CBAM Declaration Software: Generate a Submission-Ready PDF in 5 Minutes
Most CBAM declaration software starts at €5,000 a year. Here's how to generate the same submission-ready PDF — tamper-evident, QR-verifiable, content-hash-footed — for $49–$899 per shipment with no contract. End-to-end walkthrough.
Short version.Most CBAM declaration software starts at €5,000 a year on annual contracts. For most importers and brokers that's an absurd commitment for what they actually need: a tamper-evident PDF per shipment that any customs broker can hand to a CBAM declarant for filing. Our flow does this in five minutes per report, pay-as-you-go, with no signup or contract for one-off purchases. Step-by-step walkthrough below.
See a sample PDF before you buy
Brand-headed, content-hash-footed, QR-verifiable. Open the sample in a new tab to see exactly what your buyer / NCA / broker receives.
What goes into a “declaration-ready” PDF
The EU CBAM Registry doesn't accept PDFs directly — declarations are submitted via the Registry portal by an authorised declarant. But every field the Registry asks for is reproduced inside the PDF, in machine-readable form, so the declarant types nothing twice:
- Declarant identity— name, EORI, address.
- Installation— producer name, address, UN/LOCODE.
- Reporting period— from/to dates of the import.
- Sector + CN code— the 8-digit classification driving the methodology.
- Origin country + tonnage.
- Direct + indirect embedded emissions (tCO₂e per tonne, total tCO₂e), with the EU source for each value.
- Production route per Reg 2025/2620 §5.3 (e.g.
(C)Carbon Steel BF/BOF for steel CN 72081000 from Turkey). - Free-allocation deduction + certificate price for the period + optional origin-carbon credit.
- Net CBAM cost in EUR, the headline number.
Every value above is cited to a specific EU regulation in the PDF's appendix. No magic numbers, no “trust us” claims.
Step-by-step: calculator → PDF
- Open the calculator at /cbam/calculator. Enter CN code, origin country, tonnage. The cost number lands in under a second.
- (Optional) Open the Advanced stage— paste verified intensity from your supplier, the origin country's carbon price if applicable, and the import date.
- Open the Submission stage— fill in declarant name, EORI, address, installation name, UN/LOCODE, verifier (if used), reporting period.
- Email + checkout— the buy button on the right shows the matched PAYG tier price (Checkout — €49 / €149 / €399 / €899). LemonSqueezy handles payment; link to the rendered PDF arrives in your inbox within seconds of payment clearing.
- Hand off— the PDF is email-shareable, byte-stable, and re-downloadable from the link in your inbox for the full 7-year EU retention window.
Tamper-evidence: content hash + QR verification
A PDF that anyone can edit isn't worth much for an audit trail. Two layers protect against forgery:
1. Content hash
Every page carries a SHA-256 hash of the calculation snapshot in the footer. The hash is computed over the inputs JSON (CN, origin, tonnage, intensities, certificate price, etc.) plus the production-route catalog version. Changing any value changes the hash. The hash is also stored on our server at generation time, so a verifier can confirm the PDF they received matches the one we issued.
2. QR verification
Every PDF carries a small QR code in the footer that encodes a URL like https://customs-invoice.com/verify/<report-id>. Scanning lands on a public page that asks for the issue date shown on the document — a one-input challenge that only someone holding the actual PDF can answer correctly. On match, the verifier sees a confirmation panel with the report metadata + a re-download link to the original bytes. On mismatch, “verification failed” with rate-limited retry (10 attempts/hour per IP).
Together: a forger would need to (1) reproduce a valid report-ID UUID, (2) match the issue date the holder of the real PDF would type, AND (3) produce a PDF whose content hash matches our server-stored value. Practically infeasible.
The 7 sectors covered
- Cement (HS Chapter 25)
- Iron and steel (HS Chapters 72–73)
- Aluminium (HS Chapter 76)
- Fertilisers (HS Chapter 31)
- Electricity (HS Chapter 27)
- Hydrogen (HS Chapter 28)
- Selected downstream products incorporating CBAM-scope inputs
Each sector has its own EU production-route catalog (Reg 2025/2620 §5.3). The calculator surfaces the right route picker once you enter CN + origin — you don't need to know whether your steel is BF/BOF or EAF up-front.
Verified intensity flow
When your supplier has a verified emissions report (Column A data per Reg 2025/2547 §3), entering the verified intensity on the Advanced stage replaces the EU default in the calculation. The PDF cites both the verified value and the EU default for transparency, with the verifier's accreditation number captured on the Submission stage.
For brokers acting as Indirect Customs Representatives across multiple importer-clients, see our ICR workflow guide.
See a sample PDF before you buy
Brand-headed, content-hash-footed, QR-verifiable. Open the sample in a new tab to see exactly what your buyer / NCA / broker receives.
FAQ
What's in a 'declaration-ready' CBAM PDF?
Nine fields the EU CBAM Registry asks for in the annual declaration: declarant name + EORI, installation name + UN/LOCODE, reporting period, sector, CN code, origin, tonnage, and the embedded-emissions calculation with citations. The PDF doubles as both a transmittable artefact (for your customs broker or NCA) and a permanent audit-trail record (content-hash footer + QR verification URL).
Is the PDF the actual EU CBAM Registry submission?
No — there's no public API into the EU CBAM Registry. The Registry submission still happens via the EU portal by an authorised declarant. The PDF is the supporting artefact: the broker uses it to file, your client uses it for invoicing, your NCA uses it during an audit. It carries every value the Registry submission needs in machine-extractable form.
How is tamper-evidence proven?
Two layers. (1) A SHA-256 content hash of the entire calculation snapshot is printed in the footer of every page. Any change to the PDF bytes changes the hash. (2) Every PDF carries a QR code in the footer pointing at /verify/[reportId]. Scanning lands the verifier on a public page that asks for the issue date as a challenge; correct date renders a confirmation panel with the report metadata + a re-download link. Forging the PDF without access to our backend is computationally infeasible.
What does it cost?
PAYG pricing scales to the report's computed CBAM tax: €49 for ≤€1k tax (Micro), €149 for ≤€10k (Standard), €399 for ≤€50k (Heavy), €899 for >€50k (Enterprise). PRO subscribers (€349/mo billed annually) get unlimited reports up to a €100k/month tax quota. PAYG reports are yours forever (7-year EU retention); PRO-billed reports require an active subscription to access.
Sources
- Implementing Reg (EU) 2025/2547 — declaration format + embedded-emissions methodology.
- Implementing Reg (EU) 2025/2620 — production-route catalog (§5.3).
- Implementing Reg (EU) 2025/2548 — certificate-price publication methodology.