This document is an excerpt from the EUR-Lex website
Document 32025R2358
Commission Implementing Regulation (EU) 2025/2358 of 20 November 2025 laying down rules on certification schemes, certification bodies, and audits under Regulation (EU) 2024/3012 of the European Parliament and of the Council
Commission Implementing Regulation (EU) 2025/2358 of 20 November 2025 laying down rules on certification schemes, certification bodies, and audits under Regulation (EU) 2024/3012 of the European Parliament and of the Council
Commission Implementing Regulation (EU) 2025/2358 of 20 November 2025 laying down rules on certification schemes, certification bodies, and audits under Regulation (EU) 2024/3012 of the European Parliament and of the Council
C/2025/7763
OJ L, 2025/2358, 21.11.2025, ELI: http://data.europa.eu/eli/reg_impl/2025/2358/oj (BG, ES, CS, DA, DE, ET, EL, EN, FR, GA, HR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)
In force
|
Official Journal |
EN L series |
|
2025/2358 |
21.11.2025 |
COMMISSION IMPLEMENTING REGULATION (EU) 2025/2358
of 20 November 2025
laying down rules on certification schemes, certification bodies, and audits under Regulation (EU) 2024/3012 of the European Parliament and of the Council
THE EUROPEAN COMMISSION,
Having regard to the Treaty on the Functioning of the European Union,
Having regard to Regulation (EU) 2024/3012 of the European Parliament and of the Council of 27 November 2024 establishing a certification framework for permanent carbon removals, carbon farming and carbon storage in products (1), and in particular Article 9(5), Article 11(5), Article 12(3), third subparagraph, Article 13(4) and Article 14(2) thereof,
Whereas:
|
(1) |
To establish whether carbon removals and soil emission reductions comply with the requirements of Regulation (EU) 2024/3012, the correct and harmonised functioning of certification schemes, certification bodies and audits is essential. Harmonised rules should therefore be established, bringing about the necessary legal certainty on rules applicable to certification schemes, certification bodies and audits. |
|
(2) |
With a view to minimising the administrative burden for operators, the implementing rules set out in this Regulation should be proportionate and limited to what is required to ensure that compliance with the requirements of Regulation (EU) 2024/3012 is verified in an adequate and harmonised manner, and the risk of fraud is minimised to the greatest extent possible. The implementing rules should therefore not be considered exhaustive but rather minimum requirements that certification schemes may complement as appropriate. |
|
(3) |
To promote comparable information, it is appropriate to set out standardised templates for the key certification documents, including the activity and monitoring plans, and the certification and re-certification audit reports. |
|
(4) |
To ensure a robust and transparent certification process, it is necessary to set out high integrity standards as regards certification scheme’s governance, mandatory public consultation of relevant stakeholders, internal monitoring, handling of complaints, and documentation management, including manuals, internal policies or definition of responsibilities. Certification schemes should be required to have the necessary technical capacity to provide technical advice to operators on the implementation of the certification methodologies. |
|
(5) |
Certification schemes should set up a system of internal monitoring to verify compliance of operators with the scheme’s rules and procedures and to ensure the robustness and credibility of the certification work carried out by certification bodies. |
|
(6) |
It is appropriate to distinguish three categories of non-conformities: critical, major and minor. Each non-conformity should be treated in an adequate way with proportionate consequences, including remediation measures and sanctions, where relevant. |
|
(7) |
Operators have the possibility to participate in a different certification scheme at any time. However, rules are needed to prevent the risk of ‘scheme hopping’ whereby an operator who has failed an audit under one scheme immediately applies for certification under another scheme. Such rules should also apply to situations where the operator changed legal personality but remains the same in substance, so that minor or purely formal modifications, namely changes in the governance structure or the scope of activities, do not exempt the operator with a new identity from such rules. |
|
(8) |
To ensure full transparency of the certification process, key information on the governance and functioning of the certification schemes should be made publicly available on their websites and, when established, on the Union registry. |
|
(9) |
To ensure robust certification, reasonable level of assurance should be required for certification bodies to conclude that the activity plan, the monitoring plan or the monitoring report are free from material errors and omissions or misstatements, following the verification of the data submitted by operators or groups of operators. Applications for certification of compliance should be thoroughly checked on a reasonable assurance basis before the activity can start. Re-certification audits should also be conducted at a reasonable assurance level. |
|
(10) |
Carbon farming is typically carried out by small operators for which the administrative burden and costs associated to third-party verification requirements could be a major barrier to certification. With the view to simplify, while still ensuring overall robust verification, group auditing should be allowed for carbon farming operators according to a set of harmonised risk-based rules. These rules should be designed to be accessible and user-friendly for small operators, leveraging existing technologies, to simplify compliance control. |
|
(11) |
