Contact: +91 99725 24322 |
Menu
Menu
Quick summary: Importing timber into Australia? Learn which documents you need, ICP due diligence requirements under the 2025 rules, and how to fix the compliance gaps DAFF auditors find most.
To import timber into Australia, you need a documented Import Compliance Program (ICP) a written due diligence system under the Illegal Logging Prohibition Act 2012. At minimum, this requires: a risk assessment for each shipment, species, and origin verification, chain-of-custody records from your supplier, and a customs declaration. New rules in effect since 3 March 2025 have strengthened these obligations significantly.
Here’s a scenario that plays out more often than you’d think: an Australian timber importer receives a Requirement to Give Information notice from DAFF. They have their invoices. They have their bills of lading. What they don’t have is a written due diligence system with documented risk assessments for each shipment. The audit fails.
This isn’t a fringe case. Over several years of compliance assessments, DAFF found that around 60% of importers assessed were non-compliant with some or all of their due diligence obligations (DAFF Statutory Review, 2024). And since March 2025, the rules have gotten harder, not easier.
This article breaks down exactly what documents you need to import timber into Australia, what a compliant ICP actually looks like, the real compliance challenges that trip importers up, and what the smartest operators are doing to stay audit-ready without drowning in paperwork.
An Import Compliance Program, commonly called an ICP, is the documented due diligence system you’re legally required to maintain under the Illegal Logging Prohibition Act 2012 (as amended). It’s not a one-time document submission. It’s an active, ongoing system that must be applied to every regulated timber product shipment you bring into Australia.
The ICP must demonstrate that you’ve taken reasonable steps to minimise the risk of importing timber that was illegally harvested in its country of origin. The depth of those steps depends on your risk assessment findings, which vary by source country, species, supplier, and certification status.
Any person or business that imports regulated timber products into Australia is legally required to maintain an ICP. ‘Regulated timber products’ covers wood, pulp, and paper products defined by their Harmonized System (HS) tariff codes under Section 5 of the Illegal Logging Prohibition Rules 2024. This includes sawn timber, plywood, veneer, moulding, joinery products, and more.
Note: The ban on importing illegally logged timber applies to ALL timber products, regulated or not. ICP obligations, however, specifically apply to the regulated list.
A compliant ICP is a written document that describes your system for identifying, assessing, and mitigating the risk of illegal logging in your supply chain. DAFF inspectors will ask for it if you’re selected for an audit. It must cover: your information-gathering process, your risk assessment methodology, your mitigation steps, and how you keep records. Generic templates won’t cut it DAFF has found that vague, non-specific systems frequently fail audits.
Getting timber through Australian border control requires two layers of documentation: standard commercial shipping documents and due diligence documents under the Illegal Logging Prohibition Act. Here’s what you need for every regulated shipment:
| 60% of timber importers assessed found non-compliant (DAFF) | 25% of tested products were inconsistent with the declared species/origin | $165K max fine per offence under 2025 rules (+ up to 5 yrs imprisonment) |
1. Written Due Diligence System (ICP) – Your documented process for risk assessment and mitigation. DAFF’s number one audit request. Must be product- and supplier-specific, not a generic template.
2. Risk Assessment Records – Per-shipment documentation showing how you assessed the risk of illegal logging. Under the 2025 rules, the pathway depends on whether your timber is certified or non-certified.
3. Risk Mitigation Documentation – Evidence of what steps you took to reduce identified risks e.g., requesting additional supplier documents, seeking third-party verification, or obtaining certification.
4. Chain of Custody / Supplier Records – Species name (common and scientific), country of harvest, volume, supplier details, and evidence of legal harvest (licences, permits, or certification documents from the country of origin).
5. Phytosanitary Certificate – Issued by the National Plant Protection Organisation (NPPO) of the exporting country. Required for solid wood products to certify freedom from pests and diseases.
6. Treatment Certificate – Proof of required treatment heat treatment (HT) or methyl bromide fumigation as mandated by DAFF’s BICON (Biosecurity Import Conditions) system for specific products.
