EU Compliance MCP Server

Model Context Protocol (MCP) server that gives Claude Desktop, Cursor, and other MCP-compatible AI clients structured access to four EU regulatory pre-screening tools through a single tool surface:

• check_reach_svhc: ECHA REACH SVHC Candidate List lookup by CAS / EC number / name
• screen_eudr: EU Deforestation Regulation Annex I scope + country risk + role-aware DDS obligations (Reg. 2023/1115 as amended by 2024/3234, 2025/2650, with country benchmarking under Commission Implementing Reg. (EU) 2025/1093)
• screen_cbam: Carbon Border Adjustment Mechanism scope + sector + default emission factor (per Commission Implementing Reg. 2025/2621) + 50-tonne threshold + EU-internal / EEA-exempt origin checks
• screen_battery: EU Battery Regulation 2023/1542 (as amended by 2025/1561) scope + Battery Passport flag + due-diligence flag (40M EUR threshold) + recycled content + removability

Use this Actor when: you build an AI-agent workflow that needs structured EU compliance pre-screening, and you want versioned outputs with article-level references and manual-review flags rather than raw natural-language summaries.

Important: this is an AI-agent screening helper, not a compliance solution

The tool outputs reduce the risk of LLM-generated errors by grounding agent responses in structured regulatory pre-screening outputs. They do not eliminate that risk. The connected AI client may still misinterpret outputs, miss exceptions, take the wrong HS / CN code, confuse operator roles, or generate content beyond the tool response.

This MCP server is not affiliated with or endorsed by the European Commission, ECHA, any market surveillance authority, or any notified body. Outputs are preliminary screening, not legal, customs, environmental, due-diligence, conformity-assessment or notified-body advice. See the disclaimer at the bottom and the Security and operational guidance section before deployment.

Do not allow your AI client to submit declarations, send customer compliance statements, make import decisions, purchase certificates, update regulatory records, or take any other binding compliance action without human review by qualified personnel.

Why use this Actor

EU compliance teams running Claude or GPT agents to triage product, supplier, and shipment data face a structural problem: each regulation has its own logic (HS code precision, country benchmarking, default emission factors, exemption rules, role-aware obligations) that an LLM cannot reliably reconstruct from natural-language prompts. Tool calls into this Actor return versioned dates, thresholds and citations, so the agent's responses are grounded rather than ungrounded. The agent still reasons in natural language; the structured tool responses lower (but do not eliminate) the surface area for hallucination.

Run modes and endpoints

This Actor supports two run modes. The MCP transport surface depends on how you deploy.

Mode 1: MCP server (default, recommended for AI clients)

Start the server in Apify Standby mode. Standby actors are kept warm as long-running web servers / API servers so MCP clients can keep a session open. Connect any MCP client to the Standby endpoint with Authorization: Bearer <APIFY_TOKEN>.

{ "mode": "mcp" }

Use this when:

• You build a Claude Desktop / Cursor / custom-agent workflow that wants the four tools auto-discovered via list_tools()
• You want a long-running session
• You connect from outside Apify

Mode 2: Direct tool call (one-shot)

Invoke a single tool synchronously and write the result to the Actor's default dataset. Useful for cron jobs, ETL pipelines, and tests.

{
  "mode": "direct",
  "tool": "screen_eudr",
  "arguments": {
    "queries": [
      { "query": "0901", "country": "BR" },
      { "query": "wooden furniture", "country": "RU" }
    ],
    "operator_role": "operator_first_placer",
    "enterprise_size": "large"
  }
}

Mode 3 (alternative): Apify-hosted MCP server

For a fully managed MCP-over-HTTPS endpoint, Apify also provides https://mcp.apify.com with OAuth flow and Streamable HTTP. That endpoint is independent of this specific Actor; if you prefer it, point your client there and use the corresponding tool naming.

Security and operational guidance

MCP itself adds risk vectors above plain REST: token passthrough, confused-deputy attacks, prompt injection through tool descriptions or tool outputs, session hijacking, SSRF, and over-broad permissions. The official MCP security best practices and OWASP MCP guidance describe these in detail. Below is the minimum hygiene we recommend when running this Actor as an MCP endpoint.

