You are an EU importer. Your Chinese, Indian or Turkish supplier has CE marking for EMC and safety — but not for cybersecurity. From 1 August 2025, Delegated Regulation (EU) 2022/30 requires cybersecurity documentation under Art. 3(3)(d) and (e). Art. 12(2) requires YOU to verify the documentation exists before placing the product on the market. Art. 12(1): importers shall place only compliant radio equipment on the market. If your supplier cannot provide the documentation, YOU bear the liability. REDCheck generates the 5 PDF documents for each product model. Send your supplier the link: 30 minutes, €99 per product, 100% in their browser.
€99 one-time payment · 5 PDF documents in ZIP · 30 minutes · 100% in your browser
Directive 2014/53/EU assigns specific obligations to importers. The cybersecurity requirements of Art. 3(3)(d) and (e) — activated by Delegated Regulation (EU) 2022/30 — make these obligations concrete and urgent.
The documentation obligation is the manufacturer's (Art. 10). But if your supplier cannot produce it, your products are blocked. REDCheck is a tool you can send to your supplier.
CE marking applied BEFORE 1 August 2025 covers EMC (Art. 3(1)(b)) and safety (Art. 3(1)(a)). It does NOT cover the cybersecurity requirements of Art. 3(3)(d) and (e) activated by Delegated Regulation (EU) 2022/30. You must verify that the technical documentation now INCLUDES cybersecurity (Art. 12(2)).
Art. 12(1) is unambiguous: importers shall place ONLY compliant radio equipment on the market. Art. 12(2) requires you to verify documentation BEFORE placing the product. If you place non-compliant equipment, Art. 12(7) requires you to take corrective action — withdraw, recall, inform authorities. The obligation to produce the documentation is the manufacturer's. The obligation to verify it is YOURS.
Market surveillance authorities can act from 1 August 2025. Art. 40(1) of Directive 2014/53/EU empowers authorities to require withdrawal, prohibit sale or order recall. Art. 43 addresses formal non-compliance — including missing technical documentation (Art. 43(1)(f)). Amazon and EU marketplaces can suspend listings independently of authority action.
5 PDF documents generated from the manufacturer's product data. Each cites the exact article of Directive 2014/53/EU that it covers.
Art. 1, Del. Reg. (EU) 2022/30 + Art. 3(3), Dir. 2014/53/EU.
Art. 21 + Annex V. Requirement-by-requirement documentation.
Arts. 3(3)(d) and (e). Structured risk table.
Art. 18 + Annex VI.
Art. 10(9) + Annex VII.
Look before you buy — Download sample dossier (PDF, fictitious product) — Real structure, real articles, real format. Fictitious data.
The manufacturer generates the documents. You verify and file them. Art. 12(8): retain for 10 years.
5 PDF documents. 30 min. €99 per product. The documentation that Art. 21 requires BEFORE your product can bear CE marking.
If you fully apply EN 18031, you can self-declare via Module A (Annex II) without a Notified Body. If you partially apply or don't apply the harmonised standards, Art. 17(4) requires third-party involvement. REDCheck does not replace a Notified Body — it generates the documentation that is a prerequisite for any conformity route.
As importer, your role is to VERIFY Layer 1 documentation exists. The manufacturer produces it.
Art. 46 of Directive 2014/53/EU requires Member States to establish penalties. As importer, YOU are liable — not just the manufacturer.
Art. 40(4): market surveillance authorities can prohibit sale, require withdrawal or order recall. Art. 12(7): the importer must take corrective action on all affected products throughout the EU.
Administrative fines under §19. Up to 1 year of imprisonment for serious offences under §20. The importer — not the manufacturer — faces German enforcement.
Art. 43(1)(f): if technical documentation is not available or not complete, the Member State shall require the economic operator to put an end to the non-compliance. Incomplete documentation = non-compliance.
| Option | Cost | What your supplier gets |
|---|---|---|
| Notified Body / lab in China | €5,000–10,000 per model | 3–6 months. Full third-party assessment. |
| EU-based cybersecurity consultancy | €5,000–15,000 per model | Custom report. Weeks of wait. |
| Supplier assembles documentation | €0 (their time) | EN 18031 has 600+ pages. No guidance. |
| REDCheck — send them the link | €99 | 5 documents, 30 min, per model |
If your suppliers document 10 or more product models, we offer the Professional Pack: €999 for 70 generations with a single license key. You can purchase the Pack and distribute the license key to your suppliers.
Request volume pricingREDCheck generates a document structured under Art. 21 and Annex V of Directive 2014/53/EU based on the information you enter. The truthfulness, accuracy and completeness of that information is your responsibility as manufacturer of the radio equipment.
We guarantee that the document structure follows Art. 21 and Annex V of Directive 2014/53/EU and that the legal references cited are correct as of the latest verification date. We do not guarantee that a specific document will be accepted by a market surveillance authority in a specific case, nor by a commercial buyer in a procurement process.
REDCheck is not legal advice. For specific situations, consult a lawyer or specialised regulatory consultancy.
Five PDF documents per model. Art. 21 and Annex V fully structured. Directive 2014/53/EU. Data stays in the manufacturer's browser. You verify and file.