European regulation · Reference table

EU Non-Compliance Fines

Verified comparative table with amounts, turnover percentages, and penalties articles of the main European regulations for manufacturers, importers, and distributors.

📅 Reviewed: May 2026 📄 Source: EUR-Lex (consolidated versions)

EU-harmonized fines

These regulations set maximum fine amounts directly applicable in all Member States. The higher amount between the fixed figure and the turnover percentage always applies.

Regulation Type of infringement Article Maximum fine % Turnover SME example €5M Status
CRA
Reg. (UE) 2024/2847
 Non-compliance with essential cybersecurity requirements (Annex I) and manufacturer obligations (Arts. 13, 14) Art. 64(2) 15.000.000 € 2,5 % 125.000 € Applies 12/11/2027
CRA
Reg. (UE) 2024/2847
 Non-compliance with obligations of importers, distributors, EU declaration of conformity, CE marking, and notified bodies (Arts. 18–23, 28, 30–33, 39, 41, 47, 49, 53) Art. 64(3) 10.000.000 € 2 % 100.000 € Applies 12/11/2027
CRA
Reg. (UE) 2024/2847
 Supply of incorrect, incomplete, or misleading information to notified bodies or market surveillance authorities Art. 64(4) 5.000.000 € 1 % 50.000 € Applies 12/11/2027
AI Act
Reg. (UE) 2024/1689
 Prohibited AI practices (Art. 5): subliminal manipulation, exploitation of vulnerabilities, social scoring, unauthorized remote biometric identification Art. 99(3) 35.000.000 € 7 % 350.000 € Partially in force
AI Act
Reg. (UE) 2024/1689
 Non-compliance with obligations of providers, importers, distributors, deployers, and notified bodies (Arts. 16, 22–26, 31, 33–34, 50) Art. 99(4) 15.000.000 € 3 % 150.000 € Partially in force
AI Act
Reg. (UE) 2024/1689
 Supply of incorrect, incomplete, or misleading information to notified bodies or national competent authorities Art. 99(5) 7.500.000 € 1 % 50.000 € Partially in force
EUDR
Reg. (UE) 2023/1115
 Non-compliance with due diligence obligations, marketing or export of products associated with deforestation Art. 25 Proportional to environmental damage Max. 4% EU turnover 200.000 € Applies 12/30/2025
Data Act
Reg. (UE) 2023/2854
 Infringements affecting personal data (Chapters II, III, and V): data protection authorities can impose fines pursuant to the GDPR Art. 40(4) 20.000.000 € 4% (via GDPR Art. 83(5)) 200.000 € In force 9/12/2025
SME rule in the AI Act (Art. 99(6)): For SMEs and startups, the applicable fine is the lower amount between the fixed figure and the turnover percentage, not the higher one. This significantly reduces exposure for small businesses. Under the CRA, micro and small enterprises are exempt from fines for non-compliance with vulnerability notification deadlines (Art. 64(10)(a)).
Important: AI Act percentages are calculated on total global turnover of the previous fiscal year. The EUDR calculates on EU-level turnover. In all other regulations, the higher figure between the fixed amount and the percentage applies.

Fines defined by each Member State

These regulations require penalties to be "effective, proportionate, and dissuasive" but delegate the setting of specific amounts to each Member State. There is no harmonized amount at EU level.

Regulation Scope Penalties article EU harmonized amount Penalties regime Spain transposition (BOE)
GPSR
Reg. (UE) 2023/988
 General consumer product safety Art. 44 No fixed amount Defined by each Member State — no EU harmonized amount Pending specific regulatory development
Data Act
Reg. (UE) 2023/2854
 Data access and use (general infringements without personal data) Art. 40 No fixed amount Defined by each Member State — no EU harmonized amount Pending competent authority designation
EAA
Dir. (UE) 2019/882
 Accessibility requirements for products and services Art. 30 No fixed amount Defined by each Member State — no EU harmonized amount Real Decreto-ley 1/2025 (BOE 8/1/2025)
Pay Transparency
Dir. (UE) 2023/970
 Pay transparency and equal pay between men and women Art. 23 No fixed amount Defined by each Member State — no EU harmonized amount Transposition deadline: June 7, 2026
RED
Dir. 2014/53/UE
 Radio equipment Art. 45 No fixed amount Defined by each Member State — no EU harmonized amount RD 188/2016 (BOE 6/5/2016)
RoHS
Dir. 2011/65/UE
 Restriction of hazardous substances in electrical and electronic equipment Art. 19 No fixed amount Defined by each Member State — no EU harmonized amount RD 219/2013 (BOE 19/4/2013)
Toy Safety
Reg. (UE) 2025/2509
 Toy safety (replaces Dir. 2009/48/EC) Art. 48 No fixed amount Defined by each Member State — no EU harmonized amount Directly applicable from 8/1/2030
Why is there no fixed amount? Directives (EAA, Pay Transparency, RED, RoHS) require national transposition, and each Member State sets its own penalty amounts. Regulations that delegate penalties (GPSR, Data Act general, Toy Safety) also require Member States to establish "effective, proportionate, and dissuasive" national penalty rules. Consulting each country's national legislation is essential to know the specific amounts.

