CBAM Reporting Software for Cement and Steel in 2026

A mid-sized Polish precast manufacturer importing Turkish clinker filed its first CBAM quarterly report in Q1 2024 using the European Commission default values and a spreadsheet built by a junior cost engineer. It took two afternoons. In Q1 2026 that same shipment now requires verified supplier emissions, a CBAM declarant authorization issued by the national competent authority, a registry submission through the CBAM Registry API, and certificates surrendered at the EU ETS-linked price. The spreadsheet did not survive the transition.

The transitional phase of the Carbon Border Adjustment Mechanism ended on 31 December 2025. From 1 January 2026, CBAM is in its definitive financial phase under Regulation (EU) 2023/956. For construction firms importing cement, steel, aluminum, and fertilizers from outside the EU, this is the year where the rules change from quarterly disclosure to certificate purchase. The software stack that produced the transitional report does not produce the definitive one.

This post is for finance, sustainability, and IT leads at construction companies, precast manufacturers, and steel fabricators scoping their CBAM software build for 2026 and beyond. It assumes familiarity with the basic mechanics of CBAM and goes deeper into the implementation choices that decide whether quarterly reporting takes a week or a quarter.

What changed on 1 January 2026 and why default values stop working

During the transitional phase (October 2023 to December 2025), importers could use Commission default values for embedded emissions when supplier data was unavailable. The default values were intentionally conservative (set above typical actual values for most third-country producers) to incentivize the move to verified actuals.

From 1 January 2026, three things changed simultaneously:

1. Default values are no longer freely usable. Importers must report verified actual embedded emissions, with limited exceptions (e.g. emissions from a specific production route where the supplier genuinely cannot calculate or refuses to provide data). Even in exception cases, the importer must demonstrate reasonable efforts to obtain actual data.
2. CBAM certificates must be purchased and surrendered. Each tonne of embedded CO2 (and CO2 equivalent) above the free allocation under EU ETS triggers a certificate obligation. Certificates are priced at the average weekly EU ETS auction price.
3. Authorized CBAM declarant status is required. From 1 January 2026 only authorized CBAM declarants can import in-scope goods. Authorization is issued by the national competent authority after a financial standing and good repute check.

The February 2025 Omnibus simplification raised the de minimis to 50 tonnes of imported goods per year per importer. This exempts roughly 99% of importers from CBAM while still capturing approximately 99% of embedded emissions, because the largest importers (the volume tail) is concentrated in a small number of firms. For mid-size construction businesses, the practical effect is: a precaster importing 200 tonnes of clinker per year is in scope. A small builder buying 10 tonnes of imported rebar from a UK merchant is not.

CBAM Registry API and the declarant authorization workflow

The CBAM Registry, operated by the European Commission, is the single mandatory submission portal. National Competent Authorities (NCAs) authorize CBAM declarants and oversee compliance. Authorization is per-legal-entity, not per-shipment, and requires:

• Tax registration in the member state
• EORI number
• Demonstrated financial standing (a guarantee may be required for new authorizations)
• A representative if the importer is established outside the EU

The application is handled through the national customs portal of the member state of establishment. Most member states route it through their existing EORI/AEO platform.

After authorization, the CBAM Registry exposes APIs and a web UI for quarterly declarations (for transitional period legacy submissions) and annual declarations (for the definitive period). The relevant API surfaces:

• Declaration submission: structured XML or JSON payload listing each consignment, CN code, supplier installation, and embedded emissions.
• Certificate transactions: purchase, holding, surrender, repurchase.
• Verifier interactions: upload of verifier reports per Implementing Regulation (EU) 2023/1773.

The first practical engineering challenge is that the CBAM Registry uses an authentication model bound to member-state customs portals. Building an integration that talks to Polish customs is not the same as building one that talks to German customs, even though both are submitting to the same EU registry. Multi-member-state importers typically end up with one integration per establishment.

Mapping CN codes to your supplier emissions data

CBAM scope is defined by Combined Nomenclature (CN) codes listed in Annex I of Regulation (EU) 2023/956. For construction, the operationally relevant codes:

• Cement: CN 2523 10 00 (clinker), CN 2523 21 00 (white Portland), CN 2523 29 00 (other Portland), CN 2523 30 00 (aluminous cement), CN 2523 90 00 (other hydraulic cements).
• Iron and steel: CN chapter 72 (raw steel) and selected chapter 73 codes (downstream products like rebar, structural sections, sheet piling).
• Aluminum: CN chapter 76, particularly construction-relevant downstream codes (extrusions, sheet).

Each CN code has its own product-level emissions intensity benchmark and free allocation rate under EU ETS. The CBAM certificate obligation is calculated per-tonne-per-CN-code, then aggregated.

Two data engineering problems show up immediately:

1. The ERP’s CN code mapping is often stale. Cement formulations evolve; a customs broker may have reclassified a product without updating the ERP item master. A monthly reconciliation between the ERP item master, the customs broker classifications, and the actual import documents catches drift early.
2. Supplier emissions data is heterogeneous. Some Turkish steel mills supply ISO 14064-verified emissions per heat. Some Indian aluminum smelters supply a single annual average. Some Chinese clinker producers refuse to supply anything. The CBAM data pipeline must accept all three and route them differently (verified actual, supplier-supplied unverified, default value with exception justification).

The World Business Council for Sustainable Development PACT (Partnership for Carbon Transparency) data model is the emerging standard for supplier emissions exchange. A few large suppliers already emit PACT-conformant carbon footprint data. Most do not. The pragmatic approach in 2026 is a supplier portal that accepts PACT format, a CSV upload fallback, and a manual entry path for the long tail.