7. Customs Declaration – Each time you import a regulated timber product, you’re legally required to declare whether you’ve complied with your due diligence requirements. An e-declaration system is being developed by DAFF and will be mandatory once live.
Additional documents for specific circumstances: Import Permit (via BICON) for CITES-listed or restricted species | CITES permits for endangered species | Manufacturer’s Declaration on species and origin for processed products. Always check BICON before each shipment as conditions change.
Don’t risk non-compliance under AILPA. Discover the exact due diligence steps required to legally import timber.
Most compliance failures aren’t the result of bad intentions. They’re the result of operational blind spots things that look manageable on paper but break down fast in practice. Here are the four challenges that cause the most ICP failures, based on DAFF audit findings and industry experience.
This is the one most importers underestimate. In DAFF’s 2024 scientific timber testing trial, approximately 25% of tested products were inconsistent with their declared species and/or origin (PwC, 2025). One in four products. That’s not a rounding error, it’s a structural problem in the global timber trade.
Species substitution and origin falsification frequently occur in processing hubs like China and Vietnam, where raw timber from high-risk origins (Indonesia, Malaysia, parts of Africa, and Latin America) is processed and re-exported with documentation that obscures the original source. If your supplier’s paperwork looks clean but the species doesn’t match, you bear the compliance liability.
Complex supply chains are a recognised high-risk category under DAFF’s compliance framework. Each additional processing step between harvest and import represents another point where illegally logged timber can enter a product without detection. Sawn timber sourced through third-country processors is now one of DAFF’s primary audit targets.
For importers sourcing from multiple countries or through intermediaries, gathering credible, verifiable information about the actual harvest location and species becomes enormously difficult, especially when suppliers lack formal documentation systems.
An ICP isn’t set-and-forget. Under the 2025 rules, you must apply your due diligence system to every regulated shipment and keep records that demonstrate how it was applied, including risk assessments, the information gathered, and any mitigation steps taken. If DAFF requests a compliance assessment and you can’t produce shipment-specific records, your ICP fails regardless of how good your written system looks.
Many operators keep records in spreadsheets and email chains. When an audit notice arrives, reconstructing the paper trail for a specific shipment from six months ago becomes a crisis. This is where most non-compliance findings actually originate not from intentional wrongdoing, but from inadequate record management.
The 2025 rules replaced three risk assessment methods with two distinct pathways based on certification status. Certified timber (FSC, PEFC) follows a streamlined pathway with reduced documentation requirements. Non-certified timber requires a full risk assessment covering country-level risk, operator-level risk, and product-level risk, including verifying harvest legality through supplier documentation.
The problem? Not all certification claims are equal. DAFF has found cases where certified product designations were inaccurate. If you accept certification documentation at face value without verifying its validity through the issuing body, you may be applying the wrong due diligence pathway and failing your ICP without knowing it.
| Category | ICP Challenge Frequency |
|---|---|
| No written DDS / ICP system | 65% |
| Missing shipment-level records | 58% |
| Inadequate risk assessment | 52% |
| Species / origin not verified | 44% |
| Supplier info gaps | 38% |
| Source: DAFF Statutory Review 2024, PwC Timber Trade Analysis 2025 | |
Explore the biggest challenges timber importers face today. Understand the risks, complexities, and compliance hurdles shaping global timber trade.
Effective 3 March 2025, the grace period is over.
The Illegal Logging Prohibition Rules 2024 replaced the former Regulation. The six-month education-focused transition period concluded in September 2025. DAFF is now conducting full enforcement assessments.
Here’s what changed and why it matters for every timber importer operating in Australia:
Two due diligence pathways replace three risk methods: The old Country Specific Guidelines / Timber Legality Frameworks / Regulated Risk Factors approach is gone. You now follow either the certified pathway or the non-certified pathway, depending on your product’s certification status.
