Directive 2014/53/EU · Del. Reg. 2022/30Generate my documentation — €99
ACTIVE — Enforcement tracker · Deadline dashboard · Transposition status — Updated weekly from EUR-Lex, Safety Gate, OEIL & 12 official sourcesView regulatory intelligence →

You use Amazon FBA to sell electronics in the EU. FBA ships your products — but cybersecurity compliance is still your responsibility. From 1 August 2025, CE marking requires cybersecurity documentation.

Amazon FBA stores, packs and ships your products. It does not ensure regulatory compliance. If you sell smart plugs, earbuds, cameras or any WiFi/Bluetooth product under your brand via FBA in the EU, you are the manufacturer under Art. 14 of Directive 2014/53/EU. CE marking now requires cybersecurity documentation under Delegated Regulation (EU) 2022/30 — separate from the EMC and safety certifications your factory provided. Amazon's compliance team can suspend your FBA inventory without notice. A consultancy quotes €5,000–15,000 per product. REDCheck generates the 5 PDF documents in 30 minutes. €99 per product. Your data never leaves your browser.

Generate my RED documentation — €99Free: does my product need RED cybersecurity documentation?

€99 one-time payment · 5 PDF documents in ZIP · 30 minutes · 100% in your browser

Directive 2014/53/EU · Art. 3(3)(d)(e)(f) · Art. 21 + Annex V · Art. 18 + Annex VI · Art. 10(9) + Annex VII · Delegated Reg. (EU) 2022/30 · EN 18031-1, -2, -3

Amazon FBA and EU cybersecurity: the numbers

FBA simplifies logistics. It does not simplify compliance. Every WiFi and Bluetooth product in Amazon's EU fulfilment centres must meet the cybersecurity requirements of Art. 3(3)(d) and (e) from 1 August 2025.

1 Aug 2025
Cybersecurity requirements mandatory — FBA inventory without documentation can be suspended
Art. 14
Selling under your brand via FBA = you are the manufacturer under Directive 2014/53/EU
€99
Per product model. REDCheck vs €5,000–15,000 at a consultancy

What REDCheck does with your product data

You enter your product specifications. REDCheck structures the cybersecurity documentation requirement by requirement, following the EN 18031 categories.

1
Company details
Legal name, role under Directive 2014/53/EU. If you sell under your own brand, you are the manufacturer under Art. 14. Country of establishment, EU contact.
2
Product classification
Determines which essential requirements apply: Art. 3(3)(d) (network protection) for all internet-connected equipment. Art. 3(3)(e) (personal data) if your product processes personal data via its companion app.
3
Cybersecurity assessment
Requirement-by-requirement review mapped to EN 18031-1 (network) and EN 18031-2 (personal data) categories: access control, authentication, secure communications, software updates, vulnerability management.
4
Risk assessment
Assessment of implementation status for each applicable requirement of Arts. 3(3)(d) and (e). Maps your answers to a structured risk table.
5
EU Declaration of Conformity
Formal declaration under Art. 18 and Annex VI. Signed by the manufacturer. This is the document marketplaces require to reinstate your listing.
6
Download ZIP
5 PDF documents generated in your browser. Upload to your marketplace compliance portal. Retain for 10 years (Art. 10(4)).

Three mistakes FBA sellers make about RED cybersecurity

COMMON ERROR

"Amazon FBA handles compliance — that's what I pay them for"

Amazon FBA is a fulfilment service (storage, shipping, returns). Amazon's FBA agreement explicitly states that compliance with applicable laws and regulations is the seller's responsibility. Amazon does not verify, test or certify products on your behalf. When Amazon's compliance team requests documentation, it is because YOU must provide it — not because Amazon failed to do it for you.

COMMON ERROR

"My products are already in Amazon's warehouse — they must be compliant"

Amazon's fulfilment centres accept products based on packaging and shipping standards, not regulatory compliance. The presence of your product in an FBA warehouse does not constitute compliance with Directive 2014/53/EU. Market surveillance authorities can order Amazon to remove non-compliant products, and Amazon will remove them from your inventory without compensation.

COMMON ERROR

"I'll just switch to FBM (Fulfilled by Merchant) to avoid compliance"

The cybersecurity documentation obligation comes from Directive 2014/53/EU, not from Amazon's fulfilment model. FBA or FBM, the moment you make radio equipment available on the EU market, the Directive applies. Switching fulfilment methods does not change your regulatory obligations.

What's in the ZIP

5 PDF documents generated from your product data. Each cites the exact article of Directive 2014/53/EU that it covers.

1

Product Classification

Art. 1, Del. Reg. (EU) 2022/30 + Art. 3(3), Dir. 2014/53/EU.

2

Cybersecurity Technical Documentation

Art. 21 + Annex V. Requirement-by-requirement documentation.

3

Risk Assessment

Arts. 3(3)(d) and (e). Structured risk table.

4

EU Declaration of Conformity

Art. 18 + Annex VI.

5

Simplified Declaration + Label

Art. 10(9) + Annex VII.

Look before you buy — Download sample dossier (PDF, fictitious product) — Real structure, real articles, real format. Fictitious data.

Generated from your data, in your browser. No product data leaves your computer.

What you pay

🧾 CONSULTANCY / COMPLIANCE SERVICE
€5,000–15,000
Per product. FBA inventory for 6 products at risk = €5,400/month revenue. Documentation cost: €594 total.
✓ REDCHECK
€99
5 documents. 30 minutes per product. 6 products = €594. Upload to Seller Central today.

Technical documentation and third-party testing: two layers

● LAYER 1

Cybersecurity technical documentation (Annex V)

5 PDF documents. 30 min. €99 per product. The documentation that Art. 21 requires BEFORE your product can bear CE marking. This is what Amazon is asking for.

