This article covers why ad-hoc compliance fails, the 7 steps of a systematic compliance workflow, the key environmental regulations by market, industry-standard information formats (IEC 62474, IPC-1752A, IMDS), information management systems from enterprise to SME, organizational roles and responsibilities, supplier management strategies, and emerging regulations to watch.
The first step in any compliance workflow is mapping your target markets to the applicable regulations. Different markets have different requirements — and they evolve independently.
EU RoHS
Directive 2011/65/EU (and amending 2015/863)
Restricts 10 hazardous substances in electrical and electronic equipment placed on the EU market — including lead, mercury, cadmium, hexavalent chromium, certain phthalates, and others. CE marking requires RoHS compliance. Exemptions exist for specific applications.
EU REACH
Regulation (EC) No 1907/2006
Requires suppliers of articles containing SVHC (Substances of Very High Concern) above 0.1% by weight to notify customers and consumers. The SVHC candidate list is updated twice yearly by ECHA and currently lists 240+ substances. Continuous monitoring is essential.
China RoHS
GB/T 26572 / Order No. 32
China's equivalent of EU RoHS, covering similar restricted substances but with China-specific marking requirements (China Pollution Control logo). Applicable to products placed on the Chinese market. Requirements differ from EU RoHS in some application scope details.
California Proposition 65
Safe Drinking Water and Toxic Enforcement Act
Requires businesses to provide warning labels on products sold in California that expose consumers to listed carcinogens or reproductive toxins. The list covers 900+ chemicals. Warning requirements apply regardless of where the product is manufactured.
Other regional regulations
Korea K-REACH · Taiwan TCSCA · Japan Chemical Substances Control Law · UK RoHS
Multiple additional regulations apply depending on export markets. UK RoHS mirrors EU RoHS post-Brexit. Korea K-REACH follows a similar framework to EU REACH. Taiwan and Japan have their own chemical substance control laws. Map every target market at the start of the compliance program and review annually.
⚠ REACH SVHC list updates twice per year. New substances are added to the SVHC candidate list every January and June. Each addition requires re-evaluation of affected products and re-engagement with your supply chain. Subscribe to ECHA alerts and build the biannual review into your compliance calendar as a mandatory event.
Environmental compliance works as a cycle — not a one-time project. These seven steps, implemented as a standard organizational process, ensure systematic coverage and audit readiness.
-
STEP 1
Identify applicable regulations — Map every target market to its applicable environmental regulations. Maintain this mapping as a living document and review it at least annually. New markets and new regulations require the mapping to be updated.
-
STEP 2
Build a complete component inventory — Start from the product BOM and enumerate every component and sub-assembly down to the material level. For complex products with thousands of components, purpose-built compliance management software becomes necessary — manual management becomes error-prone above several hundred components.
-
STEP 3
Request compliance declarations from suppliers — Issue formal material declaration requests to every component supplier using a standard industry format (IEC 62474, IPC-1752A, or IMDS for automotive). Include compliance documentation requirements in purchase contracts with notification obligations and non-compliance consequences.
-
STEP 4
Aggregate and analyze received information — Consolidate declarations by component and product. Analyze compliance status at the product level across all applicable regulations. Flag any component or substance posing a potential non-compliance risk for action.
-
STEP 5
Execute corrective actions where needed — Options include: switching to a compliant alternative component, requiring the supplier to reformulate or change the process, redesigning the product, or restricting sale in specific markets. Document the action taken and its rationale.
-
STEP 6
Document and archive compliance records — Retain all compliance documentation in an accessible, auditable format. Required retention periods vary by regulation but 10 years or more is typical. Documentation must be producible on request from regulatory authorities or customers.
-
STEP 7
Continuous monitoring — Monitor REACH SVHC list updates (twice yearly), RoHS substance amendments, new country-specific regulations, and changes to exemptions. Re-evaluate affected products after each update. This step never ends — build it into your operational calendar permanently.
Using industry-standard material declaration formats instead of proprietary forms significantly reduces the burden on both your team and your suppliers — suppliers who already use these formats with other customers can respond faster and more accurately.
IEC 62474
Material Declaration for Products of and for the Electrotechnical Industry
International standard maintained by IEC. Covers substance declarations, homogeneous material data, and classification data. Broadly used across electronics manufacturing internationally.
Electronics — international
IPC-1752A
Materials Declaration Management Standard
IPC standard widely used in PCB and electronics assembly supply chains. Two-level format (Class A for full material disclosure, Class B for substance-level). Compatible with IEC 62474 data fields.
