Isabelle · CSRD transparency you can defend
The Head of Supply Chain Transparency at a mission-driven chocolate brand has twelve months to satisfy the EU Deforestation Regulation across forty-three cooperatives. She discovers governed data exchange, not traceability software, is the right category, and runs a pilot that gives her certification body independent audit access under rules the brand defines.
Scenario
Isabelle is Head of Supply Chain Transparency at a mission-driven chocolate brand. The EU Deforestation Regulation comes into force for her product category in December 2025, requiring the brand to demonstrate, not just assert, that its cocoa sourcing is deforestation-free and traceable to farm level. The brand’s existing process is a combination of annual third-party audits, self-reported data from cooperatives collected via spreadsheet, and periodic on-site visits. It is not sufficient for the regulation’s continuous traceability requirement, and Isabelle knows it.
She has forty-three supplier cooperatives and smallholder groups across Ghana and Côte d’Ivoire. Her certification body, a fair trade and organic certifier, needs to be able to query sourcing data independently, without requesting it from Isabelle’s team. Her CEO has told her she has a budget for a pilot and twelve months to demonstrate a working solution before the full regulatory deadline. She has never heard of EDC Connectors. She has been looking at supply chain transparency software platforms, traceability SaaS tools, and blockchain-based provenance systems. None of them have satisfied the certification body’s requirement for independently auditable data access under policies the brand controls.
Storyline
Step 1: The regulation forces a concrete deadline
Action
Isabelle reads the EU Deforestation Regulation implementation guidance and maps its traceability requirements against her current data collection process. The gap is clear: the regulation requires continuous, verifiable traceability to plot level, and her current process produces an annual snapshot that depends on cooperative self-reporting. She writes a one-page summary for her CEO and CFO: what the regulation requires, what the current process produces, and what the gap means in terms of regulatory and reputational risk. The CEO’s response is brief, find a solution, come back with a proposal in six weeks.
Thoughts
“The annual audit model is not going to satisfy this regulation. I need infrastructure that lets the certification body access sourcing data directly, in real time, under rules I set, not a document I produce once a year and hand to an auditor who has to trust that it is accurate.”
Emotions
Focused and slightly pressured. The regulatory deadline is fixed and public. The brand’s reputation for transparency is its primary commercial asset. Isabelle does not have the option of missing this.
Step 2: Searching in the wrong category
Action
Isabelle evaluates six supply chain transparency and traceability platforms over four weeks. She demos three SaaS tools designed for supply chain visibility, two blockchain-based provenance platforms, and one ESG data management system. Each of them stores and displays supply chain data, but none of them allows the certification body to query the data independently under access policies the brand defines. Every tool puts Isabelle’s organisation in the middle: the data flows through her systems, and the auditor trusts the output because they trust her. That is precisely the model she needs to move beyond.
Thoughts
“Every one of these tools is built for me to manage my suppliers’ data. What I need is infrastructure that lets my suppliers share their data directly with the people who need to verify it, under rules I set, without me being the bottleneck in the middle. I don’t think I’m looking in the right category.”
Emotions
Frustrated and starting to reframe the problem. The moment Isabelle articulates what she actually needs, a governed data exchange layer, not a data management tool, is the moment the search changes direction. She asks her certification body contact whether they have encountered any infrastructure that works the way she is describing.
Step 3: Discovery through the certification body
Action
Isabelle’s contact at the certification body mentions that they have been approached by a European infrastructure provider working on data exchange for supply chain use cases, they were evaluating whether it could support their audit access requirements. She sends Isabelle the name. Isabelle searches for Kaphera, finds the website, reads the product description, and is immediately uncertain whether it is relevant, the language is technical and the examples are automotive. She sends an email to the contact address asking a single question: can this platform allow a certification body to query sourcing data from my suppliers under access policies I define, without going through my systems?
Thoughts
“The automotive examples mean nothing to me, but the underlying description, governed data exchange where the data owner sets the access rules and the platform enforces them, is exactly what I have been trying to describe for four weeks.”
Emotions
Tentatively interested. Isabelle is not confident this is the right solution, but she is confident she has found the right category of solution. The email she sends is deliberately simple, she wants to know whether the answer is yes or no before investing time in a technical evaluation she is not equipped to run.