Repeat due diligence exception (12-month window): If you import the same timber product from the same supplier within 12 months and nothing material has changed, you can rely on your previous risk assessment. This reduces administrative burden for established supply chains.
Timber testing powers activated: DAFF can now take, test, and analyse samples of timber products using scientific techniques to verify declared species and origin. The 2024 trial found 25% of tested products inconsistent with their declarations. Expect this capability to expand.
Pre-import notification requirement (incoming): A requirement to notify DAFF before importing, providing species, harvest location, and other key data via e-declaration is legislated but not yet implemented pending new IT systems. Once live, this becomes a mandatory step for every shipment.
Strengthened enforcement options: DAFF now has injunctions, enforceable undertakings, and the ability to publish non-compliance cases publicly. Penalties include fines up to $165,000 and up to five years imprisonment for fault-based offences.
Understand how to achieve full compliance with Australia’s Illegal Logging Prohibition Act. Learn the steps required to legally import timber into Australia.
The single biggest change in the 2025 rules is the shift to a certification-based pathway system. The pathway you take determines how much documentation you need and what your risk assessment must cover. Here’s the breakdown:
| Factor | Certified Pathway (FSC / PEFC) | Non-Certified Pathway |
|---|---|---|
| Applies when | Product bears a valid FSC or PEFC chain-of-custody certification | The product has no third-party certification or the certification cannot be verified |
| Risk level default | Reduced risk – streamlined assessment | Full risk assessment required |
| Information required | Certification number, issuing body, chain-of-custody records | Country-level risk data, harvest licence/permits, species legality evidence, operator records |
| Mitigation steps | Verification of certification validity (check with FSC/PEFC) | May require additional supplier audits, site visits, or third-party verification |
| DAFF caution | Verify certification is genuine – DAFF has found inaccurate cert claims | High-scrutiny pathway – DAFF audits non-certified imports more intensively |
| Record-keeping | Cert documents + application records per shipment | Full risk assessment docs + mitigation records per shipment |
The certification pathway is not a simple tick-box. DAFF’s audit data shows that accepting certification documentation without independent verification is one of the most common compliance gaps.
Is FSC certification enough for AILPA compliance? Discover where certification falls short and what additional steps importers must take.
The fundamental reason 60% of timber importers fail DAFF audits isn’t a lack of awareness, it’s a lack of systems. Manual processes, spreadsheet-based records, and email-dependent supplier documentation don’t hold up under audit scrutiny. They’re also slow, fragmented, and impossible to maintain at scale.
Digital traceability platforms purpose-built for commodity supply chain compliance solve exactly these gaps. The core capabilities that close the ICP compliance gap are:
TraceX’s ILPA Compliance Platform was built for exactly this challenge: commodity supply chains that span multiple geographies, involve smallholder or informal producers, and require verifiable, documented evidence of legal sourcing. Timber is one of its core commodity verticals.
Here’s how TraceX transforms a manual, fragmented ICP process into a robust, digital compliance system:
| Compliance Step | Manual ICP (Spreadsheets/Email) | TraceX ICP Platform |
|---|---|---|
| Risk Assessment | Manual country-risk research per shipment; often inconsistent or outdated | Automated risk scoring using live satellite data, country risk profiles, and supplier history |
| Supplier Records | Email attachments licences, certs, KYC documents stored in folders | Structured digital onboarding GPS plot mapping, document parsing via Agentic AI, verified records |
| Species Verification | Accept supplier declaration; no independent check | Cross-reference species claims against geolocation data and reference databases |
| Chain of Custody | Manual tracking through spreadsheet gaps common | Blockchain-backed transaction trail is immutable, complete, and audit-ready |
| Audit Response | Days to reconstruct shipment record; high error risk | Blockchain-backed transaction trail is immutable, complete, audit-ready |
| DAFF Notification (coming) | Manual preparation of pre-import notice | Auto-generate e-declaration data from existing supply chain records |
| Repeat DD Exception | Manual tracking of 12-month supplier history | Platform auto-flags eligible repeat-DD shipments; reduces documentation burden |
Beyond compliance, TraceX’s GPS polygon mapping and satellite-verified deforestation monitoring give timber importers defensible, verifiable proof of legal sourcing, not just paperwork that could be fabricated. This matters both for DAFF audits and for buyers increasingly demanding supply chain transparency.
