downstream customers often request the same data.

Is the CAHRA list mandatory to use?

It’s a helpful reference, but it is non-exhaustive and does not remove importer responsibility for due diligence.

When did obligations become applicable?

Articles 4–7 and enforcement provisions apply from 1 January 2021.

Are there recognized due diligence schemes?

Yes—scheme owners can apply for Commission recognition to facilitate compliance (Article 8), and the Commission reported its first recognition decision in October 2025.

🌟 Why ComplyMarket Is the Best Solution for EU Conflict Minerals Compliance

ComplyMarket’s Material Compliance Management & Reporting Platform is built to operationalize EU 2017/821 end-to-end—so you can run due diligence as a controlled process (not a spreadsheet project).

How ComplyMarket supports EU 2017/821:

• Annex I scope control: track CN-code materials, volumes, thresholds, and annual scope decisions.
• Article 4 management system: policy publishing, role-based governance, grievance intake, supplier commitments, 5-year record retention.
• Traceability at scale: structured capture of supplier/origin/smelter-refiner data with completeness checks and evidence linking.
• Article 5 risk workflow: risk registers, CAHRA/red-flag screening support, mitigation plans with KPIs, approvals, and audit trails.
• Article 6 audit readiness: one-click evidence packs aligned to Articles 4/5/7 and audit-exemption substantiation for metals where applicable.
• Article 7 reporting: faster annual report production with consistent, reviewable disclosures for customers and authorities.

If your goal is to reduce supplier chasing, eliminate version confusion, and stay continuously audit-ready for EU Conflict Minerals requirements, ComplyMarket is the most complete and scalable option.