Vietnam's electronics export sector has grown rapidly. If you manufacture IP cameras, smart plugs, LED controllers, routers, or any connected device under your brand and sell it into the EU, you are the manufacturer under the CRA. Article 13 assigns you the full set of obligations: cybersecurity risk assessment, technical documentation per Annex VII, EU Declaration of Conformity, vulnerability reporting to ENISA. Your EU importer must verify this documentation exists under Article 19 before placing your product on the market. Without it, your products stop at the border. CRACheck generates the 8-document dossier in 15–25 minutes. €149 per product. 100% browser-side — no data leaves your device.
€149 one-time · 8-document ZIP · 15–25 minutes · Browser-side
You enter your product data. CRACheck structures the documentation per Article 31 + Annex VII.
Article 2(1) of Regulation (EU) 2024/2847 applies to products with digital elements made available on the EU market. The regulation does not distinguish by manufacturer location. If your product reaches an EU consumer or business, the CRA applies to you as the manufacturer under Article 3(13), regardless of your company being registered in Vietnam.
Marketplaces are not the manufacturer. Under the CRA, the manufacturer (Article 3(13)) is the entity that develops or manufactures the product and markets it under its name. If the product carries your brand, you are the manufacturer. The marketplace may have separate obligations as an online platform, but your documentation obligations under Article 13 and Article 31 remain yours.
Article 19 assigns the importer a verification role — they must ensure that the manufacturer has carried out the conformity assessment and prepared technical documentation. Importers verify; they do not produce documentation on your behalf. If they cannot verify your documentation, they are prohibited from placing your product on the market under Article 19(3).
8 PDF documents generated from your data. Each cites the specific article of Regulation (EU) 2024/2847 it complies with.
Classifies your device against Annex III. IP cameras and smart home security devices are Class I (item 17). Routers and modems are Class I (item 12). Smart plugs without security functions may be Default. Classification determines your conformity assessment path.
Art. 31 + Annex VII dossier: product design, firmware architecture, connectivity, security measures, manufacturing quality controls. Structured for importer verification.
Annex I Part I cybersecurity risk analysis: remote access vulnerabilities, default credential exploitation, firmware update integrity, data privacy risks, physical tampering.
Annex II consumer documentation: initial setup guide, password change instructions, firmware update procedure, factory reset, support contact, end-of-support date.
Art. 28 + Annex V. Your EU importer needs this document as proof of your conformity assessment.
Coordinated vulnerability disclosure: contact channel for security researchers, response timelines, patch distribution plan.
Art. 14 ENISA notification: 24h early warning, 72h notification, 14-day final report for actively exploited vulnerabilities.
Art. 14 reporting from 11 September 2026, full enforcement 11 December 2027, product support period milestones.
Mira antes de comprar — Descargar dossier de muestra (PDF, empresa ficticia) — Estructura real, artículos reales, formato real. Datos ficticios.
Generated from your data, in your browser. No data leaves your device.
CRACheck generates the Art. 31 + Annex VII dossier that your EU importer needs to verify under Article 19. It classifies your product, maps your security features to Annex I, and produces 8 PDFs that form the CRA layer of your export documentation. Without this, your importer cannot legally place your product on the EU market.
CRACheck does not implement firmware encryption, build secure update channels, or redesign your product's authentication system. If your product does not yet meet Annex I essential cybersecurity requirements, engineering changes are needed before the documentation can accurately reflect compliance.
If your products already ship with reasonable security features, Layer 1 is a documentation exercise you can complete today. If they do not, the engineering roadmap and the documentation should proceed in parallel — December 2027 is a hard deadline.
Article 64 of Regulation (EU) 2024/2847.
Annex I + Art. 13/14.
Art. 28, 31, 32.
Misleading information.
| Criterion | International Consultant | Local Vietnamese Firm | DIY from Regulation Text | CRACheck |
|---|---|---|---|---|
| Time per product | 6–12 weeks | Limited CRA expertise | 4–8 weeks (if you read 81 pages) | 15–25 minutes |
| Cost | $10,000–$20,000 | Variable | Internal staff cost | €149 |
| Annex III classification | Depends on consultant | Unlikely to know CRA | Risk of misclassification | Built-in classification logic |
| Data privacy | Shared externally | Shared locally | Internal | 100% browser-side |
Vietnamese electronics manufacturers often export a wide range of connected products. Each product with distinct firmware and connectivity requires its own CRA dossier. Volume pricing: €99/product (pack 10), €79/product (pack 30).
Request Volume PricingCRACheck generates a structured document aligned with Article 31 and Annex VII of Regulation (EU) 2024/2847 based on your product data. The accuracy of the information is your responsibility as manufacturer.
We guarantee the document structure follows Art. 31 + Annex VII and that legal references are correct. We do not guarantee acceptance by a market surveillance authority or importer in a specific case.
CRACheck is not legal advice. For questions about EU market access strategy, authorised representative appointment under Article 18, or importer coordination, consult a regulatory attorney.
Eight documents. Article 31 + Annex VII fully structured. Regulation (EU) 2024/2847. Your data stays on your device. The ZIP you download is yours forever.