Understand how supply chain traceability supports AILPA compliance. Learn how to track timber from origin to import with confidence.
Unlike generic compliance software, TraceX’s Agentic AI can auto-parse supplier documents, licences, KYC records, and certifications directly from email attachments, eliminating the manual data entry step that creates the most record-keeping gaps.
Australia’s timber import compliance framework has real teeth now. The 2025 rules bring stricter enforcement, scientific testing, public disclosure of non-compliance, and incoming e-declaration requirements. The 60% historic non-compliance rate isn’t a benchmark to accept it’s a warning.
The good news? An audit-ready ICP isn’t unachievable. The gap between failing and passing an assessment is mostly a systems gap, not a knowledge gap. The importers who get it right are the ones who treat their ICP as a live operational system, not a document filed in a folder.
Digital traceability is what makes that possible at scale. When your supplier records, risk assessments, and chain-of-custody documentation are structured, verified, and stored in a system purpose-built for compliance, audit readiness becomes the default state, not an emergency exercise.
You need: (1) a written due diligence system (ICP), (2) per-shipment risk assessment records, (3) risk mitigation documentation, (4) chain-of-custody and supplier records (species, origin, harvest legality), (5) a Phytosanitary Certificate, (6) a Treatment Certificate, and (7) a customs declaration confirming due diligence compliance. Additional documents such as BICON import permits or CITES permits apply for specific species. (DAFF, Illegal Logging Prohibition Rules 2024)
An ICP (Import Compliance Program) is a written, documented due diligence system that Australian timber importers are legally required to maintain under the Illegal Logging Prohibition Act 2012. It must describe how you gather information about your timber’s origins, assess the risk of illegal logging, and take steps to mitigate that risk for every regulated shipment. Generic templates typically fail DAFF audits the ICP must be supplier- and product-specific.
Under the Illegal Logging Prohibition Amendment Act 2024 (in effect from March 2025), penalties include up to five years imprisonment and/or fines up to $165,000 (500 penalty units) for fault-based offences. Strict liability offences attract fines up to $19,800. DAFF can also issue injunctions, enforceable undertakings, and now publicly discloses non-compliance cases on its website. (DAFF / Illegal Logging Prohibition Rules 2024)
The 2025 rules replaced three risk assessment methods with two certification-based pathways: a streamlined process for certified timber (FSC/PEFC) and a full risk assessment for non-certified timber. New enforcement powers allow DAFF to scientifically test species and origin claims. A pre-import notification requirement is legislated but pending IT implementation. The six-month education transition period ended in September 2025 full enforcement is now in effect.
Digital traceability platforms automate the most failure-prone parts of ICP compliance: risk assessment, supplier record collection, species verification, and audit-ready reporting. Platforms from TraceX use Agentic AI to parse supplier documents, GPS mapping to verify harvest locations, and blockchain-backed records to create tamper-proof chain-of-custody trails. This eliminates the spreadsheet and email approach that causes most DAFF audit failures.
