In June 2023, technicians at a Portuguese MRO flagged suspect CFM56 engine parts. What followed became a defining case in aviation asset tracking regulatory compliance. CFM International confirmed the paperwork was forged. By the time the UK CAA, EASA, and FAA finished tracing the supply chain, 145 engines in the global fleet had been identified as carrying parts from a UK broker with no certification, no special license, and no regulatory oversight. (See also: what is geolocation.) (See also: ip geolocation tracker.) (See also: roi of asset tracking in aviation.)
The broker, AOG Technics, did not exploit a novel vulnerability. It exploited the oldest one in aviation: paper-based traceability. Forged EASA Form 1 documents, attached to old parts resold as new, passed through a supply chain that couldn’t verify provenance digitally. More than half of those 145 engines were pulled from service.
If you manage MRO operations, run compliance at an airline, or handle fleet documentation for a lessor, you already know the regulatory framework is layered. What’s often less clear is where the traceability chain actually breaks, which technologies close which specific gaps, and what “good enough” compliance costs when it fails. This piece maps all three.
What the Regulations Actually Require
Aviation asset traceability operates under three interlocking layers. Regulators set the rules. Industry bodies define data formats. Hardware standards govern the physical tags. A gap in any layer creates a compliance exposure, even if the other two are solid.
Regulatory Authorities
On the FAA side, AC 20-62E governs eligibility, quality, and identification of aeronautical replacement parts, establishing the baseline for what counts as a traceable, airworthy component. 14 CFR Part 43 mandates maintenance records. 14 CFR Part 91 covers general operating and flight rules.
Since July 2025, all Part 145 repair stations operate under updated FAA compliance requirements that tighten documentation standards, part marking protocols, and digital record-keeping. These aren’t future requirements. They’re the current operating reality, and any gap in traceability can now halt operations, delay maintenance, or result in fines.
On the European side, EASA Part 145 governs maintenance organization approvals and mandates documentation of every maintenance action. Part M covers continuing airworthiness management. ICAO Annex 8 provides the international airworthiness baseline.
Industry Standards
Three standards are converging into what functions as a unified compliance framework:
- AS9100 Rev D (clause 8.5.2) goes beyond ISO 9001 by requiring aerospace organizations to maintain identification and traceability for conformity, recall, campaign return, and regulatory reporting.
- ATA Spec 2000 defines the RFID data format for “birth records”: part number, serial number, manufacturer, and date of manufacture encoded at the point of origin.
- SAE AS5678 sets minimum performance requirements for passive UHF RFID tags on aircraft parts, designed for ground-access-only operation.
Organizations that treat these as separate checkboxes end up with point solutions that don’t share data. That fragmentation is itself a compliance risk: when an auditor asks for an end-to-end trace, you need the birth record (ATA Spec 2000), the tag performance guarantee (SAE AS5678), and the organizational traceability system (AS9100) to tell one coherent story.
What 145 Grounded Engines Taught the Industry
AOG Technics operated as a small parts distributor. Not a manufacturer. Not a certified MRO. A broker who purchased older CFM56 parts and resold them with forged EASA Form 1 documents, making them appear factory-new. The scheme ran from approximately 2015 until Portuguese technicians caught discrepancies in 2023.
The structural problem went deeper than one bad actor. Parts distributors were not covered by the same regulatory controls applied to manufacturers and MROs. Consumable parts, which require only a Certificate of Conformity (CoC) rather than an Authorized Release Form, are especially vulnerable because the documentation threshold is lower and easier to forge.
The UK CAA and EASA issued safety notices on August 4, 2023. The FAA followed on September 21. The UK Serious Fraud Office made an arrest on December 6. More than half of the 145 affected engines were removed from service, each removal representing unscheduled downtime, emergency costs, and fleet disruption.
This was not an isolated event in its mechanism. During roughly the same period, Russian airlines obtained at least $1.2 billion in Western-manufactured replacement parts through intermediaries in non-sanctioning countries between May 2022 and June 2023, exploiting the same weak points: documentation gaps, shifted verification burdens, and a supply chain that relies on paper to prove provenance.
Both cases lead to the same conclusion. Paper-based traceability is not a compliance system. It’s a liability structured to look like one.
Technology That Makes Compliance Continuous
The compliance goal isn’t just knowing where a part is right now. It’s maintaining an unbroken, verifiable record of what that part is, where it’s been, what’s been done to it, and who touched it at every stage. Four technology layers address this, each solving a distinct piece of the problem.