Step 4: First conversation with Kaphera: translating the proposition
Action
Isabelle joins a call with the Kaphera team. She explains her use case in supply chain language: cocoa sourcing traceability, cooperative suppliers in West Africa, a certification body that needs independent audit access, an EU regulation with a fixed deadline. She explicitly says she does not have an engineering team and does not want to manage infrastructure. The Kaphera team translates their platform into her terms: a dataspace where she defines the rules, her suppliers share data through a guided onboarding flow, and her certification body accesses what it needs under the access policies she has set, without requesting it from her team each time. After the call, Isabelle asks for a one-page description she can share with her CEO and CFO, written without technical jargon.
Thoughts
“If they cannot write me a one-page description I can share with my CEO, I cannot move forward regardless of how good the technology is. My CEO needs to be able to explain this to the board, and she is not going to read a technical architecture document.”
Emotions
Cautiously optimistic and evaluating the team as much as the product. Isabelle is assessing whether the Kaphera team understands her context or whether she will spend the next twelve months translating between two different languages. The one-page request is a test as much as a practical need.
Step 5: Internal approval: making the case to the CEO
Action
Isabelle presents a one-page proposal to her CEO and CFO. The framing is regulatory risk, brand credibility, and certification body requirements, not technology. She describes Kaphera Cloud as a governed data exchange layer that allows cooperatives to share sourcing data directly with the certification body under rules the brand defines, satisfying the EU Deforestation Regulation’s continuous traceability requirement without putting the brand in the position of managing and vouching for its suppliers’ data. The cost is within her innovation budget. The CEO approves a twelve-month pilot covering ten supplier cooperatives and the certification body. She asks Isabelle one question: what happens to the data if the provider is sold? Isabelle answers from the steward-ownership documentation Kaphera provided. The CFO approves the budget.
Thoughts
“The steward-ownership question was the one I was most uncertain about going into the room. Having a concrete answer, not ‘we have contractual protections’ but ‘the company structure makes acquisition without consent structurally impossible’, made the difference.”
Emotions
Relieved. The approval was not certain, the CFO had concerns about vendor dependency that Isabelle had anticipated but not been sure she could address. Having the steward-ownership documentation in hand was the answer that closed that concern.
Step 6: Configuring the dataspace profile: with guidance, not independently
Action
Isabelle works through the dataspace profile configuration with a Kaphera onboarding specialist over three sessions. She does not touch a configuration file, the onboarding specialist translates her requirements into platform configuration while Isabelle reviews and approves each step through the web console. Together they define the data access rules: the certification body can query any sourcing record associated with a specific cooperative, for the purpose of audit, with every access logged. Cooperatives can only share data with the certification body and with Isabelle’s organisation, no other access is permitted. Isabelle reviews the final configuration in the console and confirms it reflects exactly what she described in the approval meeting.
Thoughts
“I need to be able to describe every configuration decision to my CEO if she asks. If I cannot explain why a setting is what it is, it should not be in the configuration. The onboarding specialist understood this and did not move forward on anything I had not explicitly approved.”
Emotions
Engaged and increasingly confident. The console interface gives Isabelle enough visibility to understand what has been configured without requiring her to understand how. The onboarding specialist’s patience with her approval process is building trust in the relationship.
Step 7: Supplier onboarding: forty-three cooperatives, varying capability
Action
Isabelle and her team onboard the ten pilot cooperatives over six weeks. Three of them have a staff member capable of navigating the web console independently with a written guide translated into French. Four require a guided session conducted over video call with a Kaphera onboarding support resource and an interpreter. Three are onboarded entirely by Isabelle’s field team during a scheduled site visit, using a tablet and a mobile data connection. Each cooperative’s connector is configured to share the specific data types agreed in the pilot scope, harvest volumes, plot coordinates, certification status, and nothing else. Isabelle monitors the onboarding status of each cooperative through the console without needing to contact each one individually.
Thoughts
“The three who needed on-site onboarding during a field visit, that is going to be the pattern for most of the remaining thirty-three. I need to be able to do that with a tablet and a mobile connection, and I need the platform to hold the partial onboarding state between sessions if the connection drops.”
Emotions
Operationally stretched but problem-solving. The field visit onboarding is not a platform failure, it is a realistic constraint of working with smallholder suppliers in West Africa. Isabelle is already thinking about how to systematise it for the full rollout.
Step 8: Certification body integration and first independent audit query
Action
Isabelle’s certification body contact logs into the platform with the access credentials Isabelle has provisioned for their auditor role. They run a query against three cooperatives’ sourcing records for a specific harvest period. The platform returns the data, records the access in the audit log, and enforces the purpose-limitation constraint, the data is accessible for audit queries only. The auditor confirms the data matches what they collected during their most recent on-site visit, with one discrepancy in a harvest volume figure that the cooperative corrects within forty-eight hours. Isabelle receives a notification of the correction. The audit query took eleven minutes. The equivalent process using the previous document-request method took three weeks.
