Compliance Assessment

A compliance score built from your actual data

The compliance assessment does not ask you to tick boxes. The AI queries your real product records, supplier mappings, data request statuses, QR codes, and published sites to calculate a data-driven readiness score. Every metric in the report is derived from what you have actually done on the platform. Nothing is guessed. Nothing is self-reported.

8 stages, scored from 0 to 100%

The AI evaluates your organisation across the complete DPP implementation journey. Company profile completeness — business identity, GLN, VAT, EORI. Product catalogue coverage — GTINs, physical attributes, GS1 GPC classification. Supplier registry quality — contact details, categorisation. Product-supplier mapping depth. Supplier data collection status — response rates, extracted data completeness. QR code generation coverage. DPP site publishing status. And overall launch readiness with a timeline estimate.

Each stage gets a percentage and a status: not started, in progress, or completed.

Gap analysis that names names

The report does not say “some products are missing data.” It says “Product ‘Navy Puffer Jacket’ (SKU PJ-001) has composition data but is missing Scope 3 carbon emissions from supplier ‘Fabric Co.’” Every gap references a specific product, supplier, or data point. Every recommendation references the specific platform module you need to address it.

The score updates as you work

Import 50 products with GTINs — your Product Catalogue score jumps. A supplier uploads their ISO 14001 certificate — Supplier Data Collection improves. This creates a feedback loop where every action has a visible, immediate impact on your compliance readiness. The assessment includes prioritised next steps, three actionable follow-up prompts, and a weighted overall score. When the EU central registry standards are finalised (the prEN 1821X series, expected late 2025 to early 2026), registry publishing will appear as a one-click step. Your data is already in the right format.

What makes a data-driven compliance assessment different from a checklist?

Most DPP readiness tools ask you to self-report. You tick a box that says “product data collected” and the tool trusts you. The problem is obvious: self-reported checklists tell you what you think you have done, not what you have actually done. Gaps are invisible until an auditor finds them.

Aura’s compliance assessment works differently. The AI has direct access to your platform data through a dedicated compliance tool. It queries your actual product records, counts your GTINs, checks your supplier mappings, inspects data request response rates, verifies QR code generation, and confirms whether DPP sites are published. Every percentage in the report is calculated from real data, not from your memory of what you uploaded last month.

This approach catches the gaps that self-reporting misses. A product imported without a GTIN. A supplier who was onboarded but never categorised. A data request that was sent but never answered. The assessment surfaces all of it, with specific product names, SKUs, and supplier identifiers.

What are the 8 stages of DPP compliance readiness?

The assessment evaluates your organisation across the complete Digital Product Passport implementation journey. Each stage maps to a specific capability in the Aura platform:

1. Company Profile — Is your business identity complete? Legal entity name, GLN (Global Location Number), VAT number, EORI number, registered address. Missing identifiers delay registry submission when the EU central registry goes live.

2. Product Catalogue — Are your products loaded with GTINs, physical attributes, and GS1 GPC classification? The AI checks every product individually and flags those missing required fields.

3. Supplier Registry — Are your suppliers imported with contact details and categorised by what they manufacture? Uncategorised suppliers cannot be matched to products.

4. Product-Supplier Mapping — Are your products mapped to their suppliers? The AI checks coverage and confidence scores, flagging unmapped products by name.

5. Supplier Data Collection — Have data requests been sent? What is the response rate? Are extracted data fields complete? This stage tracks pending, in-progress, and completed requests.

6. QR Code Generation — Do your products with GTINs have GS1 Digital Link QR codes generated and linked to the resolver?

7. Site Publishing — Are your DPP consumer pages created, deployed, and live?

8. Launch Readiness — The AI calculates an overall weighted score, estimates time to full compliance based on your current progress rate, and identifies the highest-impact actions remaining.

For a broader view of what data the DPP requires, see our post on DPP data requirements explained.

How does the gap analysis identify specific problems?