Certification bodies are key actors in the certification process. Therefore, it is necessary for certification schemes to appoint (i.e. approve) only certification bodies accredited by a national accreditation body under relevant Union technical standards or recognised by a national competent authority on the basis of common minimum competence requirements, to ensure that the certification body’s auditors have all the necessary technical skills and auditing experience for carrying out auditing activities. It is also appropriate for Member States and the Commission to monitor, if needed, the activities of certification bodies and access all relevant certification information, including certification, re-certification and monitoring audits. |
|
(12) |
Until the Union registry is established by 2028, certification schemes should ensure that their registries meet a set of minimum requirements, to avoid double counting and effectively handle cases of incorrect or fraudulent issuance of certified units. To facilitate the smooth transition towards the Union registry, the Commission may issue technical guidelines on the functioning of the certification registries and the linking with the Union registry. |
|
(13) |
It is appropriate to lay out the procedure for the Commission’s recognition of certification schemes, which could apply for recognition against one or more certification methodologies. The recognition process should be based on a thorough assessment of the scheme’s compliance with the rules set out in the relevant certification methodologies and in this Regulation. |
|
(14) |
The measures provided for in this Regulation are in accordance with the opinion of the Climate Change Committee, |
HAS ADOPTED THIS REGULATION:
CHAPTER I
SUBJECT MATTER, DEFINITIONS AND ACTIVITY AND MONITORING PLANS
Article 1
Subject matter
This Regulation lays down rules for implementing Regulation (EU) 2024/3012 as regards the following:
|
(a) |
the structure, format and technical details of the activity plan and of the monitoring plan to be submitted by an operator or a group of operators to a certification body and of the certification, re-certification and monitoring audit reports to be issued by a certification body, pursuant to Article 9 of Regulation (EU) 2024/3012; |
|
(b) |
the structure, format, technical details and process required for the operation of certification schemes, the verification of information on independent auditing and the publication of information on appointed certification bodies pursuant to Article 11 of Regulation (EU) 2024/3012; |
|
(c) |
the structure, format and technical details of the certification registries and of the recording, holding or use of certified units pursuant to Article 12(3), paragraph 3, of Regulation (EU) 2024/3012; |
|
(d) |
the structure, format and technical details of the recognition and notification processes of certification schemes pursuant to Article 13 of Regulation (EU) 2024/3012; |
|
(e) |
the structure, format and technical details of the reports to be submitted to the Commission by the certification schemes pursuant to Article 14 of Regulation (EU) 2024/3012. |
Article 2
Definitions
For the purposes of this Regulation, the following definitions apply:
|
(a) |
‘monitoring audit’ means an audit carried out by a certification body during the monitoring period to verify the monitoring of the stored carbon and any reversal that may have occurred; |
|
(b) |
‘terminated certificate’ means a certificate that has been voluntarily cancelled while it is still valid; |
|
(c) |
‘withdrawn certificate’ means a certificate that has been permanently cancelled by the certification body or the certification scheme; |
|
(d) |
‘expired certificate’ means a certificate that is no longer valid; |
|
(e) |
‘group auditing’ means a process in which the approach to auditing activities can be defined at group level; |
|
(f) |
‘non-conformity’ means a failure by an operator or a certification body to comply with the rules and procedures, established by the certification scheme, of which they are members or under which they operate. |
Article 3
Activity plan, monitoring plan, and certification audit and re-certification audit reports
1. The activity plan to be submitted by an operator or a group of operators pursuant to Article 9(1) of Regulation (EU) 2024/3012 shall include the elements as set out in Annex I to this Regulation.
2. The monitoring plan to be submitted by an operator or a group of operators pursuant to Article 9(1) of Regulation (EU) 2024/3012 shall include the elements as set out in Annex II to this Regulation.
3. The certification audit report and the re-certification audit report to be issued by the certification body pursuant to Article 9(2) and (3) of Regulation (EU) 2024/3012 shall include the elements as set out in Annex III to this Regulation.
CHAPTER II
OPERATION OF CERTIFICATION SCHEMES, AUDITING AND CERTIFICATION BODIES
SECTION 1
Operation of certification schemes
Article 4
Governance structure
1. Certification schemes shall set up a robust governance structure that ensures that the scheme has the necessary legal and technical capacity, impartiality and independence to perform its duties. Such governance structure shall include a Board comprised of independent members who assume fiduciary responsibility for the organisation and operate according to transparent procedures. Depending on their certification scope, certification schemes shall set up a technical committee, or an equivalent system of technical expert support, which shall include all relevant stakeholders, if possible, to provide advice to the scheme management on technical issues. Certification schemes shall carry out transparent stakeholder consultations for any new version or major updates of the general requirements, processes and guidelines of the scheme.
2. Certification schemes shall set up rules and procedures to avoid conflicts of interest in decision-making. As a minimum standard, they shall enforce a system of checks and balances to ensure that no individual stakeholder, having a vested interest in the outcome of a decision, may have decisive influence on that decision. Persons having a potential conflict of interest shall be excluded from decision making in the certification schemes. Certification schemes shall put in place appropriate procedures and an audit trail to identify and document such cases, and shall regularly review them as part of their internal control system.