RFID: The Proven Foundation
Passive RFID is the most deployed tracking technology in aviation. Tags cost $0.05 to $1.00 each, need no battery, and encode ATA Spec 2000 birth records at the point of manufacture. Delta Air Lines invested $50 million in RFID deployment across 84 stations and hit a 99.9% tracking success rate, proving the technology at commercial scale.
For compliance, RFID eliminates manual scan errors that create reporting inconsistencies. Every read at every touchpoint generates a timestamped audit trail automatically. The limitation: passive RFID tells you a part was scanned at a location and when. It doesn’t tell you what condition it was in or how it was handled between scans.
IoT Sensors: Condition Meets Location
IoT devices bridge that gap. GPS trackers, shock sensors, and temperature monitors attached to high-value components (engines, APUs, landing gear) provide shipment visibility and detect mishandling in transit. When a $2 million engine ships from an MRO in Singapore to an airline in Frankfurt, you need proof it arrived, arrived undamaged, at the right temperature, without unauthorized detours.
Hardware certification is non-negotiable here. Devices deployed in aviation environments must meet standards like DO-160 for airfreight. Certified trackers built specifically for aviation operations are designed for environments where consumer-grade GPS devices aren’t allowed.
Blockchain: Tamper-Proof Provenance
Blockchain creates immutable, cryptographically verified records of every event in a part’s lifecycle: manufacture, installation, removal, inspection, repair, transfer. Unlike conventional databases, entries cannot be retroactively altered.
GA Telesis developed WILBUR (Worldwide Integrated Lifecycle and Blockchain Unified Registry), combining blockchain with computer vision and AI to create a digital record from manufacture to disposal. If every EASA Form 1 existed as a blockchain entry verified by the issuing authority, the AOG Technics fraud could not have scaled. A broker forging paper copies would have triggered immediate verification failures.
The challenge is interoperability. Multiple blockchain implementations (Ethereum-based, Hyperledger Fabric, private chains) are in various deployment stages. Until an industry standard emerges, organizations risk building on incompatible ledgers. For now, favor platforms that support cross-chain verification and ATA Spec 2000 data formats.
Digital Twins: Predictive Compliance Evidence
Rolls-Royce’s IntelligentEngine program uses digital twins of its Trent engine family to monitor performance in flight, predict maintenance needs before failures occur, and generate documented rationale for condition-based interventions. Digital twins allow MRO teams to monitor asset health and anticipate failures, shifting from calendar-based to condition-based maintenance.
The compliance payoff: a digital twin produces a continuous evidence stream. When an auditor asks why you replaced a component at 3,200 cycles instead of the scheduled 4,000, the twin’s data tells the story with timestamps, sensor readings, and trend analysis attached.
Technology Comparison
| Technology | Accuracy | Range | Cost Per Unit | Best Compliance Use |
|---|---|---|---|---|
| Passive RFID | Item-level | 0.1 to 10 m | $0.05 to $1.00 | Parts ID, birth records |
| Active RFID | High | 10 to 100 m | $10 to $50 | ULD tracking, GSE |
| GPS/Cellular IoT | 3 to 5 m | Global | $30 to $100 | Engine and component shipments |
| UWB | <30 cm | 10 to 50 m | $5 to $20 | Precision tool tracking in hangars |
| BLE | 1 to 3 m | 10 to 30 m | $2 to $10 | Indoor asset location |
| Blockchain | N/A (data layer) | N/A | Platform subscription | Tamper-proof audit trail |
No single technology covers every compliance requirement. RFID identifies. IoT monitors condition. Blockchain secures provenance. Digital twins generate predictive evidence. The strongest architectures layer them, using each technology where it performs best.
Where Compliance Programs Break Down in Practice
Technology solves the data problem. It does not solve the operational problems that prevent good data from being captured in the first place. These are the failure points I see most often in the field.
The Audit-Eve Mentality
Too many organizations treat compliance as an event: the week before an FAA or EASA inspection becomes a scramble to reconcile records, chase missing documents, and close gaps. That scramble exists because the traceability system doesn’t run continuously. Continuous tracking eliminates pre-audit panic because the audit trail is already intact at any point in time. If your compliance team’s workload spikes 10x before an inspection, your tracking system has a design problem.
Connectivity Dead Zones
Metallic hangars, underground storage, and remote apron positions create RF dead zones where BLE and cellular signals degrade or vanish. If tracking goes blind every time an asset enters the maintenance bay, you’ve built the exact gap auditors look for. The only reliable approach is mixed-technology deployment: RFID readers at choke points, UWB inside hangars, cellular IoT outside. Single-technology tracking leaves single-technology blind spots.
