Why REACH SVHC Declarations from Suppliers Fail Compliance Checks and How to Validate Them

The declaration says "compliant." The audit says otherwise.

Every compliance manager has seen the same pattern. A supplier emails back a one-line confirmation, "No SVHC present above 0.1% w/w" — attached to a PDF certificate that's two years old, references an outdated Candidate List, and contains no substance-level material data. The compliance team files it. The product ships. Everything looks fine on paper.

Then a customer audit, an ECHA enforcement query, or a Forum-coordinated REACH-EN-FORCE inspection lands. Suddenly that one-line declaration becomes a regulatory liability — and the manufacturer carries the burden, not the supplier.

With the REACH Candidate List now at 253 SVHC entries following the February 4, 2026 update (which added n-Hexane and Bisphenol AF), and the Article 7(2) notification deadline for those new substances falling on August 4, 2026, the cost of trusting unverified supplier declarations has never been higher.

This article unpacks why supplier SVHC declarations routinely fail compliance checks, what regulators actually look for, and how to build a validation process that holds up under scrutiny.

Why supplier SVHC declarations fail, the five recurring failure modes

1. Declarations reference an outdated Candidate List

The Candidate List grows typically twice a year, though the schedule varies.. A supplier declaration issued in 2023 was accurate against the 235-entry list of that time — but it's silent on the 18 substances added since, including the February 2026 additions. Compliance teams that don't track the version of the Candidate List a declaration was made against will inherit hidden non-compliance the moment the list expands.

2. "No SVHC present" without substance-level data

The most common — and most dangerous — declaration is the blanket negative. Suppliers tick a box saying no SVHC is present above 0.1% w/w, but provide no Full Material Declaration (FMD), no CAS numbers, no substance composition. There's no way to verify the claim, and no way to re-evaluate it when the Candidate List changes. When the next SVHC update hits, the entire supplier base needs re-canvassing from scratch.

3. Wrong threshold interpretation (the article-vs-product trap)

Article 33 obligations apply at the article level — every component, every sub-assembly. Many suppliers calculate the 0.1% threshold against the total product weight (the "once an article, always an article" misreading), which dilutes the SVHC concentration mathematically and produces false negatives. The European Court of Justice settled this in 2015 (Case C-106/14), but supplier declarations still get it wrong routinely.

4. Stale or unsigned documents

Compliance certificates without an issue date, without a signatory, or without a clear scope statement are common. So are declarations that cover "this product family" rather than the specific part number on the BOM. Auditors treat these as unverifiable.

5. CAS numbers missing or mistyped

When substance data is present, it's frequently incomplete: CAS numbers omitted for group entries (the Bisphenol AF entry alone covers multiple related substances (including salts)), trade names used instead of IUPAC nomenclature, or typographical errors that prevent automated cross-referencing against the ECHA database.

What regulators actually check

A supplier sending you a declaration is one half of the chain. The other half — the half manufacturers control — is what compliance authorities scrutinize during an audit. Three things, in order:

1. Traceability of the claim. Can you show, for a specific part on a specific BOM, the substance-level material data underlying the "no SVHC" statement? A signed PDF is not traceability; a record of substance composition with CAS numbers is.
2. Currency of the assessment. Was the declaration evaluated against the current Candidate List, or a snapshot from when the supplier issued it? Regulators expect ongoing assessment, not point-in-time certificates.
3. Article 33 communication downstream. If an SVHC is present above 0.1% w/w, did you pass safe-use information down the chain within 45 days of a customer or consumer request? And did you submit the corresponding SCIP notification?

The pattern is consistent: regulators don't just check whether you have declarations. They check whether your declarations are defensible.

A validation framework that holds up under audit

Building trust in supplier declarations is less about chasing more PDFs and more about restructuring how the data is requested, stored, and re-evaluated. A defensible validation process has five layers:

Layer 1 — Request structured data, not free-form attestations. Move suppliers off PDF certificates and onto structured formats: Full Material Declarations (FMDs), IPC-1752A Class D, or industry-equivalent schemas. Free-form statements are unverifiable; structured substance data can be machine-validated.

Layer 2 — Validate at the substance level, not the certificate level. Every CAS number returned should be checked against the current Candidate List, against group entries (where one SVHC covers multiple substances), and against your own restricted substance list. A certificate is "valid" only if every substance it discloses passes substance-level checks.

Layer 3 — Pin every declaration to the Candidate List version it was assessed against. Store the declaration and the Candidate List version it was evaluated against. When the list updates, you can immediately identify which declarations need re-evaluation rather than blanket-resending requests to your entire supplier base.

Layer 4 — Roll declarations up to the BOM. A part-level SVHC presence calculation has to be aggregated against the full Bill of Materials, with the 0.1% w/w threshold applied at the article level. Without this, the supplier's "compliant" assessment can still produce a non-compliant finished product.

Layer 5 — Trigger automatic re-canvassing on Candidate List updates. When ECHA adds substances (as it did in February 2026), the system should automatically flag every supplier whose declaration didn't cover the new substances and re-issue requests with the deadline (Article 7(2): six months from inclusion, so August 4, 2026 for n-Hexane and BPAF).

A quick self-check for your current process

Before treating supplier declarations as "good enough," run them through these four questions:

• Currency: Was the declaration assessed against the Candidate List version published in the last six months?
• Granularity: Does it identify substances at the CAS-number level, not just "no SVHC present"?
• Scope: Does it cover the specific part number used in your BOM, not a generic product family?
• Aggregation: Has the 0.1% threshold been correctly applied at article level, not product level?

If any of those answers is "no" or "I'm not sure," the declaration is unlikely to survive an audit.

Where Regilient fits in

Manual SVHC validation across a multi-tier supplier base does not scale and increasingly, it doesn't pass audit either. Regilient's agentic sustainability platform automates the parts of this workflow that humans can't keep up with at the rate the Candidate List is changing:

• Automated supplier declaration validation at substance and CAS-number level, against the current Candidate List and group entries
• Continuous re-evaluation when ECHA updates the Candidate List, with automatic identification of affected suppliers and parts
• BOM-level aggregation that applies the 0.1% w/w threshold at the article level, not the product level
• Audit-ready evidence trails that pin every declaration to the regulatory version it was assessed against

The February 2026 update brought the Candidate List to 253 entries. By the time you finish this quarter's supplier outreach, the next update will already be on the way. The compliance teams that stay ahead are the ones that stop validating declarations one PDF at a time.

Book a demo to see how agentic SVHC validation works against your own supplier base, BOM, and the latest Candidate List.

Regilient provides agentic sustainability software for product compliance, supplier engagement, and regulatory intelligence across REACH, RoHS, PFAS, CMRT, SCIP, and global chemical regulations.