Article 5
Internal monitoring, complaints procedure and documentation management system
1. Certification schemes shall set up a system of internal monitoring to verify compliance of operators with the rules and procedures applied by the scheme and to ensure the quality of the work carried out by the auditors of the certification bodies. Internal monitoring shall be carried out at least once a year or at least at the same frequency of the audits to reflect the certification scope of the scheme, as well as the level of risk of the activities carried out by the operators. As part of the internal monitoring, certification schemes shall require certification bodies to provide them with all the reports of the certification audit, re-certification audit, or monitoring audit (“audit”). The internal monitoring shall cover a random and risk-based sample of those audit reports by each certification body.
2. Certification schemes shall establish procedures for the lodging and handling of complaints against operators or certification bodies. Those procedures shall allow complaints to be sent electronically and shall ensure the protection of natural or legal persons who report infringements or lodge complaints in good faith in accordance with Directive (EU) 2019/1937 of the European Parliament and of the Council (2).
3. Certification schemes shall keep a register of all complaints. Upon request by the Commission or the Member State where the complaint has been lodged, certification schemes shall provide the requester with all documents related to a complaint and its handling.
4. Certification schemes shall ensure effective follow-up of the results of the internal monitoring and the handling of complaints and, where necessary, apply the relevant remediation measures and sanctions for non-conformity by operators pursuant to the rules and procedures established in accordance with Article 6(1). Where necessary, certification schemes shall take corrective measures on their governance structure or on their internal monitoring process.
5. Certification schemes shall establish a documentation management system that addresses each of the following elements:
|
(a) |
general scheme documents, e.g. manuals, policies, definition of responsibilities; |
|
(b) |
internal control system of certification documents and records; |
|
(c) |
review of the documentation management system; |
|
(d) |
internal auditing and monitoring; |
|
(e) |
procedures for prevention, identification and management of non-conformities. |
6. Documentation listed in paragraph 5 shall be kept at least for 5 years after the end of the monitoring period.
Article 6
Non-conformities by operators
1. Certification schemes shall set up a comprehensive system to deal with non-conformities by operators who participate in the certification schemes. As a minimum standard, that system shall include a clear classification of non-conformities, based on their degree of severity in accordance with the requirements set out in paragraphs 2 to 5. For each type of non-conformity, certification schemes shall set up a transparent set of rules and procedures to ensure timely enforcement of the remediation measures and sanctions listed in Article 7.
2. Certification schemes shall classify non-conformities identified during an audit as critical, major or minor.
3. A critical non-conformity shall consist in a violation of the certification scheme’s rules or procedures such as fraud, irreversible non-conformity, or violation that jeopardises the integrity of the certification scheme.
Critical non-conformities shall include at least the following:
|
(a) |
non-compliance with the quality criteria set out in Articles 4 to 7 of Regulation (EU) 2024/3012 and with the certification methodologies referred to in Article 8 of that Regulation; |
|
(b) |
deliberate misstatement of the activity description; |
|
(c) |
falsification of greenhouse gas (GHG) data. |
4. A major non-conformity shall consist in a violation of the certification scheme’s rules or procedures that is potentially reversible and repeated and that reveals systematic problems, or aspects that alone, or in combination with further non-conformities, may result in a fundamental systemic failure.
Major non-conformities shall include at least the following:
|
(a) |
systematic problems with GHG data reported, such as incorrect documentation identified in more than 10 % of the claims included in the representative sample; |
|
(b) |
omission of an operator or a group of operators to declare its participation in other carbon removal certification schemes during the certification process; |
|
(c) |
failure to provide relevant information to the certification body, such as the information needed for the purposes of an audit. |
5. A minor non-conformity shall consist in a violation of the certification scheme’s rules or procedures that has a limited impact, constitutes an isolated or temporary lapse, and shall not result in a fundamental systemic failure if not corrected.
Article 7
Remediation measures and sanctions for non-conformities
1. In the event of non-conformities, the remediation measures and sanctions as laid down in paragraphs 2 to 7 shall apply to operators or groups of operators.
2. In the case of critical non-conformities, operators applying for certification shall not be issued a certificate.
3. Operators which were not issued a certificate in accordance with paragraph 2 may re-apply for certification after a fixed period of time, determined by the certification scheme according to the characteristics of the activity.
4. Critical non-conformities identified during re-certification audits or monitoring audits, or through a certification scheme’s internal monitoring or complaints process, shall lead to the immediate withdrawal of the certificate and no further issuance of certified units.
5. In the case of major non-conformities, operators applying for certification shall not be issued a certificate.
6. Major non-conformities identified during re-certification audits or monitoring audits, or through a certification scheme’s internal monitoring or complaints process, shall lead to the immediate suspension of the certificate. Where operators do not implement the remediation action within 90 days from the notification of the suspension, the certificate shall be withdrawn.
7. In the case of minor non-conformities, certification schemes shall define the period for the implementation of the remediation measures, that shall not exceed 12 months from their notification.
