CBAM Compliance Platform: What 'Full Automation' Actually Means in 2026
Vendors pitch 'fully automated CBAM compliance'. About half of the work can't be automated — supplier intensity data has to come from the supplier. Here's what platforms actually automate, what they leave to you, and how to read a vendor's pitch.
Short version.Vendors selling CBAM compliance platforms pitch “full automation” like the entire workflow can run hands-off. About half of it can. The other half — supplier intensity collection, production-route attestation, dispute resolution — requires human conversations the software can't have for you. Here's what platforms actually automate, what they leave to you, and how to read a vendor pitch without buying a more expensive tier than you need.
The 8-step CBAM compliance lifecycle
- Scope screening— for each shipment, determine if the CN code is in CBAM Annex I.
- Supplier engagement— ask the producer for verified embedded-emissions data per Reg 2025/2547 §3 Column A; receive a CBAM-format report.
- Verification— if the producer uses an EU-accredited verifier, capture the verifier's accreditation number per Reg 2025/2621.
- Embedded-emissions calculation— apply the production route, EU defaults vs verified intensity, the SEFA free-allocation deduction, the certificate price for the import period.
- Per-shipment record— produce a tamper-evident PDF + permanent archive.
- Aggregation— roll up per-shipment calculations to declarant level, by sector and CN code, for the annual declaration.
- Certificate purchase— buy CBAM certificates from the EU Registry covering net surrender (from 1 February 2027 onwards).
- Annual declaration— file by 31 May of the following year via the authorised CBAM declarant, surrendering certificates against the calculated liability.
What's automatable (and what isn't)
| Step | Automatable? | Why |
|---|---|---|
| 1. Scope screening | Yes | CN-code lookup against Annex I — fully deterministic. |
| 2. Supplier engagement | No | Requires the supplier to send data; software can chase but can't produce. |
| 3. Verification | No | An accredited human verifier signs the report. Software stores the credential. |
| 4. Embedded-emissions calc | Yes | Pure formula. The calc itself runs in <1 second. |
| 5. Per-shipment record | Yes | PDF generation + content-hash + archive — all deterministic. |
| 6. Aggregation | Yes | Sum of per-shipment records grouped by sector / CN. |
| 7. Certificate purchase | Partial | Software computes how many to buy; buyer logs into Registry to actually purchase. |
| 8. Annual declaration | Partial | Software produces the data; authorised declarant submits via EU Registry portal. |
So “fully automated” covers steps 1, 4, 5, 6 fully and 7, 8 partially. Steps 2 and 3 (supplier engagement + verification) are where the human work lives, and that's ~60% of the calendar time on a CBAM compliance program. Anyone selling you 100% automation is either reframing what the word means or hasn't shipped to a customer yet.
Platform vs tool: 5 criteria to decide
- Volume of shipments per month.Above ~50, the platform's bulk + supplier-survey features start to earn their keep. Below that, a tool + occasional manual supplier ping is faster.
- Number of importer-clients (if you're a broker). ICR mode + per-client attribution is platform territory. Single-importer brokers can do without.
- ERP / customs-data integration. If your customs entries already live in SAP / Oracle / ServiceNow, an API + ingestion pipe is worth real money. Otherwise, manual per-shipment entry is fine.
- Audit-trail strength required.All tools and platforms produce PDFs; not all carry tamper-evident content hashes + QR verification. If your NCA is one that's likely to audit (DEHSt is famously thorough), spec the audit-trail layer carefully.
- Pricing-model fit. Annual SaaS at €5k+/yr assumes consistent volume. PAYG matches cost to actual usage. PRO subscriptions split the difference (annual commitment, usage-capped quota).
Pricing-model breakdown
Three models in the market, three different cost dynamics:
- Annual SaaS (€2k–€8k/yr)— flat per-month regardless of shipments. Vendors include Carbmee, Cozero CBAM module, smaller specialists. Predictable cost; rigid commitment; usually requires a sales call to buy.
- PAYG per-shipment (€49–€899)— pay per report. No commitment. Cost smooths with volume. Best fit for occasional or unpredictable usage. Our pricing.
- Annual subscription with usage quota (€349–€1k+/mo)— hybrid. Annual commitment for predictable cost; quota cap on the usage tier (we cap at €100k tax/month for our PRO). Best fit for steady high-volume operations.
- Enterprise consulting (€20k–€100k+/yr) — Big 4 + integrated platforms. Bundle CBAM with broader ESG. Right when integration matters more than per-tool optimization.
Buy-checklist
Before signing any CBAM compliance platform contract, get satisfactory answers on:
- How long does the calculation take from input to output? (Sub-second is achievable; vendors that take >5 seconds usually have a sync architecture problem.)
- Is the methodology cited to the specific Implementing Reg article on the output PDF? (If not, you can't prove it to an NCA.)
- Is the certificate price auto-pulled from the Commission's publication, or does someone have to manually update it?
- What's the audit-trail layer? Content hash? QR verification? Immutable archive with version history?
- What happens if I cancel the subscription? Do I lose access to historical reports? (For us: PAYG reports are yours forever; PRO reports require active subscription. See our retention policy.)
- What's the supplier-data flow? Manual upload? Survey-link to the supplier? Integration with a verified-data marketplace?
See the calculator part of the lifecycle live
The 4-second calc is what most vendors automate well. Here's ours, free, no signup. Test it against any platform demo you're considering.
Open the calculatorFAQ
What's the difference between a CBAM 'platform' and a CBAM 'tool'?
Marketing labels, mostly. A 'tool' usually means a calculator + PDF generator (single-purpose). A 'platform' usually means an end-to-end workflow that adds supplier-data collection, multi-importer ICR mode, dashboards, and ERP integration on top. The platform label commands a higher price tag, but for most importers below ~50 shipments/month a tool is sufficient.
What does 'fully automated' mean in vendor pitches?
Selectively interpreted. Most vendors mean: automated calculation, automated certificate-price lookup, automated PDF generation, automated dashboard. None of them mean: automated supplier intensity collection (still requires the supplier to send data) or automated route attestation (still requires verification). Read the pitch carefully — the half they don't mention is the half that takes the most operator time.
Should I evaluate platforms based on feature count?
No. The feature lists are mostly the same — they all do the EU-published methodology, they all generate PDFs, they all store reports. Differentiation lives in: (1) pricing model fit (PAYG vs annual), (2) setup time (today vs 3 weeks), (3) UX (does the calc actually run in <1 second), (4) audit-trail strength (content hash, QR verification), and (5) supplier-data integration if you have a large supplier base.
When should I hire a Big 4 firm instead of buying a platform?
When you have multiple regulatory regimes (CBAM + EU ETS + CSRD + SFDR + ...) and you want one vendor relationship. The Big 4 (PwC, KPMG, EY, Deloitte) bundle CBAM as a slice of their broader ESG advisory practice. For most importers below the Fortune 500, their pricing (€50k+ retainers) is irrational against a dedicated CBAM platform or PAYG calculator. Use them when the integration story matters more than per-feature optimization.
Sources
- Implementing Reg (EU) 2025/2547 §3 — Column A vs Column B (verified vs default data) classification.
- Implementing Reg (EU) 2025/2620 §5 — production routes + default values.