Token handling

• Use scoped tokens, not your full Apify account token. Create a token with only the permissions needed to run sibling Actors and read their datasets.
• Use Authorization: Bearer <TOKEN>, not tokens in URLs. Tokens in URL query strings are visible to logs (Apify's, Claude Desktop's, browser dev-tools, network proxies, MCP gateway logs).

// Claude Desktop config: PREFERRED
{
  "mcpServers": {
    "eu-compliance": {
      "url": "https://your-actor-standby-url.apify.actor/mcp",
      "headers": {
        "Authorization": "Bearer YOUR_SCOPED_APIFY_TOKEN"
      }
    }
  }
}

// Avoid in production: token in URL, will appear in logs
{
  "mcpServers": {
    "eu-compliance": {
      "url": "https://api.apify.com/v2/acts/.../run-sync?token=YOUR_TOKEN"
    }
  }
}

Operational practices

• Keep an audit log of every tool call with timestamp, arguments, and the resulting data_status. The Actor pushes per-call dataset items in direct mode; for MCP standby, log on the AI client side.
• Allowlist the four tool names in your MCP host config. Reject unexpected tool names from the server.
• Treat tool descriptions and tool outputs as untrusted input when designing prompts. Sanitise outputs before passing them back to the LLM (escape JSON, strip URLs, do not auto-execute returned content).
• Require human review for any binding compliance action. No auto-submission of DDS, no auto-purchase of CBAM certificates, no auto-update of supplier records, no auto-emailing of compliance statements.
• Versioning: pin the Actor version in your MCP client config so a regulation update does not silently change tool outputs mid-session.
• Data flow transparency: when the AI client passes shipment / supplier / battery data to this Actor, that data flows to Apify and to the dispatched sibling Actor. Treat that as third-party processing per your own data-protection assessment.

Fail-closed fallback policy

When APIFY_TOKEN is missing or the live sibling Actor call fails, the default behaviour is NOT to silently fall back to a local snapshot. Each tool returns an error result. The local snapshot is only used if you explicitly opt in by setting allowFallback: true in input. Every fallback row is stamped:

{
  "data_status": "stale_local_snapshot",
  "not_for_compliance_decision": true,
  "warning": "Output from the MCP server's local snapshot, NOT from a live sibling Actor. ..."
}

The first item in any fallback batch is a header row with is_fallback_header: true so the AI client cannot easily ignore the warning.

Input

{
  "mode": "mcp",
  "allowFallback": false
}

For direct mode, see Mode 2 example above.

Per-tool inputs (when called as MCP tools or via direct mode arguments):

Tool	Required arguments	Optional
check_reach_svhc	queries: [string]	fuzzy_match: bool
screen_eudr	queries: [{query, country?}]	operator_role, enterprise_size, was_regulated_by_eutr
screen_cbam	shipments: [{query, country?, tonnes?}]	calendar_year
screen_battery	batteries: [{query, category?, capacity_kwh?}]	operator_role, operator_above_dd_threshold

Tool: check_reach_svhc

Calls the REACH SVHC Checker Actor.

{ "queries": ["Lead", "7439-92-1", "DEHP", "BPA"] }

Output (per query): match data, match_quality, interpretation, not_affiliated_with_echa, verify_at, plus the standard MCP wrapper if running in fallback mode.

Tool: screen_eudr

Calls the EUDR Screener Actor with role-aware obligations.

{
  "queries": [
    { "query": "0901", "country": "BR" },
    { "query": "wooden furniture", "country": "RU" }
  ],
  "operator_role": "operator_first_placer",
  "enterprise_size": "large",
  "was_regulated_by_eutr": false
}

operator_role is one of: operator_first_placer, operator_downstream, non_sme_trader, sme_trader. enterprise_size is large / medium / small / micro. was_regulated_by_eutr activates the EUTR carve-out (earlier 30 Dec 2026 deadline for previously-regulated micro/small operators).