Article 8
Change of certification scheme by operators or groups of operators
1. Certification schemes shall require an operator or a group of operators to disclose the following information in their application for certification:
|
(a) |
whether they or their legal predecessor are currently participating in another certification scheme or have participated in another certification scheme in the last 5 years; |
|
(b) |
the auditing reports of the last 2 re-certification audits in another certification scheme, including, where applicable, the detailed list of findings by certification bodies, and any decision to suspend or withdraw their certificates in the last 5 years; |
|
(c) |
whether they withdrew from a previous certification scheme before the first re-certification audit. |
2. Certification schemes shall exclude from the scheme operators or groups of operators in the following cases:
|
(a) |
where the information listed in paragraph 1 has not been disclosed; |
|
(b) |
where operators or group of operators or their legal predecessors failed the certification audit under another scheme; |
|
(c) |
where operators or group of operators or their legal predecessors withdrew from another scheme before the first re-certification audit. |
3. Paragraph 2, point (b) shall not apply where certification audit under another scheme took place more than 3 years before the application for certification or if in the meantime the other scheme ceased its certification activities, and that prevented the operator or group of operators from re-applying to the scheme. In that case, the scope of the certification audit shall be adjusted to cover all relevant issues and shall focus on the shortcomings identified in the certification audit that operators or group of operators or their legal predecessors failed in the other scheme.
4. Paragraph 2, point (c) shall not apply where the operator or group of operators proves that it had a valid reason providing that withdrawal from another scheme was unavoidable or necessary. That withdrawal shall not be caused by any critical or major non-conformity or neglect by the operator to implement the requirements of the certification scheme.
5. Certification schemes shall ensure an efficient and timely exchange between them of information referred to in paragraph 1.
Article 9
Publication of information by certification schemes and minimum content of their annual operation report
1. Certification schemes shall make publicly and freely available on their website at least the information listed in Annex IV. The Commission shall make that information publicly available on the Union registry.
2. Certification schemes shall list on their registries those operators with a withdrawn certificate, terminated certificate or expired certificate, for at least 36 months after the date of withdrawal, termination or expiry of the certificate. Certification schemes shall make public without delay any changes in the certification status of operators.
3. The annual operation report referred to in Article 14(1), first subparagraph, of Regulation (EU) 2024/3012 shall cover the preceding calendar year and shall follow the structure and shall have the content as set out in Annex V to this Regulation.
SECTION 2
Auditing
Article 10
Audit process and levels of assurance
1. Certification schemes shall require that operators or groups of operators successfully pass a certification audit carried out by a certification body selected from a list of certification bodies appointed by the certification scheme, before allowing them to participate in the scheme. Such audit shall always be on-site and shall as a minimum provide reasonable assurance of the effectiveness of its internal processes.
2. Certified operators or groups of operators shall be subject to regular re-certification and monitoring audits, whose frequency is set out in the relevant certification methodologies, adopted pursuant to Article 8 of the Regulation (EU) 2024/3012. The certification audit and the first re-certification audit may take place at the same time, upon request by the operators. In the case of group audits, the audits may cover a sample of the group members in accordance with Article 12 of this Regulation. The technical reviewer of the certification body shall be responsible for validating the results of the audits.
3. Certification schemes shall establish detailed guidance setting out how audits are planned and carried out and how audit reports are drawn up. Certification schemes shall ensure that certification bodies conduct audits in accordance with EN ISO/IEC 17021-1 in conjunction with EN ISO/IEC 19011 or the equivalent. Certification schemes shall ensure an efficient and timely exchange of audit information between them to support the effective preparation and conduct of the audit.
4. Certification and re-certification audits shall cover at least the following elements:
|
(a) |
identification of the activity undertaken by the operator which is relevant to the certification scheme’s rules; |
|
(b) |
identification of the relevant control systems of the operator and its overall organisation with respect to the certification scheme’s rules and checks of the effective implementation of relevant control systems; |
|
(c) |
analysis of the risks which could lead to a material misstatement, based on the auditor’s professional knowledge and the information submitted by the operator; |
|
(d) |
a validation or verification plan which corresponds to the risk analysis and the scope and complexity of the operator’s activity, and which defines the sampling methods to be used with respect to that operator’s activity; |
|
(e) |
implementation of the validation or verification plan by gathering evidence in accordance with the defined sampling methods, plus all relevant additional evidence, upon which the auditor’s conclusion will be based; |
|
(f) |
a request by the certification body to the operator to provide any missing elements of audit trails, an explanation of variations, or the revision of claims or calculations, before reaching a final audit conclusions; |
|
(g) |
verification of the accuracy of data recorded by the operator; |
|
(h) |
For the purposes of point (c), the analysis of risks shall take into consideration the overall risk profile of the activity, depending on the level of risk of the operator. The audit intensity or scope, or both, shall be adapted to the level of overall risk items. |
5. Certification bodies shall only certify operators or groups of operators where they comply with all the following requirements:
|
(a) |
have a documentation management system; |
|
(b) |
have an auditable system for safekeeping and reviewing all evidence related to the claims they make or rely on; |
|
(c) |
keep all evidence necessary to comply with this Regulation and Regulation (EU) 2024/3012 for a minimum of 5 years after the end of the monitoring period, or longer if requested by national legislation; |
|
(d) |
accept responsibility for preparing any information related to the auditing of such evidence. |
Article 11
Auditing of carbon removal and soil emission calculations
1. Certification schemes shall require operators to provide the certification bodies with the activity plan and the monitoring plan in advance of the certification audit, and with the relevant monitoring reports in advance of the re-certification audits or monitoring audits.
