Directive 2014/53/EU · Del. Reg. 2022/30Generate my documentation — €99
ACTIVE — Enforcement tracker · Deadline dashboard · Transposition status — Updated weekly from EUR-Lex, Safety Gate, OEIL & 12 official sourcesView regulatory intelligence →

You’re a US company selling WiFi or Bluetooth products in Europe. From 1 August 2025, you need cybersecurity documentation under Directive 2014/53/EU — and your FCC certification does not cover it.

Your EU importer, your Amazon Seller Central account, or your European distributor is asking for cybersecurity documentation under the Radio Equipment Directive. You have FCC. You assumed that was enough. It is not. FCC covers radio frequency emissions for the US market. The EU requires SEPARATE cybersecurity documentation under Arts. 3(3)(d) and (e), activated by Delegated Regulation (EU) 2022/30. A European lab quotes $5,500–$11,000 per product model and 3–6 months. REDCheck generates the 5 PDF documents that cover your obligations under Art. 21 and Annex V for each model. 30 minutes. €99 per product (~$108). 100% in your browser — your product data never leaves your computer.

Generate my RED documentation — €99Free: does my product need RED cybersecurity documentation?

€99 one-time payment · 5 PDF documents in ZIP · 30 minutes · 100% in your browser

Directive 2014/53/EU · Art. 3(3)(d)(e)(f) · Art. 21 + Annex V · Art. 18 + Annex VI · Art. 10(9) + Annex VII · Delegated Reg. (EU) 2022/30 · EN 18031-1, -2, -3

RED cybersecurity documentation for US companies: the numbers

Delegated Regulation (EU) 2022/30 activated the cybersecurity requirements of Art. 3(3)(d) and (e) for all internet-connected radio equipment. FCC Part 15 does not address these requirements.

1 Aug 2025
Application date — cybersecurity requirements are now mandatory for the EU market
5 documents
Product classification, technical documentation, risk assessment, EU declaration of conformity, simplified declaration + label
$5,500–$11,000
Typical cost at a European lab per product model. REDCheck: €99 (~$108)

What REDCheck does with your product data

You enter your product specifications. REDCheck structures the cybersecurity documentation requirement by requirement, following the EN 18031 categories.

1
Company details
Legal name, role under Directive 2014/53/EU, country, EU contact.
2
Product classification
Determines applicable requirements: Art. 3(3)(d), (e) and/or (f).
3
Cybersecurity assessment
EN 18031 categories: access control, authentication, secure comms, updates, vulnerability management.
4
Risk assessment
Structured risk table per applicable requirement.
5
EU Declaration of Conformity
Art. 18 + Annex VI. Basis for CE marking.
6
Download ZIP
5 PDFs. Add to technical file. Retain 10 years (Art. 10(4)).

Three mistakes US companies make about EU cybersecurity requirements

COMMON MISTAKE

"We have FCC — we’re covered"

FCC Part 15 regulates radio frequency emissions. It does not address cybersecurity. The EU cybersecurity requirements under Art. 3(3)(d) and (e) are completely separate obligations activated by Delegated Regulation (EU) 2022/30 from 1 August 2025.

COMMON MISTAKE

"Our EU distributor handles compliance — not us"

If you place your brand name on the product, you are the manufacturer under Art. 10 regardless of where you are incorporated. Art. 10(1) and 10(3) require YOU to draw up technical documentation. Your importer (Art. 12) must verify — but cannot do it for you.

COMMON MISTAKE

"We already have CE marking, so we comply"

Your existing CE marking covers EMC (Art. 3(1)(b)) and safety (Art. 3(1)(a)). The cybersecurity requirements of Art. 3(3)(d) and (e) are NEW obligations activated by Delegated Regulation (EU) 2022/30. Your current CE marking does not cover them.

What's in the ZIP

5 PDF documents per product model. Each cites the exact article of Directive 2014/53/EU that it covers.

1

Product Classification

Art. 1, Del. Reg. (EU) 2022/30 + Art. 3(3), Dir. 2014/53/EU.

2

Cybersecurity Technical Documentation

Art. 21 + Annex V.

3

Risk Assessment

Arts. 3(3)(d) and (e).

4

EU Declaration of Conformity

Art. 18 + Annex VI.

5

Simplified Declaration + Label

Art. 10(9) + Annex VII.

Look before you buy — Download sample dossier (PDF, fictitious product)

Generated from your data, in your browser. No product data leaves your computer.

What you pay

🧾 EUROPEAN LAB / CONSULTANCY
$5,500–$11,000
Per product model. 3–6 months. 8 models = $44,000–$88,000.
✓ REDCHECK
€99 (~$108)
5 documents. 30 minutes per model. 8 models = €792 (~$864).

Technical documentation and third-party testing: two layers

● LAYER 1

Cybersecurity technical documentation (Annex V)

5 PDF documents. 30 min. €99. Art. 21 prerequisite for any conformity route.

∅ LAYER 2

Conformity assessment by a Notified Body

If you fully apply EN 18031, self-declare via Module A (Annex II). If not, Art. 17(4) requires third-party involvement.

