Trusted by exporters across Brazil

The compliance layer for global trade

SurTrace is the traceability infrastructure that exporters, processors, and cooperatives use to meet EUDR, ANVISA, and ESG requirements — without rebuilding the systems they already run.

Book a briefingExplore the platform
Dec 2025EUDR enforcement
5,000+Affected exporters
€ 7.3BCoffee + cocoa to EU
AutomatedDDS generation

The ecosystem we work with

GS1 EPCIS 2.0MapBiomasPRODES / INPEIBAMAFUNAISEFAZ NF-eEU IS

The opportunity, quantified

A regulatory storm is reshaping agricultural trade

Four regulatory forces converging simultaneously. Brazil is the epicenter — and the largest exposure.

€ 4.2B
Coffee to EUAnnual Brazilian exports at risk without EUDR
€ 3.1B
Cocoa to EUPlus soja, carne, madeira, borracha
R$ 85k
Cost per blocked containerFines + storage + lost price window
60–70%
Cheaper than alternativesThanks to NF-e native integration

Industries we serve

Two verticals live, two on the roadmap

We build depth before breadth: live EUDR coverage for soy and coffee/cocoa today; beef and pharma ship once the first design partner in each vertical is onboarded.

🌾

Soy, sugar & oilseeds

Traders and cooperatives exporting to the EU face EUDR enforcement as of December 2025. We automate due diligence across thousands of smallholder suppliers.

  • Automated PRODES + MapBiomas + IBAMA + FUNAI verification
  • WhatsApp supplier onboarding (field app in roadmap)
  • DDS generated and submitted to EU IS sandbox
  • Audit-ready lot-level evidence

Coffee & cocoa

Blends from 30–200 origins create a due diligence nightmare. We track each contributing property and compute proportional EUDR scores automatically.

  • GPS polygon capture via WhatsApp
  • Rainforest Alliance / 4C / UTZ certificate linking
  • Proportional blend composition in EPCIS
  • Per-property EUDR score with biome risk weighting
🐂

Beef & protein (coming)

Planned coverage for frigoríficos exporting to EU, US, and Japan: SISBOV, CAR, GTA, and abate reconciliation per lot. Active with our first bovine design partner.

  • SISBOV event mapping (planned)
  • GTA ingestion via state API (planned)
  • EPCIS TransformationEvent at slaughter (ready)
  • Blend EUDR score for multi-origin carcasses (ready)
💊

Pharma (coming)

Planned coverage for ANVISA RDC 657/2022: serialization of controlled medications from manufacturer to patient. Activated when our first pharma design partner onboards.

  • GS1 DataMatrix generation (ready)
  • SCTM payload format (ready; live integration pending)
  • Transfer event tracking (ready)
  • Recall mapping (MVP; SLA target in M2)
We went from 4 days of manual evidence-gathering per DDS to 2 hours — automatically, on every invoice. Our EU customs rejection rate dropped from 8% to below 0.5%.
C
Chief Compliance OfficerMid-sized meat exporter (MT) · Design Partner · 850 suppliers

Why SurTrace

Compliance without the complexity

📋

EUDR Due Diligence

compliance

Five-step verification pipeline covering polygon geometry, PRODES alerts, IBAMA embargos, FUNAI indigenous lands, and MapBiomas land-cover. DDS submission to EU IS sandbox live with design partners.

🌱

ESG Reporting (Q3 2026)

esg

Scope 3 Category 1 emissions per lot, biome and UF. Data model in place; emission-factor library and CDP/GRI export ship with our M2 milestone.

🔒

Cryptographic integrity

security

SHA-256 hash chain at the event level. Every record is tamper-evident and auditor-ready from day one.

🤝

ERP-friendly

standard

Native integrations for TOTVS Protheus, SAP B1, and Sankhya. REST API + Webhooks for anything else.

⚖️

Regulatory updates

compliance

As EUDR, ANVISA, SISBOV and LGPD evolve, our platform updates. Your compliance team doesn't babysit the changes.

🔎

Audit-ready trails

Every event immutable, every decision logged. Regulators and auditors query the data directly with their credentials.