2. For the purposes of the re-certification audits, the monitoring report shall include the necessary information relating to the calculation of the net carbon removal benefit or the net soil emission reduction benefit, in accordance with the relevant certification methodology, and any relevant information on the compliance of the activity with the liability and sustainability criteria, as set out in the applicable certification methodology.
3. For the purposes of the monitoring audits, the monitoring report shall include the necessary information relating to the monitoring of the stored carbon, and any case of reversals.
4. Upon request, certification schemes shall provide the Commission and the national authorities responsible for supervision of the certification bodies with access to the respective audit reports and the certificates of compliance.
Article 12
Group auditing for carbon farming
1. Certification schemes shall allow for group auditing upon request of a group of operators for carbon farming activities only in the following cases:
|
(a) |
the areas where the activities to be certified take place are in geographical proximity to each other and have similar pedoclimatic characteristics, such as climatic or soil conditions; |
|
(b) |
for the purpose of calculating carbon removals and soil emission reductions, the activities have similar processes and procedures; |
|
(c) |
all group members apply the same relevant certification methodology adopted pursuant to Article 8(2) of Regulation (EU) 2024/3012; |
|
(d) |
the group of operators has established a system for internal controls comprising a documented set of risk-based control activities and procedures in accordance with which an identified person or body (group manager) is responsible for verifying compliance of each member of the group with the applicable certification methodology. |
2. A group of operators applying for a group audit shall designate a group manager, who shall legally represent the group of operators and shall be responsible for ensuring that each operator complies with the applicable certification methodology.
3. Certification bodies carrying out group auditing may verify all activities concerned on the basis of a sample of group members. Certification schemes shall set out guidelines on the implementation of group auditing, including at least the following elements:
|
(a) |
role of the group manager, including with regard to the internal management system and internal group inspection procedures and their frequency; |
|
(b) |
size of the sample of the activities concerned, determined in accordance with paragraph 5. |
4. A sample consisting of a number of group members equivalent to the square root of the total number of group members shall be audited individually at a frequency set out in the applicable certification methodology. That number shall be increased in the event of a higher level of risk.
5. For group auditing, if a critical or major non-conformity is identified in one operator of the initial sample of group members, an additional sample of group members of the same size shall be audited. Systemic non-conformity of group members across the whole sample shall lead to the suspension or withdrawal of the whole group certification, as applicable. Certification schemes shall establish criteria for determining the general level of risk in the areas covered by the activities of the group and the consequences of that level of risk for the auditing approach. The sample shall be representative of the whole group and determined using a combination of risk and random selection. Random selection shall represent at least 25% of the members of the sample and at least 25% of the total area covered by the activities of the sample. The members selected for the group audit shall vary at each verification, which frequency is set out in the applicable certification methodology. Critical or major non-compliance of individual group members identified during an audit shall be addressed in accordance with Article 7, paragraphs 2 to 6, as applicable.
6. Audits of the group manager shall always be conducted on-site. Audits of group members may be desk-based, provided that desk audits are able to provide a comparable level of assurance as an on-site audit. Certification schemes shall determine what evidence is required to allow for desk audits. Self-declarations from operators shall not be considered to be sufficient evidence.
SECTION 3
Certification bodies
Article 13
Appointment of certification bodies
1. Certification schemes shall ensure that certification bodies appointed to carry out auditing activities, including certification audits (validation), and re-certification and monitoring audits (verification), comply with the rules laid down in this Article, with the exception of paragraphs 2, 3 and 4 in the case of certification bodies recognised by a national competent authority referred to in Article 10(1) of Regulation (EU) 2024/3012.
2. Certification bodies shall be accredited in accordance with EN ISO/IEC 17065. When a certification body conducts verification activities, either with its internal resources or with other resources under its direct control, it shall also meet the applicable requirements of EN ISO/IEC 17029 and EN ISO 14065. Certification bodies shall only use other resources for audits that have the necessary knowledge, experience, skills and capacity to effectively perform all necessary auditing activities, including validation and verification.
3. The accreditation of certification bodies shall be conducted by national accreditation bodies in accordance with Regulation (EC) No 765/2008 of the European Parliament and of the Council (3) and shall cover the specific scope of certification of the schemes in accordance with Regulation (EU) 2024/3012. When assessing the qualifications of a certification body for the purpose of paragraph 2, the national accreditation body shall take into account any accreditation previously obtained for the relevant activity group in accordance with Commission Implementing Regulation (EU) 2022/996 (4) or Commission Implementing Regulation (EU) 2018/2067 (5), for the certification of, respectively, carbon farming, or permanent carbon removals and carbon storage in products.
4. Certification bodies shall select and appoint the audit team in accordance with EN ISO/IEC 17021-1 in conjunction with EN ISO/IEC 19011, taking into account the competence needed to achieve the objectives of the audit. The audit team shall have the necessary knowledge, experience, skills and capacity to effectively conduct the audit. Where there is only one auditor, the auditor shall also have the necessary knowledge, skills, experience, training and capacity to perform the duties of an audit team leader applicable for that audit.