The gap analysis is granular by design. Instead of reporting “65% of products have complete data,” it tells you exactly which products are incomplete and what they are missing. Examples of the level of detail:

• “Product ‘Classic T-Shirt’ (SKU TS-001) is missing a GTIN identifier”
• “Supplier ‘Milano Textiles’ has been imported but has no email address — data requests cannot be sent”
• “8 of 15 supplier data requests are still pending after 14 days”
• “Product ‘Navy Puffer Jacket’ (SKU PJ-001) has composition data but is missing Scope 3 carbon emissions from supplier ‘Fabric Co’”
• “23 products have GTINs but no QR codes generated”

Each gap includes a recommendation pointing to the specific Aura module where you can fix it. “Assign a GTIN in the product editor” or “Resend the data request from the supplier management section.”

This specificity matters because DPP compliance is not binary. You do not go from non-compliant to compliant in a single step. You close gaps incrementally, and the assessment shows you which gaps have the highest impact on your overall readiness.

How can I use the compliance assessment to prepare for ESPR deadlines?

The ESPR introduces DPP requirements on a rolling schedule. Batteries are first (February 2027), followed by textiles and apparel (delegated acts expected late 2026 to early 2027), with additional product categories phased in through 2030. The compliance assessment helps you plan against these deadlines in several ways.

Baseline your current state. Run the assessment today to establish where you stand. If your Product Catalogue stage is at 40% and you have 18 months until your category’s deadline, you know the gap and can plan resources.

Track progress over time. Re-run the assessment after each sprint of data collection. The scores update instantly — upload 200 GTINs and watch the Product Catalogue stage jump. This gives project sponsors visible, quantified progress reports.

Prioritise high-impact actions. The assessment ranks its recommendations by impact. If 80% of your compliance gaps come from missing supplier data, you know to focus on the supplier data collection workflow rather than spending time on site design.

Estimate time to readiness. The Launch Readiness stage includes a timeline estimate based on your current progress rate. If you have been closing gaps at a rate of 5% per week, the AI extrapolates when you will reach full readiness.

For a broader perspective on preparation, see our guide on how to prepare for DPP compliance.

How Aura helps

Compliance assessment is built into the platform, not bolted on as a separate audit step. Because Aura manages your product data, supplier relationships, QR codes, and DPP pages in one system, the compliance AI has direct visibility into every stage of your implementation.

There is no data export, no separate assessment tool, no consultant needed to interpret the results. The assessment runs in seconds, produces a specific and actionable report, and links every recommendation to the platform module where you can act on it immediately.

Most importantly, the assessment is continuous. It is not a point-in-time audit that goes stale the day after it is produced. Your compliance score is a live metric that reflects your real state. Use it as a project management dashboard, an executive reporting tool, and a prioritisation engine — all in one.

Frequently asked questions

How often should I run the compliance assessment?

The assessment uses live data, so it is always current. Run it as often as you like — after a batch product import, after suppliers respond to data requests, or weekly as part of your compliance project cadence. There is no cost or limit on assessments.

Can I share the compliance report with stakeholders?

Yes. The compliance report includes a summary table, per-stage breakdown, and prioritised recommendations that are suitable for executive review. You can export the report as a formatted document via the AI research assistant for sharing with legal teams, auditors, or board members.

Does the assessment cover the EU central registry requirement?

The ESPR mandates that DPPs will be registered in a centralised EU registry. The technical standards defining how this works (the prEN 1821X series from CEN/CENELEC) are still being finalised. The compliance assessment includes registry readiness as a future milestone. When the standards are published, registry submission will appear as a step in the assessment automatically.

What compliance score do I need to be “ready”?

There is no regulatory threshold — the ESPR requires that a DPP exists and contains the mandated data, not that you achieve a specific score. However, a score above 90% across all stages indicates that your product data, supplier data, QR codes, and DPP pages are substantially complete. The gap analysis at any score level tells you exactly what remains.