Our thesis

Brazil has a unique infrastructure advantage. We built on it.

The NF-e system — 3 billion invoices per year, 18 years in production — is the largest structured commercial dataset in the world. No one has systematically connected it to product traceability.

SurTrace does. We transform fiscal data into verifiable EPCIS 2.0 events, automate EUDR due diligence, and generate audit-ready compliance artifacts — at a fraction of what consultants and legacy platforms charge.

Our approach is modeled on HashiCorp and Elastic: open-source frameworks build credibility with engineers, and the SaaS monetizes operational convenience. Ask us about our GitHub.

2026Founded
BrazilHeadquartered
EU · BRMarkets
API-firstArchitecture
Open-sourceFrameworks
NF-e nativeData layer

The SurTrace Series

The technical books behind the platform

Seven volumes documenting the traceability playbook we operationalise in SurTrace — from the supply chain maturity model to EUDR pipelines and the Scope 3 calculator. Used by architects and compliance leads evaluating our approach.

Vol. 1strategy

Fundamentals & STMM

The 5×5 maturity matrix, invisible-cost audit, and 90-day pilot playbook.

Vol. 3regulation

Compliance Engineering

EUDR, ANVISA RDC 657, SISBOV, FSMA 204 end-to-end — the same chapters we implemented into SORS.

Vol. 4engineering

Technical Implementation

Async EUDR pipelines, ERP batch ingestion, observability, graph databases. Python/Celery reference stack; SORS implements the same patterns in Java/Spring.

Vol. 5commercial

Go-to-Market

Pricing, partner enablement, MEDDIC-anchored sales playbook. For founders and heads of traceability-as-a-service products.

Vol. 6outlook

The Future of Traceability

DPP, IoT cold chain, ISSB S2 / CDP alignment, 12-month roadmap, cross-sector case studies.

Vol. 2architecture

Supply Chain Data Architecture

GS1, EPCIS 2.0, NF-e ingestion, master data, and the traceability graph model (DAG + CTE vs Cypher).

Request the series →Free for design partners · Chapters released incrementally · 6 volumes + 5 operational quickstarts

Common questions

From procurement and compliance teams

How long does implementation take?
For a mid-sized exporter with an existing ERP, typical go-live is 4–8 weeks. The first 30 days cover supplier onboarding and data integration; the next 30 validate compliance outputs against your pilot lots.
Do you replace our existing systems?
No. SurTrace is explicitly a trust layer, not a system of record for operations. Your ERP remains the source of truth for transactions; we ingest what it produces and add verifiable traceability and compliance on top.
What about data residency and LGPD?
All Brazilian tenants run on São Paulo region. We are LGPD-compliant by default, with a data export module that lets any tenant extract their complete data set under Art. 18. ISO 27001 alignment is part of the roadmap for 2026.
How do you handle smallholder suppliers?
Four onboarding channels planned; today three are live: direct REST API, supplier portal, and a WhatsApp intake that extracts CAR, CNPJ/CPF, and GPS from free-text messages and routes them into a human-review queue. The in-person field app is on the roadmap — we do not claim it works offline yet.
What happens when we trigger a recall?
Executing a recall in SORS flips every affected lot to status RECALLED, generates an iText PDF notice filed as a tagged EvidenceGroup, dispatches a signed recall.executed webhook to every connected tenant with the 'recall' scope, and writes durable outbox entries for MAPA and ANVISA. Forward + backward graph traversal on the lot ledger lets you query 'what else is at risk?' in milliseconds.
How are DDS submissions audited?
Every EU IS / TRACES NT submission is written to dds_submission_audit with an idempotency key (tenant + lot + payload hash), the HTTP status returned, request and response bodies in JSONB, and per-attempt timestamps. A 5-minute polling job reconciles PENDING and SUBMITTED states to the final ACCEPTED or REJECTED outcome. GET /api/v1/dds/audit/{lotId} exposes the full attempt history for regulators.

Let's map your compliance posture.

A 45-minute briefing with our team. We'll show you where your current process would fail EUDR — and what it would take to fix it.

Book a briefingSee the platform

Contact

Talk to our team directly

We respond within one business day.

hello@surtrace.com