5. Auditors chosen by certification bodies shall meet the following requirements:
|
(a) |
be independent of the activity being audited; |
|
(b) |
be free from conflict of interest, for instance not being involved in consultancy with the same operator over the past 3 years previous to the audit; |
|
(c) |
have the knowledge, experience, skills and capacity necessary for effectively conducting the audit related to the certification scheme’s scope, including:
|
|
(d) |
for group auditing, they shall have experience in conducting group audits. |
6. The governance system of the certification body shall ensure the highest possible level of independence of the auditors’ judgement by applying principles of auditors’ rotation or other existing best practices in the area.
7. Certification bodies that are no longer entitled to conduct auditing under a certification scheme shall be listed for at least 24 months on the scheme’s website after the last audit with an indication to that effect.
Article 14
Training of certification bodies
1. Certification schemes shall set up robust training courses for auditors of the certification bodies appointed by the scheme, covering all aspects relevant to the scope of the scheme. The courses shall include an examination to demonstrate the participants’ compliance with the training requirements in the technical area or areas in which they are active. Auditors shall participate in the training courses before performing audits on behalf of the certification scheme.
2. Certification schemes shall implement a system to monitor the training status of auditors and ensure that auditors undertake training on a regular basis. Certification schemes shall also provide necessary guidance to certification bodies on aspects that are relevant to the certification process, including updates on the regulatory framework or relevant findings from the certification scheme’s internal monitoring process.
Article 15
Supervision of certification bodies by the Member States and the Commission
1. Certification schemes shall require certification bodies conducting audits under the scheme, as well operators participating in the scheme, to cooperate with the Commission and the national competent authorities of the Member States, including granting access to the premises of operators where requested, as well as making available to the Commission and the national competent authorities of the Member States all information needed to fulfil their tasks under Article 10(1) of Regulation (EU) 2024/3012. Certification bodies shall:
|
(a) |
provide the information needed by Member States to supervise the operation of certification bodies pursuant to Article 10 of Regulation (EU) 2024/3012; |
|
(b) |
provide the information required by the Commission to comply with Article 13 of Regulation (EU) 2024/3012; |
|
(c) |
verify the accuracy of information entered into the relevant certification registry and the Union Registry pursuant to Article 12 of Regulation (EU) 2024/3012. |
2. Member States may delegate the supervision of certification bodies to the national accreditation bodies pursuant to Regulation (EC) No 765/2008.
3. In the context of the supervision provided for in Article 10(4) of Regulation (EU) 2024/3012, Member States may establish procedures allowing certification bodies recognised by a national competent authority referred to in Article 10(1) of Regulation (EU) 2024/3012, regardless of whether their head office is located in their Member State, to register for supervision, and for carrying out the supervision.
4. Member States shall exchange information and share best practices on how to supervise the operation of the certification bodies in the context of a formal cooperation framework. Where certification bodies carry out the certification of activities related to carbon removals, carbon farming and carbon storage in products in more than one Member State, the Member States concerned shall set up a common framework to supervise such certification bodies, including appointing one Member State as lead audit supervisor.
5. The lead audit supervisor shall be responsible, in cooperation with the other Member States concerned, for consolidating and sharing information with other Member States about the outcome of the supervision of the certification bodies.
6. Where a Member State has reasonable doubts about the ability of a specific certification body to carry out its audit work, it shall share that information with the other Member States, the Commission and the certification scheme under which the certification body operates. The certification scheme concerned shall immediately investigate the case. Upon completion of its investigation, the certification scheme shall inform the Member States and the Commission of the outcome of the investigation and of any corrective actions taken.
7. Operators and certification bodies failing or unwilling to comply with the requirements set out in paragraphs 1 to 5 shall be respectively excluded from participating in and conducting audits on behalf of certification schemes.