Consumable Parts Vulnerability
Consumable parts requiring only a Certificate of Conformity are far easier to forge than parts requiring an EASA Form 1 or FAA 8130-3. They’re lower value individually but used in enormous volume. A counterfeit O-ring or fastener won’t show up in tracking systems designed only for serialized rotables. Extending digital traceability to batch-level consumables is a gap that most legacy platforms don’t address, and it’s the gap that both AOG Technics and the sanctions circumvention exploited.
Human Resistance
MRO technicians and ground crews sometimes view continuous asset tracking as surveillance. When teams feel monitored rather than supported, data quality drops because workarounds appear. The most successful implementations I’ve seen frame tracking as protection: when a component fails and the investigation starts, the tracking data proves the technician followed correct procedure. The FAA’s own compliance philosophy supports this approach, prioritizing corrective actions over punishment when individuals engage transparently with safety systems.
Compliance as Revenue Protection: The Numbers
Framing compliance spend as “cost of compliance” is a category error. It’s revenue protection. Here’s why.
The FAA documented 166 accidents or serious mishaps caused by uncertified parts between 1973 and 1993, including the 1989 Convair 580 crash attributed to counterfeit bolts. In July 2024, a Sukhoi crash in Moscow was linked to unapproved components. The human cost of traceability failure is irreversible. The financial cost compounds from there.
On the operational side:
- Unplanned downtime costs the global aviation industry an estimated $50 billion annually.
- 30% of FAA audit failures trace back to poor documentation, not poor maintenance work.
- 46% of MRO teams report losing 1 to 3 hours per shift searching for parts and tools.
- Predictive maintenance (enabled by digital twins and IoT) reduces maintenance costs by 20% to 50%.
- Organizations using automated tracking report up to 60% reduction in compliance reporting time.
Lessors face a parallel incentive. With lessors controlling 50% of the global commercial fleet and narrowbody lease rates up 27% to 35% since 2021, trace documentation directly affects what an aircraft is worth at lease return. Incomplete records don’t just trigger contractual penalties. They depress the asset’s market value for every subsequent transaction. For a lessor managing hundreds of aircraft, the aggregate impact of poor traceability runs into tens of millions.
The math stays simple at every scale: a single grounded engine costs more than a fleet-wide tracking deployment. And a compliance system that runs every day is far cheaper to maintain than one you rebuild before each inspection.
If your parts tracking loses visibility between the MRO shop and the wing, or your pre-audit prep still involves chasing paper, that’s the gap integrated asset tracking closes. At Datanet, we deploy DO-160 certified tracking hardware and build end-to-end visibility for airlines, MROs, and freight operators. If this is the problem you’re solving, reach out to our team or explore our aviation tracking solutions.
Frequently Asked Questions
What is an ATA Spec 2000 birth record?
A standardized data set encoded on an RFID tag at the point of manufacture. It captures part number, serial number, manufacturer, and manufacturing date. This record provides the first link in the traceability chain required by FAA AC 20-62E and EASA Part 145. Without it, a part cannot be verified as airworthy or legally installed on an aircraft.
Are parts distributors regulated the same as manufacturers and MROs?
No. The AOG Technics case showed that distributors are not subject to the same regulatory controls as manufacturers and maintenance organizations. This gap drives the current push for digital provenance systems that verify parts independently of the distributor’s certification status.
What happens when traceability documentation is missing?
The part is treated as suspect. EASA’s Suspected Unapproved Parts program requires reporting and investigation. In practice, one missing document can ground an aircraft, even a brand-new one. Gaps can halt operations, delay maintenance, and result in regulatory fines.
Does blockchain replace RFID for aviation compliance?
No. They solve different problems. RFID handles physical identification: what is this part, where is it. Blockchain guarantees data integrity: has this record been altered. The strongest compliance architectures use RFID to capture data at the physical layer and blockchain to secure it at the data layer, with IoT sensors bridging the two through condition monitoring.
What FAA Part 145 changes took effect in 2025?
Starting July 1, 2025, all Part 145 repair stations began operating under updated requirements for documentation, part marking, and digital record-keeping. Additional rules apply to aircraft manufactured after August 25, 2025. These updates make robust digital traceability effectively mandatory for any MRO that wants to maintain its certificate without disruption.
How does compliance tracking connect to ESG reporting?
Traceability data extends component lifecycles by enabling timely, condition-based maintenance and proper reuse, reducing premature replacements and material waste. As airlines face rising pressure on sustainability targets, the asset lifecycle data collected for regulatory compliance also supports ESG metrics. One data set, two reporting obligations.
+1 508 292 2210