We do not sell testing. We do not sell consulting. We sell the tool that structures your cybersecurity documentation.

What happens without cybersecurity documentation

Art. 46 of Directive 2014/53/EU requires effective, proportionate and dissuasive penalties.

🇪🇺
Market withdrawal and sales prohibition
Immediate

Arts. 40(1), 40(4) and 43 of Directive 2014/53/EU.

🇩🇪
Germany — Produktsicherheitsgesetz
€3,000–€30,000

Administrative fines under §19. Germany is the largest EU market for US consumer electronics.

🛒
Amazon EU listing removal
Revenue loss

Amazon requires conformity documentation. Without an EU declaration covering Arts. 3(3)(d) and (e), your ASIN may be suspended immediately.

Alternatives

AlternativeCostWhat you get
European lab / consultancy$5,500–$11,000/model3–6 months. Full third-party assessment.
US-based compliance consultant$8,000–$20,000/modelCustom report. May not know EN 18031.
Assemble documentation yourself$0 (your time)EN 18031 has 600+ pages. No guidance.
REDCheck€99 (~$108)5 documents, 30 min, per model

Selling more than one product model in Europe?

Professional Pack: €999 for 70 generations.

Request volume pricing
Reply within one business day.

What REDCheck guarantees and what it does not

REDCheck generates a document structured under Art. 21 and Annex V of Directive 2014/53/EU based on the information you enter. The truthfulness, accuracy and completeness of that information is your responsibility as manufacturer of the radio equipment.

We guarantee that the document structure follows Art. 21 and Annex V of Directive 2014/53/EU and that the legal references cited are correct as of the latest verification date.

REDCheck is not legal advice. For specific situations, consult a lawyer or specialised regulatory consultancy.

Frequently asked questions

I have FCC certification. Do I still need RED cybersecurity documentation for the EU?
Yes. FCC Part 15 regulates radio frequency emissions. The EU cybersecurity requirements under Art. 3(3)(d) and (e) are entirely separate. FCC does not satisfy any part of these requirements.
My company is incorporated in the US. Am I the 'manufacturer' under the Directive?
If you design the product, have it manufactured, and market it under your name, you are the manufacturer under Art. 10 regardless of incorporation country. If you white-label from a Chinese factory, Art. 14 deems you the manufacturer.
Can I use Module A (self-declaration) instead of a Notified Body?
Yes, if you fully apply EN 18031-1 and, where applicable, EN 18031-2. Art. 17(3)(a) allows Module A when harmonised standards are fully applied.
What’s the difference between RED cybersecurity and the Cyber Resilience Act (CRA)?
Delegated Regulation (EU) 2022/30 will be repealed from 11 December 2027 when the CRA enters full application. REDCheck covers 1 August 2025 to 11 December 2027.
Does this apply to Bluetooth-only products?
It depends on whether your Bluetooth product communicates over the internet, directly or via another device. A BLE device that connects to the internet via a phone app qualifies under Art. 1(1).
Is it a subscription?
No. One-time payment. Each license includes a 30-day editing window and up to 10 regenerations. The 5 PDF documents you download are yours permanently.
Can I request a refund?
Under Art. 16(m) of Directive (EU) 2011/83 on consumer rights, by activating the license you give express consent to the immediate generation of the digital content, waiving the 14-day right of withdrawal. Refunds are accepted only for reproducible technical failures reported to hello@solidwaretools.com within 14 days of purchase.
What if the regulation changes?
If Directive 2014/53/EU, Delegated Regulation (EU) 2022/30 or the EN 18031 standards change during your license validity period, you can regenerate the documents with the updated version of the generator at no additional cost.

Official legal sources

⚠️ Important notice: REDCheck is a documentary self-assessment tool, not legal advice or a third-party audit. The document is generated from the data you enter. The accuracy of the data is your responsibility under Art. 10(1) of Directive 2014/53/EU. REDCheck does not replace a conformity assessment by a Notified Body where required under Art. 17(4) of the Directive.

Your EU market access depends on this. Generate the cybersecurity documentation in 30 minutes.

Five PDF documents. Art. 21 and Annex V fully structured. Directive 2014/53/EU. Your product data never leaves your computer.

€99 per product (~$108)
One-time payment · No subscription · 30 minutes · 10 regenerations · 30-day editing window · Professional Pack: €999
Generate my RED documentation — €99

Related landings

📹 Doorbell cameras

Smart doorbell camera US manufacturer: EU cybersecurity documentation

🛒 Amazon DE

US company selling on Amazon Germany: cybersecurity compliance

🎧 TWS earbuds

TWS earbuds manufacturer US: EU cybersecurity Art. 1(2) wearable

✓ Last regulatory check: 6 May 2026 · No substantive changes detected · View history