Output exposes screening_result, requires_dds, can_rely_on_upstream_dds, requires_enhanced_due_diligence, deadline, deadline_basis, requires_manual_review, plus the standard non-affiliation and verify-at fields.

Tool: screen_cbam

Calls the CBAM Report Helper Actor. Default emission factors per Commission Implementing Reg. (EU) 2025/2621.

{
  "shipments": [
    { "query": "7208.10", "country": "CN", "tonnes": 250 },
    { "query": "7601", "country": "IS", "tonnes": 1000 }
  ]
}

Output exposes screening_result, cbam_sector, default_emission_factor, electricity_or_hydrogen_special_case, estimated_embedded_emissions_t_co2e (indicative, NOT a payable amount), requires_manual_review.

Tool: screen_battery

Calls the Battery Regulation Passport Actor (Reg. 2023/1542 as amended by 2025/1561).

{
  "batteries": [
    { "query": "EV traction battery NMC 75 kWh", "category": "ev", "capacity_kwh": 75 },
    { "query": "AA alkaline", "category": "portable" }
  ],
  "operator_role": "manufacturer",
  "operator_above_dd_threshold": true
}

Output exposes screening_result, passport_required, due_diligence_required (only above EUR 40M turnover, due diligence start deferred to 18 Aug 2027 by Reg. 2025/1561), recycled_content_documentation_required, requires_latest_implementing_act_check.

Connecting from Claude Desktop

Add the Actor to your Claude Desktop MCP config (~/Library/Application Support/Claude/claude_desktop_config.json on macOS, %APPDATA%\Claude\claude_desktop_config.json on Windows):

{
  "mcpServers": {
    "eu-compliance": {
      "url": "https://your-actor-standby-url.apify.actor/mcp",
      "headers": {
        "Authorization": "Bearer YOUR_SCOPED_APIFY_TOKEN"
      }
    }
  }
}

Do not put production tokens in URLs. Use the headers form above. If your MCP client does not support headers, prefer the Apify-hosted MCP at https://mcp.apify.com with its OAuth flow.

Restart Claude Desktop. The four tools appear; ask things like:

"Pre-screen 7439-92-1 against the REACH SVHC list and show me the structured match."

"Pre-screen 250 tonnes of HS 7208.10 hot-rolled steel from China for CBAM exposure. The output is indicative; flag if certificate purchase obligations apply."

"Pre-screen this product list against EUDR for an SME trader. Flag those that require manual review."

Connecting from Cursor

Cursor (1.0+) supports MCP via ~/.cursor/mcp.json. Use the same headers-based config as for Claude Desktop.

Connecting from ChatGPT

OpenAI exposes MCP through several distinct surfaces with different capability matrices, including ChatGPT Apps (Apps SDK), company knowledge custom MCP connectors (often limited to search/fetch functionality), and certain API integrations. Verify current OpenAI Apps / MCP connector support for your plan and workspace settings before deployment. What works in one OpenAI surface may not work in another, and OpenAI changes capabilities periodically.

Pricing

This Actor itself charges only for the start event. The four tools delegate to the dedicated single-purpose Actors, each of which charges per query. So an agent that screens 50 substances + 20 EUDR products + 30 CBAM shipments + 10 batteries pays roughly:

• REACH: 50 × $0.005 + $0.001 = $0.251
• EUDR: 20 × $0.005 + $0.001 = $0.101
• CBAM: 30 × $0.005 + $0.001 = $0.151
• Battery: 10 × $0.005 + $0.001 = $0.051
• MCP server start: $0.001
• Total: ~$0.56

Architecture

+---------------+        +----------------------+        +-----------------------+
| AI client     |  MCP   | EU Compliance MCP    |  API   | REACH SVHC Checker    |
| (Claude /     | <----> | Server (this Actor)  | <----> | EUDR Screener         |
|  Cursor /     |        | Standby + dispatcher |        | CBAM Report Helper    |
|  custom)      |        +----------------------+        | Battery Regulation    |
+---------------+                                        +-----------------------+

The MCP server is a thin aggregation layer. Regulatory logic stays in the dedicated Actors so each regime can be updated, versioned, and audited independently.