CHAPTER III
CERTIFICATION REGISTRIES
Article 16
Certification registries
1. Certification schemes shall ensure their certification registries fulfil the following requirements:
|
(a) |
register and track the identity of certified operators and the relevant certificates of compliance; |
|
(b) |
prevent the registration of any activity that is registered under another carbon removal or soil emission reduction certification scheme; |
|
(c) |
prevent the issuance of certified units for a given activity and a given certification period where another certification scheme has issued certified units for the same activity and the same certification period and has not cancelled those certified units; |
|
(d) |
prevent certified units to be accounted by or on behalf of a beneficiary (retired) or definitively deleted from a registry without accounting (cancelled) once they have already been retired or cancelled; |
|
(e) |
require the identification of the beneficiary referred to in point (d) and the purpose for which the unit was retired or cancelled; |
|
(f) |
address erroneous or fraudulent issuance of certified units through remediation measures; |
|
(g) |
the remediation measures referred to in point (f) shall at least include the suspension of the operator’s account and, where relevant, the subsequent compensation for excess issuance of certified units. Such compensation shall take place through either the cancellation by the certification schemes of the corresponding number of issued certified units in the operator’s account, or through the replacement by the operator of an equivalent number of certified units, followed by their immediate cancellation. |
2. The IT security system underpinning the certification registries shall fulfil the following requirements:
|
(a) |
be based on the principles of legality, transparency, proportionality and accountability; |
|
(b) |
be considered during the whole process of the life cycle development of the system; |
|
(c) |
ensure the appropriate levels of authenticity, availability, confidentiality, integrity, non-repudiation, protection of personal data and professional secrecy; |
|
(d) |
be based on a risk management process; |
|
(e) |
clearly define roles and responsibilities of the different users; |
|
(f) |
enumerate the security requirements and the system dependencies of any other IT system or IT service; |
|
(g) |
be summarised in an IT security plan and an IT security implementation plan; |
|
(h) |
have an IT security implementation plan defining the required projects and processes to reduce risks to an appropriate level and at a proportionate cost, and be compliant with a well-recognised IT security standard. |
CHAPTER IV
RECOGNITION OF CERTIFICATION SCHEMES
Article 17
Recognition of certification schemes
1. Only certification schemes that comply with the rules laid down in Regulation (EU) 2024/3012, the relevant certification methodologies and the requirements set out in this Regulation shall be eligible for recognition by the Commission.
2. A certification scheme shall include the following information in its application for recognition:
|
(a) |
name, address and contact information; |
|
(b) |
an overview of the intended scope and activities of the certification scheme; |
|
(c) |
the reference to the certification methodology or methodologies for which the certification scheme is applying for recognition; |
|
(d) |
the rules and procedures demonstrating compliance with the relevant certification methodology or methodologies for which the scheme is applying for recognition; |
|
(e) |
the rules and procedures demonstrating compliance with the requirements set out in this Regulation. |
3. Only complete applications shall be assessed by the Commission. Where needed, the Commission shall request further information from the relevant certification scheme. The findings of the assessment shall be documented in a technical assessment report.
4. As part of the general assessment of certification schemes, the Commission shall also assess, after consulting the European cooperation for Accreditation, if the rules and protocols of the certification schemes are suitable for the accreditation of certification bodies in accordance with Article 13(2) of this Regulation. The conclusion of this assessment shall be included in the technical assessment report, referred to in paragraph 3 of this Article.
5. The Commission may decide to extend the validity of the recognition decision adopted pursuant to Article 13(1) of Regulation 2024/3012, upon request by the certification scheme.
6. Certification schemes shall notify the Commission without delay of any substantial modifications of the scheme that might affect the outcome of the assessment underpinning the recognition decision. Substantial modifications shall include, but shall not be limited to, the following:
|
(a) |
modifications of the relevant certification methodologies covered by the certification scheme; |
|
(b) |
extension of the scope of the certification scheme beyond what is described in the recognition decision; |
|
(c) |
modifications compared to the requirements set out in this Regulation. |
CHAPTER V
FINAL PROVISIONS
Article 18
Entry into force and application
This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.
This Regulation shall be binding in its entirety and directly applicable in all Member States.
Done at Brussels, 20 November 2025.
For the Commission
The President
Ursula VON DER LEYEN
(1) OJ L, 2024/3012, 6.12.2024, ELI: http://data.europa.eu/eli/reg/2024/3012/oj.
(2) Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law (OJ L 305, 26.11.2019, p. 17, ELI: http://data.europa.eu/eli/dir/2019/1937/oj).
(3) Regulation (EC) No 765/2008 of the European Parliament and of the Council of 9 July 2008 setting out the requirements for accreditation and repealing Regulation (EEC) No 339/93 (OJ L 218, 13.8.2008, p. 30, ELI: http://data.europa.eu/eli/reg/2008/765/oj).
(4) Commission Implementing Regulation (EU) 2022/996 of 14 June 2022 on rules to verify sustainability and greenhouse gas emissions saving criteria and low indirect land-use change-risk criteria (OJ L 168, 27.6.2022, p. 1, ELI: http://data.europa.eu/eli/reg_impl/2022/996/oj).
(5) Commission Implementing Regulation (EU) 2018/2067 of 19 December 2018 on the verification of data and on the accreditation of verifiers pursuant to Directive 2003/87/EC of the European Parliament and of the Council (OJ L 334, 31.12.2018, p. 94, ELI: http://data.europa.eu/eli/reg_impl/2018/2067/oj).
ANNEX I
Standard template for the activity plan referred to in Article 3
An activity plan shall include at least the following sections:
|
1. |
Description of the activity, including the description of the following elements:
|
|
2. |
Description of the application of the certification methodology or methodologies, including separate sub-sections on:
|
|
3. |
Expected total carbon removals, total soil emissions, and total greenhouse gas emissions associated to the activity. |
|
4. |
Expected net carbon removal benefit or the expected net soil emission reduction benefit generated by the activity. |
|
5. |
In case of a group of operators, description of how advisory services are provided to operators. |
|
6. |
In case of a group of operators implementing a carbon farming activity, description of the internal control system established by the group of operators in accordance with Article 12(1), point (d). |
(1) Regulation (EU) 2021/2116 of the European Parliament and of the Council of 2 December 2021 on the financing, management and monitoring of the common agricultural policy and repealing Regulation (EU) No 1306/2013 (OJ L 435, 6.12.2021, p. 187, ELI: http://data.europa.eu/eli/reg/2021/2116/oj).