How fines are calculated

In regulations with EU-harmonized amounts, the competent authority always applies the higher figure between the fixed amount and the turnover percentage. Here is a practical example for an SME with €5,000,000 in annual global turnover.

Example: SME manufacturer — CRA non-compliance (Art. 64(2))

Annual global turnover 5.000.000 €
Option A: Maximum fixed amount 15.000.000 €
Option B: 2.5% of turnover 125.000 €
The higher applies → €15,000,000 (theoretical maximum)

Example: SME manufacturer — prohibited AI practices (AI Act Art. 99(3))

Annual global turnover 5.000.000 €
Option A: Maximum fixed amount 35.000.000 €
Option B: 7% of turnover 350.000 €
SME rule (Art. 99(6)): the lower applies → €350,000 (SME protection)
Key difference CRA vs AI Act for SMEs: Under the CRA, the higher figure always applies (even for SMEs). Under the AI Act, Art. 99(6) expressly states that for SMEs and startups, the lower figure between the fixed amount and the percentage applies. This makes the AI Act a comparatively more protective regime for SMEs, despite having higher nominal thresholds.

Beyond the fine

Financial penalties are only part of the sanctions regime. These regulations provide for additional measures that can have an operational and reputational impact even greater than the fine itself.

Market withdrawal

Surveillance authorities can order the immediate withdrawal of non-compliant products from the EU market, prohibit their marketing, or restrict their availability.

CRA Art. 58 · AI Act Art. 16(i) · GPSR Art. 42 · EUDR Art. 24

Product recall

The manufacturer may be required to recall products already sold to end users, bear the costs of the operation, and offer the consumer repair, replacement, or refund.

CRA Art. 64(9) · GPSR Arts. 35–37 · Toy Safety Reg. Art. 46

Public procurement exclusion

Penalized companies may be temporarily excluded from public procurement procedures and from access to EU public funding.

EUDR Art. 25(2)(c) · Dir. 2014/24/UE Art. 57

Publication of the penalty

The identity of the infringing company, the nature of the infringement, and the penalty imposed may be published in public registries and platforms such as Safety Gate, with the resulting reputational damage.

EUDR Art. 25(2)(e) · GPSR Art. 26 · Safety Gate (ec.europa.eu)
Accumulation of penalties: Administrative fines can be combined with corrective measures (withdrawal, recall) and, in some Member States, with criminal penalties. In the area of the EUDR, the Commission has announced its intention to introduce harmonized criminal penalties. Under the CRA (Art. 64(9)), fines can be accumulated with withdrawal orders and mandatory corrective measures.

Official sources

REG
CRA — Reg. (UE) 2024/2847
eur-lex.europa.eu/eli/reg/2024/2847/oj
REG
AI Act — Reg. (UE) 2024/1689
eur-lex.europa.eu/eli/reg/2024/1689/oj
REG
EUDR — Reg. (UE) 2023/1115
eur-lex.europa.eu/eli/reg/2023/1115/oj
REG
Data Act — Reg. (UE) 2023/2854
eur-lex.europa.eu/eli/reg/2023/2854/oj
REG
GPSR — Reg. (UE) 2023/988
eur-lex.europa.eu/eli/reg/2023/988/oj
DIR
EAA — Dir. (UE) 2019/882
eur-lex.europa.eu/eli/dir/2019/882/oj
DIR
Pay Transparency — Dir. (UE) 2023/970
eur-lex.europa.eu/eli/dir/2023/970/oj
DIR
RED — Dir. 2014/53/UE
eur-lex.europa.eu/eli/dir/2014/53/oj
DIR
RoHS — Dir. 2011/65/UE
eur-lex.europa.eu/eli/dir/2011/65/oj
REG
Toy Safety — Reg. (UE) 2025/2509
eur-lex.europa.eu/eli/reg/2025/2509/oj
Version 1.0 — Reviewed May 2026. Our analysts periodically verify this information against EUR-Lex.
This page is for informational purposes only and does not constitute legal advice. Always consult the official text published in EUR-Lex and a qualified professional before making decisions based on this information.