Build vs buy: SAP Green Ledger, Carbmee, Plan A vs custom on top of your ERP

The vendor landscape for CBAM-and-ESG software has consolidated in the past 18 months:

• SAP Green Ledger / Sustainability Footprint Management. Native to S/4HANA, deep integration with MM (Materials Management) for shipment-level emissions data. Heavy lift to deploy if SAP is not already the operational ERP; relatively low marginal cost if it is.
• Carbmee. Berlin-based, CBAM-specific module with the Registry API integration built. Strong supplier engagement tooling. Mid-market price point.
• Plan A. Berlin-based, broader ESG and CSRD coverage, with a CBAM module. Better fit when CBAM is one of several sustainability reporting streams.
• Tanso. German specialist for industrial emissions accounting with CBAM and CSRD coverage.
• CBAMEase, CarbonChain, Inverto for CBAM, and several smaller niche players. Most are competitive on price and CBAM-specific feature depth.

For construction firms with EUR 50 million to EUR 500 million revenue, a packaged CBAM module typically costs EUR 25,000 to EUR 120,000 per year, with implementation 8 to 16 weeks. A custom build, in contrast, is typically a 20 to 40 week engineering effort plus ongoing maintenance. The build option only pays off when CBAM is one of many sustainability data flows that share infrastructure (CSRD ESRS E1, EU Taxonomy, GHG Protocol Scope 3 reporting), and when in-house engineering is genuinely available.

The honest framing: if your team has built three integrations to a customs broker, an ERP, and a CBAM Registry before, you can build it. If you have not, buying is faster and cheaper in 2026.

Supplier portal architecture for collecting verified embedded emissions

The supplier portal is the part of the stack that most teams underbuild. It is also the part that decides whether actual-emissions reporting at scale is possible.

A working supplier portal has the following components:

• Authenticated supplier accounts with role-based access (data preparer, approver, verifier).
• Product master, mapped to the buyer’s CN code list, with each product carrying mass-balance allocation rules.
• Installation data: each supplier site with its production routes, energy mix, and any electricity contracts with guarantees of origin.
• Quarterly or shipment-level emissions submission in PACT format or a CBAM-aligned CSV template.
• Verifier upload: the supplier or its verifier uploads the verifier opinion and the underlying data per Implementing Regulation (EU) 2023/1773.
• Bilateral query workflow so the importer can ask clarifying questions and lock the data set for a reporting period.
• Versioning: every change creates a new immutable record. The CBAM submission and the GL posting reference a specific version.

Building this once for one supplier base is fairly straightforward. The difficulty is supplier onboarding. Most Turkish, Indian, Chinese, and Egyptian producers will not log into your portal voluntarily. Onboarding is a commercial conversation tied to renewal of supply contracts. Construction firms that started this conversation in 2024 are ahead; those that have not are now paying default-value rates while they catch up.

Audit trail and verifier handoff under Implementing Regulation 2023/1773

The verifier opinion is the artifact that converts a supplier emissions claim into a CBAM-acceptable verified actual. Under Implementing Regulation (EU) 2023/1773:

• Verification must be done by an accredited verifier (typically under ISO 14065).
• The verifier opinion follows a defined structure: scope, methodology, materiality threshold, findings, conclusion.
• The verifier opinion is uploaded to the CBAM Registry as a supporting document.
• The importer retains evidence for a defined period and presents it on request during NCA audits.

The software implication: every emissions value used in a CBAM declaration must carry a backreference to its verification source. When the auditor asks where a specific clinker shipment’s emissions number came from, the answer is a chain: declaration line, supplier production batch, verifier opinion, supplier audit trail. Without that chain, the importer takes the risk on its own.

Cost model: certificates, software, and internal compliance headcount

A realistic CBAM cost stack for a mid-size importer in 2026:

• Certificates: typically 70 to 90% of total CBAM cost. A Polish precaster importing 50,000 tonnes of clinker per year with embedded emissions of 0.8 tCO2 per tonne and an EU ETS price of EUR 80 per tCO2 sees a certificate cost of approximately EUR 3.2 million per year, less free allocation adjustments.
• Software: EUR 25,000 to EUR 120,000 per year for a packaged solution, plus integration cost amortized over 3 to 5 years.
• Internal compliance headcount: 0.5 to 2 full-time equivalents depending on portfolio complexity and supplier diversity.
• Verifier fees (where the importer commissions verification directly rather than relying on supplier-side verifiers): EUR 5,000 to EUR 50,000 per installation per year.

The penalty exposure is real but manageable: under Article 26 of the regulation, the penalty for missing CBAM certificates is the same penalty applied under the EU ETS to operators exceeding allocations, currently approximately EUR 100 per tonne of unreported embedded emissions, plus the obligation to surrender the missing certificates retroactively.

A practical 2026 priority list for a construction firm now in definitive-phase compliance:

1. Confirm authorized CBAM declarant status is granted and live in each member state of establishment.
2. Audit supplier coverage. For each in-scope supplier, classify into verified actual, supplier-supplied unverified, or default-value-with-exception. The goal in 2026 is to halve the third category by 2027.
3. Lock the data pipeline. ERP item master to customs broker classification to CBAM module, with monthly reconciliation.
4. Build the certificate purchase governance: who approves, on what schedule, at what price tolerance. Letting this slip means buying certificates at the worst price every quarter.
5. Rehearse the NCA audit. Pull a quarter’s declaration and walk it backward to source evidence. Identify where the chain breaks.

CBAM is no longer the future tense. It is the operating tax on imported emissions for EU construction supply chains. The firms that treat the supplier portal, the registry integration, and the certificate governance as production systems are spending two thirds less per tonne of CBAM compliance than peers still running on spreadsheets.