FAQ

Do I need an Apify token to use this from Claude Desktop? Yes for production / live data. The Claude Desktop config holds your token (preferably as an Authorization: Bearer header, not in the URL). Without a token AND without allowFallback: true, the tools return an error rather than silently using a local snapshot.

How do I know if a tool result is live or a fallback? Live sibling Actor results do NOT carry data_status, not_for_compliance_decision, or is_fallback_header. Fallback results carry all three, plus an explicit warning string and a header item at the start of the batch.

Why fail-closed by default? A silent fallback to stale data is precisely the failure mode that produces wrong compliance decisions. Default-false means the AI client cannot accidentally use stale data; opting in is a deliberate decision for non-compliance previews.

Does the agent need to know which tool to call? The MCP list_tools() call exposes all four tools with full input schemas; an MCP client auto-discovers them on connect. You can also nudge with explicit instructions in the system prompt.

What if a regulation changes mid-session? Each new sibling-Actor version is published to Apify; restart your MCP session to pick it up. Existing sessions continue with the version they started with.

Can I run this offline / without Apify? The Actor is published on Apify. The local fallback in tools.py is self-contained Python and can be lifted out for purely local development, but it is intentionally simplified, marked not_for_compliance_decision: true, and not a substitute for the dedicated Actors.

Limitations

• The MCP server does not currently support streaming responses. Each tool call returns a complete JSON payload at the end of execution.
• Apify Standby URLs require a paid Apify plan or sufficient platform credits for continuous availability. Free-tier usage may experience cold starts.
• The local fallback is intentionally minimal and stale; it is for development/preview only and is fail-closed by default.
• The MCP server inherits any limitations of the underlying sibling Actors (Annex updates, Commission delegated/implementing acts after the build date, Member State implementation specifics).

Sources

• Model Context Protocol specification
• Anthropic MCP servers ecosystem
• REACH Regulation (EC) 1907/2006 and ECHA SVHC Candidate List
• EU Deforestation Regulation (EU) 2023/1115 (as amended by 2024/3234, 2025/2650; country benchmarking under Commission Implementing Reg. (EU) 2025/1093)
• Carbon Border Adjustment Mechanism (EU) 2023/956 and Commission Implementing Reg. 2025/2621
• EU Battery Regulation (EU) 2023/1542 (as amended by 2025/1561)
• Apify Standby Actors documentation
• Apify-hosted MCP at mcp.apify.com

Related compliance Actors

The four tools dispatched by this MCP server are also available as standalone Actors:

• ../reach-svhc-checker
• ../eudr-screener
• ../cbam-report-helper
• ../battery-regulation-passport

Use the dedicated Actor when you have a one-off bulk job. Use this MCP server when you want an AI agent to call them inside a conversational workflow, with the security caveats above.

Disclaimer (MCP-specific)

This MCP server is designed for AI-agent-assisted regulatory pre-screening, not autonomous compliance decision-making. It is not affiliated with or endorsed by the European Commission, ECHA, any market surveillance authority, or any notified body.

Tool outputs may be incomplete, stale, misclassified, or misinterpreted by the connected AI client. The structured nature of the responses reduces but does not eliminate the risk of LLM-generated errors: the AI client may still misinterpret outputs, miss exceptions, take the wrong HS / CN code, confuse operator roles, or generate content beyond the tool response.

Do not allow the connected AI client to submit declarations, send customer or supplier compliance statements, make import or sourcing decisions, purchase CBAM or other regulatory certificates, update regulatory records, or take any other binding compliance action without human review by qualified personnel.

Local fallback mode is not suitable for compliance decisions and is fail-closed by default; opt-in only for non-compliance previews. The author and ravch.dev disclaim all liability for any direct, indirect, or consequential loss arising from use of, or reliance on, this MCP server's output. Use at your own risk; consult qualified counsel and the official EU portals.