Thoughts
“Three weeks to eleven minutes. That is the number I am going to put in the pilot report. Not as a technology achievement, as a demonstration that the certification body can do their job properly rather than working around the constraints of the process I used to run.”
Emotions
Genuinely excited in a way she has not been at any earlier point in the journey. The audit query working as designed, data shared directly, access logged, discrepancy surfaced and corrected quickly, is the proof of concept the entire pilot exists to demonstrate. This is the moment the regulatory risk she identified in Step 1 becomes manageable.
Step 9: Pilot report and full rollout approval
Action
Isabelle writes the pilot report for her CEO and the board. She documents the eleven-minute audit query versus the three-week document request, the discrepancy caught and corrected in forty-eight hours that would have been invisible under the annual audit model, and the onboarding completion rate across the ten pilot cooperatives. She presents the regulatory compliance argument: the EU Deforestation Regulation’s continuous traceability requirement is met by design, not by assertion. The board approves the full rollout to all forty-three cooperatives and asks Isabelle to present the model at the brand’s next supplier summit as a case study in supply chain transparency infrastructure. The CFO approves the expanded budget without the steward-ownership question this time.
Thoughts
“The board approved this as a regulatory compliance tool. But the supplier summit presentation request tells me they have also understood it as a brand asset. That is a more durable justification than compliance alone.”
Emotions
Proud and clear on what comes next. The pilot report converted a regulatory forcing function into a strategic capability. Isabelle is now thinking about the full rollout, the supplier summit presentation, and whether the model could be extended to other commodity lines.
Step 10: Full rollout and external advocacy
Action
Isabelle’s team onboards the remaining thirty-three cooperatives over four months, using the field visit pattern established in the pilot for those without reliable connectivity. She presents the infrastructure at the brand’s supplier summit and at a sustainable supply chains conference, where she is approached by two other consumer goods brands who ask whether the model is available to them. She connects them with Kaphera directly. She also works with her certification body to propose the data exchange model as a recommended infrastructure approach for other brands seeking to satisfy EU Deforestation Regulation requirements, citing the pilot results.
Thoughts
“I did not build this to become a conference speaker. But if the model we built here becomes the reference for how consumer goods brands satisfy the EU Deforestation Regulation, that is a better outcome than anything I put in the original proposal.”
Emotions
Settled and genuinely purposeful. Isabelle came into this project with a regulatory problem and a twelve-month budget. She is leaving it with infrastructure that works, a certification body that can do its job properly, and a model that other brands are asking to replicate. The brand’s transparency promise now has infrastructure underneath it.
Key features
🌿 Non-technical governance configuration interface: dataspace profile setup, access rule definition, and onboarding validation completable through a guided console without engineering involvement or configuration file editing
📱 Low-connectivity supplier onboarding: onboarding flow completable from a tablet on a mobile data connection, with session state preserved across interrupted connections for field-visit onboarding scenarios
🌍 Multilingual onboarding support: guided onboarding flow and support materials available in languages relevant to the supplier base, not only in English
🔍 Certification body auditor access role: purpose-scoped access credentials for third-party auditors to query supplier data independently under the brand’s defined access policies, without routing requests through the brand’s team
📋 Purpose-limitation and data minimisation constraints: access rules that restrict what data each participant type can see and for what purpose, configurable without writing policy code
🔔 Data discrepancy notification: supplier-side corrections to shared data surfaced to the governance authority in real time, enabling rapid audit response without manual reconciliation
📊 Participant onboarding status dashboard: real-time view of where each supplier is in the onboarding process, reducing inbound status requests from the governance team to individual cooperatives
📄 Non-technical audit trail export: audit log export in plain-language formats readable by certification body auditors and regulatory compliance teams without technical interpretation
✍️ Jargon-free external communication materials: one-page platform descriptions and supplier onboarding guides written in supply chain language, not infrastructure language, suitable for sharing with CEOs, certification bodies, and supplier contacts
Related
- isabelle-dufour: the protagonist: Head of Supply Chain Transparency at a mission-driven chocolate brand
- governance-authority: the archetype: organisations defining the rules under which a participant network exchanges data
- kaphera-cloud-managed-console: the guided console she uses to configure dataspace profiles, access policies, and cooperative onboarding without engineering involvement
- kaphera-cloud-managed-server: the managed platform underneath, including the certification-body auditor access role
- governance-authority-playbook: sales motion for the governance-authority archetype