∅ LAYER 2

Conformity assessment by a Notified Body

If you fully apply EN 18031, you can self-declare via Module A (Annex II) without a Notified Body. If you partially apply or don't apply the harmonised standards, Art. 17(4) requires third-party involvement. REDCheck does not replace a Notified Body — it generates the documentation that is a prerequisite for any conformity route.

We do not sell testing. We do not sell consulting. We sell the tool that structures your cybersecurity documentation under Art. 21 and Annex V.

What happens without cybersecurity documentation

Art. 46 of Directive 2014/53/EU requires Member States to establish penalties that are effective, proportionate and dissuasive.

🛒
Amazon FBA inventory suspension
Immediate revenue loss

Amazon requires conformity documentation. Without it, your FBA inventory is suspended. No shipments, no sales.

📦
FBA inventory disposal
Cost + revenue loss

If Amazon removes non-compliant FBA inventory, you may be charged disposal fees. Stock that cannot be returned must be destroyed at your expense. Combined with lost sales, the cost of non-compliance far exceeds €99 per product.

🇩🇪
Germany — Produktsicherheitsgesetz
€3,000–€30,000

Administrative fines under §19. Up to 1 year of imprisonment for serious offences under §20.

Alternatives

AlternativeCostWhat you get
Consultancy / compliance service€5,000–15,000 per model3–6 months. Your listings stay suspended.
Ask the factory for documentation€0 (your time)The factory made the hardware. Under Art. 14, YOU are the manufacturer. The factory cannot sign your EU declaration of conformity.
Assemble documentation yourself€0 (your time)EN 18031 has 600+ pages across 3 parts. No guidance.
REDCheck€995 documents, 30 min, per product

Selling more than one product via FBA in the EU?

If you document 10 or more product models, write to us for the Professional Pack: €999 for 70 generations with a single license key.

Request volume pricing
Reply within one business day.

What REDCheck guarantees and what it does not

REDCheck generates a document structured under Art. 21 and Annex V of Directive 2014/53/EU based on the information you enter. The truthfulness, accuracy and completeness of that information is your responsibility as manufacturer of the radio equipment.

We guarantee that the document structure follows Art. 21 and Annex V of Directive 2014/53/EU and that the legal references cited are correct as of the latest verification date. We do not guarantee that a specific document will be accepted by a market surveillance authority in a specific case, nor by a commercial buyer in a procurement process.

REDCheck is not legal advice. For specific situations, consult a lawyer or specialised regulatory consultancy.

Frequently asked questions — Amazon FBA cybersecurity compliance

Does Amazon check cybersecurity documentation before accepting FBA shipments?
No. Amazon's FBA inbound process checks packaging, labelling and shipping standards — not regulatory compliance. Compliance checks happen separately through Amazon's product compliance team, often triggered by market surveillance alerts, customer complaints or automated scanning of product categories. By the time you receive a compliance request, the deadline is already running.
I'm based outside the EU. Does FBA placement in a European warehouse make ME responsible?
If you sell under your own brand: yes. Art. 14 applies regardless of where you are established. If your products are in Amazon's EU fulfilment centres and listed under your brand, you are the manufacturer. If you do not have an EU presence, you also need an EU Responsible Person under Art. 10(7) of the GPSR, but that is a separate requirement.
I sell under my own brand but the factory makes everything. Am I really the 'manufacturer'?
Yes. Art. 14 of Directive 2014/53/EU states: an importer or distributor who places radio equipment on the market under his own name or trade mark is considered a manufacturer and is subject to the obligations of Art. 10.
What happens when the CRA replaces the RED cybersecurity requirements?
Delegated Regulation (EU) 2022/30 will be repealed with effect from 11 December 2027, when the Cyber Resilience Act — Regulation (EU) 2024/2847 — enters full application. REDCheck covers the window from 1 August 2025 to 11 December 2027. For CRA documentation from that date, SolidwareTools offers CRACheck.
Is it a subscription?
No. One-time payment. Each license includes a 30-day editing window and up to 10 regenerations. The 5 PDF documents you download are yours permanently.
Can I request a refund?
Under Art. 16(m) of Directive (EU) 2011/83 on consumer rights, by activating the license you give express consent to the immediate generation of the digital content, waiving the 14-day right of withdrawal. Refunds are accepted only for reproducible technical failures reported to hello@solidwaretools.com within 14 days of purchase.
What if the regulation changes?
If Directive 2014/53/EU, Delegated Regulation (EU) 2022/30 or the EN 18031 standards change during your license validity period, you can regenerate the documents with the updated version of the generator at no additional cost.

Official legal sources

⚠️ Important notice: REDCheck is a documentary self-assessment tool, not legal advice or a third-party audit. The document is generated from the data you enter. The accuracy of the data is your responsibility under Art. 10(1) of Directive 2014/53/EU. REDCheck does not replace a conformity assessment by a Notified Body where required under Art. 17(4) of the Directive.

FBA ships your products. You ship your compliance. Generate the cybersecurity documentation in 30 minutes.

Five PDF documents. Art. 21 and Annex V fully structured. Directive 2014/53/EU. Your product data never leaves your computer. The ZIP you download is yours permanently.

€99 per product
One-time payment · No subscription · 30 minutes · 10 regenerations · 30-day editing window · Professional Pack: €999
Generate my RED documentation — €99

Related landings

🛒 Amazon

Amazon EU listing suspended — cybersecurity documentation required
🏷 Private label

Private label seller: you are the EU manufacturer under Art. 14
🛒 eBay

eBay Europe seller: cybersecurity compliance for radio equipment
✓ Last regulatory check: 6 May 2026 · No substantive changes detected · View history