What is food traceability | Types of traceability in supply chains | Food traceability best practices | Traceability in the food industry | Digital traceability system | Blockchain food traceability solutions | QR code traceability for consumer trust | ERP integration for traceability | Conscious consumerism through traceability | Food system transformation with traceability | Coffee supply chain guide | Coffee traceability from bean to cup | Sustainable coffee supply chain | Regenerative agriculture for coffee | Agroforestry in the coffee value chain | Rainforest Alliance certified coffee | Single origin coffee explained | Cocoa supply chain traceability | Child labour in cocoa supply chains | Child labour monitoring and remediation systems | Fairtrade cocoa sourcing | Agroforestry in cocoa supply chains | Tea supply chain transformation | Sustainability in the tea value chain | Seed supply chain traceability | Seed supply chain basics | Forward traceability in seed industry | Seed supply chain challenges | Seed procurement process | Livestock traceability for meat safety | Blockchain traceability in livestock | Carbon traceability on blockchain | Maize value chain traceability | Farm to fork journey of millets | Millet value chain overview | Millets for a sustainable future | Pulse value chain traceability | Fruit and vegetable supply chain traceability | Banana supply chain traceability | Carbon footprint of banana production | Grape traceability for exports | Digital procurement for fruits and vegetables | Mango supply chain transparency | Tomato value chain challenges | Reducing post-harvest losses in potatoes | Sugarcane supply chain traceability | Sustainable sugarcane farming practices | Flower traceability from seed to scent | Orris root traceability in fragrance | Fair trade in fragrance oil supply chains | Hive to honey traceability | Cannabis supply chain traceability | Wine traceability grape to glass | Nutraceuticals and herbal supplements traceability | Rice supply chain traceability | Mill level rice traceability | Sustainable rice farming | Direct seeded rice cultivation | Sustainable rice platform standards | System of rice intensification | Alternate wetting and drying rice cultivation | Cotton supply chain traceability | Sustainability in the cotton industry | Organic cotton traceability | Fashion supply chain explained | Mapping the textile value chain | Traceability in the fashion industry | Traceability in waste management | Plastic value chain explained | Traceability for GI tagged products | Traceability for organic food brands | Spice supply chain traceability | Pepper traceability farm to table | Chilli value chain overview | Turmeric value chain | Batch level traceability for spice exports | Batch traceability in spice manufacturing | Sustainable spice sourcing technology | Sustainable farming practices for spices | Grocery supply chain challenges | Dairy supply chain guide | Real-time milk collection tracking | Dairy supply chain risk and issues | Batch level traceability in dairy | Ghee adulteration prevention | Sustainable dairy farming | Seafood supply chain ocean to plate | Sustainable fishing through supply chain transparency | Poultry value chain chicken to nugget | Tobacco supply chain overview | Digitizing tobacco farming | Tobacco traceability for compliance | Sustainable tobacco production | Sustainable tobacco programs | Digitizing the paper supply chain | Sustainable soy supply chains | RTRS certification in soy | Sustainable rubber from tree to tyre | FSC certified rubber solutions | Palm oil supply chain insights | RSPO certification with EUDR compliance | Seed oils traceability farm to refinery | Aggregation risk in oilseed supply chains | Digital traceability for cold pressed oils | Timber value chain from forest to product | Sustainable cashew production traceability | Arecanut value chain traceability | Essential guide to food supply chains | Factors influencing food supply chain management | Food supply chain in India | Blockchain for food supply chain | Agriculture and food supply chain factors | Traceability in food safety | Supply chain transparency for food safety | Understanding food recalls | Product recall in the food industry | Food waste in supply chains | Food waste recycling and composting | Food waste upcycling solutions | Supply chain traceability framework | Complete guide to supply chain traceability | Product traceability in supply chains | Material traceability in supply chains | Elements of supply chain provenance | Chain of custody in agriculture | Supplier mapping for traceability | Real-time supply chain visibility | Traceability for ESG compliance | Supply chain due diligence | Examples of food supply chain traceability | Supply chain traceability challenges | Multi-tier supply chain transparency | Traceability for supply chain managers | Mitigating supply chain risks for exporters | CTOs driving digital transformation with traceability | Digital transformation for licensed cocoa buyers | Bulk food product traceability | Automated farm input distribution | Supplier onboarding challenges | Digital process configuration in food production | Bulk GRN processing in procurement | Batch IDs in food traceability systems | Inventory management in the food industry
Get the free TraceX Playbook — 10 traceability failures to fix before your next audit, a 10-point maturity scorecard.
Don’t miss out on your chance to grab access to our early bird offer!
Your essential compliance guide
