The EU Deforestation Regulation (EUDR), officially adopted in June 2023, sets out stringent due diligence requirements for companies that placing certain commodities on the EU market or export them. The objective is clear: to ensure that products consumed within the EU are not linked to deforestation or forest degradation.

On 22 May 2025, the European Commission adopted an Implementing Regulation that classifies countries under the EUDR as low, standard, or high risk. This classification determines the level of due diligence that companies must undertake and defines their responsibilities regarding risk assessments and mitigation measures. You can find more information about the methodology (link) and access the full country classification (link).

In this post, we’re not going to debate the merits of the regulation or the logic behind the country rankings. Instead, we aim to highlight a frequently neglected but critical aspect: data usability.

When Regulators Get It Half Right

We commend the European Commission for doing something that many regulators still struggle with: not just prescribing a methodology but also publishing the actual risk classifications. This eliminates much of the guesswork companies encounter when trying to interpret ambiguous regulatory guidelines. There is no longer a need to determine which indicators to apply, how to address missing data, or where to set thresholds—the Commission did that work. (Ahem, take note EU CSDDD.)

However, despite the good intentions, the execution falls short.

A Masterclass in Unusable Data

The screenshot displayed above is from the Commission’s official webpage. It seems someone believed that requiring users to click 190 times — once for each country — was a  reasonable way to present critical regulatory information. Spoiler alert: it’s not. Expanding a country only shows a single line: “low risk”, “standard risk” or “high risk”. There’s absolutely no contextual data. No downloadable table. No structured format.

This type of user experience (UX) design would make any data professional cringe. It presumes that compliance officers, risk analysts, or developers will manually extract and reformat the data—often by copy-pasting it into spreadsheets. Worse still, the use of inconsistent country names (e.g., “Democratic Republic of Congo” vs. “Congo, DRC”) creates a head-banging migraine when trying to match this data with other datasets. The absence of ISO codes is a missed opportunity to eliminate confusion.

Even basic metadata is missing. Does the classification apply from the date of publication (22 May)? A time dimension would be essential for building a proper time series.

All of this could have been avoided by offering a simple downloadable CSV: Country Name / ISO Code / Date / Risk Classification. And yes, drop us a line if you’d like this spreadsheet—we’re happy to share.

Unfortunately, this is not an isolated case. The same usability problems apply to other EU data lists, including:

• Countries deemed to have adequate data protection standards
• High-risk third countries for AML/CFT purposes
• Non-cooperative tax jurisdictions
• And so on.

Why We Built CountryData.io

This brings us to the core reason we built CountryData.io (Link): to transform unstructured, hard-to-use regulatory information into clean, developer-friendly data products. Our platform helps organizations reduce compliance costs, streamline processes, and enhance analysis (Link).

To prove the point, we added the new EUDR classification data to CountryData.io in under an hour. Here’s how:

• We set up a new data source within the admin dashboard.
• Defined metadata: indicator name, description, and data type.
• Entered values as a categorical variable with three valid entries: low / standard / high risk.
• Our interface then enabled manual data entry without risk of typos or inconsistent formats.
• A second user verified the data before publishing.
• Once approved, the data became instantly accessible via API for seamless integration into internal systems or dashboards.

With just a few lines of code, any company can now access the entire EUDR classification dataset. Here’s a sample snippet showing how the data is returned.

Final Thoughts

We support the underlying goals of the EUDR and similar regulations: strengthening human rights, protecting workers, and promoting sustainability. But overly complex or poorly implemented rules place unnecessary burdens on companies.

There’s no excuse for regulatory data to be inaccessible or poorly structured. It’s a question of basic public service.

If you’d like to access the EUDR data via API, we’re offering it free of charge to any interested organization. Simply reach ouy.

Let’s turn regulation into something you can actually work with.