Electronics — PCB / PCBA
IMDS
International Material Data System
The mandatory material data exchange platform for the automotive industry. Required by virtually all automotive OEMs globally (BMW, VW, Toyota, Ford, GM, Stellantis, etc.) for all components and materials entering their supply chain.
Automotive — mandatory
Requesting standard-format declarations reduces supplier response time. Suppliers who regularly work with IPC-1752A or IEC 62474 can often provide completed declarations quickly because they already maintain the underlying data in compatible systems. A proprietary form requires them to reformat data they already have — adding time and error risk for both sides.
Information management systems
- Enterprise compliance platforms: Assent Compliance, Z2Data, Sphera, iPoint, Source Intelligence — these integrate supplier data collection, SVHC screening, regulation monitoring, report generation, and audit support. Appropriate for organizations managing thousands of components across multiple product lines.
- ERP integration: Linking compliance status to product and component masters in your ERP enables automated compliance checking at new product introduction, change management, and shipping — significantly reducing manual effort and human error risk.
- SME-appropriate tools: For organizations where full-scale compliance platforms are not justified, structured spreadsheets (Excel, Google Sheets, Airtable) can provide functional tracking if properly designed. The critical requirement is that information is traceable, current, and not scattered across email inboxes and desktop files.
Organizational roles
- PROCUREMENT
Issue material declaration requests to suppliers. Manage receipt and filing of compliance documentation. Select suppliers based partly on compliance capability. Include compliance requirements in purchase contracts.
- DESIGN
Verify regulatory compliance of components during selection. Lead substitution design when non-compliant components must be replaced. Consider multi-source and compliance flexibility at design time.
- QUALITY
Overall compliance program management. Audit readiness and customer audit support. Interface with third-party testing laboratories and certification bodies.
- SUSTAINABILITY
Monitor regulatory developments and emerging regulations. Develop internal compliance policy. Report compliance status to management. Manage ESG-related customer requests.
- LEGAL
Incorporate environmental compliance clauses into contracts. Assess legal exposure and regulatory risk. Review customer and supplier contract compliance requirements.
Supplier management for compliance
Supplier compliance information collection is consistently one of the most operationally challenging parts of any environmental compliance program. Three practices make it more reliable:
- Contract enforcement: State the information provision obligation, change notification requirement, and consequences for non-compliance explicitly in purchase contracts — not in a separate quality manual that may not be read
- Support small suppliers: Small suppliers often lack compliance expertise. Providing standard format templates, guidance documentation, and direct support for questions yields better results than enforcement pressure alone
- Commercial platforms: Assent and Z2Data offer supplier portal models where suppliers enter and maintain their own data — shifting the data entry burden upstream while improving data quality
Environmental regulation is tightening and expanding. Build flexibility into your compliance workflow now — the regulations active in 2030 will be more numerous and more demanding than those in force today.
EU CBAM (Carbon Border Adjustment Mechanism) — expanding scope
EU Battery Regulation — new supply chain traceability requirements
PFAS (per- and polyfluoroalkyl substances) — broad restriction proposals in EU
Digital Product Passport (DPP) — mandatory material traceability requirement
ESG supply chain due diligence laws — Germany, EU, and others
Digital Product Passport (DPP) will require material-level traceability for many product categories. Under the EU Ecodesign for Sustainable Products Regulation (ESPR), products will eventually need a machine-readable DPP containing information on materials, substances, recycled content, and repairability. Companies building good material declaration infrastructure now will be significantly better positioned for DPP compliance when it becomes mandatory.
Audit and certification frameworks
- ISO 14001 — Environmental Management System standard. Provides a recognized framework for systematic environmental compliance management. Widely required by automotive and industrial customers as a supplier qualification criterion.
- ISO 9001 integration — Many organizations integrate their environmental management system (ISO 14001) with their quality management system (ISO 9001) to improve efficiency and reduce audit burden.
- Customer audits — Large customers in automotive, medical, and industrial segments regularly audit supplier compliance programs. A documented, systematic workflow is the most defensible position in any compliance audit.
Summary
RoHS and REACH compliance is a permanent operational requirement, not a one-time project. Build it as a seven-step cycle — identify regulations, map components, collect supplier declarations in standard formats, aggregate and analyze, execute corrective actions, archive documentation, and monitor continuously. Support it with appropriate systems for your organization's scale, clear ownership across procurement, design, quality, and legal teams, and contract-enforced supplier obligations. Start building this infrastructure now — the regulatory environment will only become more demanding.