ANNEX II
Standard template for the monitoring plan referred to in Article 3
The monitoring plan shall include at least the following sections:
|
1. |
Data and parameters to be monitored. |
|
2. |
Monitoring frequency. |
|
3. |
Emission sources and sinks. |
|
4. |
Data source. |
|
5. |
Measurement methods and procedures, including details on accuracy and calibration. |
|
6. |
Quality assessment or quality control procedures. |
|
7. |
Responsibility for collection and archiving. |
ANNEX III
Minimum content of certification audit and re-certification audit reports referred to in Article 3
1.
A summary of the audit report.
2.
Information on the operator:|
(a) |
contact information (name and address); for group certification, contact information of the group manager (name and address) and list of carbon farming activities under the scope of certification (name and address of the operators of the activity); |
|
(b) |
geographical locations of the activity or activities, including longitude and latitude coordinates; |
|
(c) |
scope of the certification and relevant certification methodology applied (including legal reference); |
|
(d) |
reference number of the activity plan and monitoring plan. |
3.
Information on the activity:|
(a) |
expected (for certification audit), verified (for recertification audit) amount of the permanent net carbon removal benefit, the temporary net carbon removal benefit or the net soil emission reduction benefit resulting from the activity; |
|
(b) |
sustainability co-benefits associated with the activity. |
4.
Information on the certification body:|
(a) |
contact information (name and address) and logo; |
|
(b) |
composition of the audit team; |
|
(c) |
national accreditation body and scope and date of accreditation, or national recognition authority and scope and date of recognition. |
5.
Information on the audit process:|
(a) |
date of the audit; |
|
(b) |
audit itinerary and duration (split by duration spent on-site and remotely, where relevant); |
|
(c) |
scheme standards audited/certified (including version number); |
|
(d) |
sites audited; |
|
(e) |
audit method (risk assessment and sampling basis, stakeholder consultation); |
|
(f) |
certification of other certification schemes or standards; |
|
(g) |
GHG data type. |
6.
Information on audit results:|
(a) |
the (unique) certificate number or code; |
|
(b) |
place and date of issuance of the audit report; |
|
(c) |
one of the following outcomes of the audit:
|
|
(d) |
stamp and/or signature of issuing party. |
ANNEX IV
Minimum information to be published by certification schemes on their website as provided for in Article 9
1.
Contact information of the scheme, including address and email address.
2.
Latest version of the scheme governance rules and procedures, including roles of all relevant bodies, details on the ownership structure, composition and experience of the Board of Directors, Secretariat and Technical committee, or equivalent, the list of participants in the scheme, complaint and appeal procedures, and guidelines for audits. The rules and procedure documents shall include a date and version number and, where applicable, summarise any changes made compared to the previous document version.
3.
Rules underlying the calculation of certification scheme participation fees referred to in Article 11(2), second sub-paragraph of Regulation (EU) 2024/3012.
4.
Annual operation report.
5.
Web link to the certification registry.
6.
Web link to the webpage describing the complaint submission and assessment procedures, including appeal procedures.
7.
Possible actions taken by the certification scheme as result of a complaint.
ANNEX V
Minimum information to be included in the annual operations report referred to in Article 9
1.
Evidence of compliance with Article 9(1).
2.
Market uptake of the scheme, the number and type of certified activities (categorised according to the applicable methodology), the amount, type and status of the certified units managed by the scheme, including for example whether they are issued, retired, expired, cancelled or allocated to a buffer, the end-use of the certified units and the types of entities that uses the certified units.
3.
Overview of the activities carried out by the certification scheme in cooperation with the certification bodies in order to improve the overall certification process and the qualification and independence of auditors, including a list of technical workshops or other types of activities that facilitate the exchange of experience, knowledge and best practices as regards the implementation of the applicable certification methodologies adopted in accordance with Regulation (EU) 2024/3012.
4.
Overview of the internal monitoring system and of its periodic review, including on oversight of the work of certification bodies and their auditors. This overview shall include a description of how the system effectively prevents fraudulent activities by ensuring timely detection, treatment and follow-up of suspected fraud and other irregularities and where appropriate, the number of cases of fraud or irregularities detected.
5.
Overview of the activities on stakeholder involvement, including through public consultations.
6.
Overview of the complaints received, as well as, where relevant, remedial measures or changes to the governance system necessary as part of the internal monitoring.
7.
Overview of identified cases of non-conformity by operators or certification bodies, the number and description of cases where fraud has been identified including an action plan for how to solve any complaint raised or non-conformity identified.
8.
Criteria and process for the appointment of certification bodies.
ELI: http://data.europa.eu/eli/reg_impl/2025/2358/oj
ISSN 1977-0677 (electronic edition)