You are an authorised representative service for non-EU manufacturers of radio equipment — routers, WiFi cameras, smart plugs, BLE wearables, LED controllers, IoT sensors. Article 11 of Directive 2014/53/EU requires you to keep the EU Declaration of Conformity and technical documentation at the disposal of market surveillance authorities for 10 years. Delegated Regulation (EU) 2022/30 activates Art. 3.3(d)(e)(f) — and that technical documentation must now include cybersecurity. REDCheck Professional Pack: 70 licenses, €999 one-time. 8 structured PDF documents per product. Generated in your browser in 20 minutes.
€999 · One-time · 70 dossiers · 8 PDFs each · Your data never leaves your browser
You manage CE marking documentation for dozens of non-EU manufacturers. Since August 2025, every internet-connected radio product entering the EU requires Art. 3.3 cybersecurity documentation on top of existing RED radio testing. Market surveillance authorities request this documentation from the authorised representative — not from the factory in Shenzhen or Taipei. The documentation obligation lands on your desk.
REDCheck Professional Pack is built for EU-based services that act as authorised representative for non-EU manufacturers and need to produce or verify Art. 3.3 cybersecurity documentation at scale.
Three inputs. Four answers. No signup required.
Every license generates a complete Art. 3.3 cybersecurity documentation package. Each document cites the specific article of Directive 2014/53/EU and Delegated Regulation (EU) 2022/30 it complies with. The output is the documentation that Article 11 requires the authorised representative to keep for 10 years.
Determines which points apply to the product: (d) network protection, (e) privacy and data protection, (f) fraud protection. Based on Delegated Regulation (EU) 2022/30, Articles 1 and 2.
Complete technical file structure for cybersecurity aspects. Product description, design, development methodology. Article 21 of Directive 2014/53/EU.
Art. 3.3(d) — radio equipment does not harm the network or its functioning nor misuse network resources. Aligned with EN 18031-1.
Art. 3.3(e) — safeguards for personal data and privacy of user and subscriber. Aligned with EN 18031-2.
Art. 3.3(f) — features ensuring protection from fraud when the equipment enables monetary transfers. Aligned with EN 18031-3.
Per Annex VI of Directive 2014/53/EU. Manufacturer identification, product identification, applicable essential requirements, conformity assessment reference.
Per Annex VII of Directive 2014/53/EU. Short-form declaration with URL reference to the full Declaration of Conformity. Article 10.9.
Printable label with CE marking, manufacturer contact details, product identification. Articles 19 and 20 of Directive 2014/53/EU.
See before you buy — Download sample dossier (PDF, fictional company) — Real structure, real articles, real format. Fictional data.
The manufacturer may have a valid CE marking for radio testing (EMC, RF, safety). This does not mean Art. 3.3 cybersecurity documentation exists. Delegated Regulation (EU) 2022/30 activated the cybersecurity essential requirements separately. A product with full RED radio compliance and zero cybersecurity documentation is non-compliant since August 2025. Market surveillance will check.
Article 11 requires the authorised representative to keep the technical documentation at the disposal of market surveillance authorities at all times. A request from a market surveillance authority is not the trigger to create the documentation — it is the moment it is verified. If the documentation does not exist when requested, the product is formally non-compliant under Article 43. Corrective measures, withdrawal, or recall follow under Article 40.
Article 11(2) of Directive 2014/53/EU is explicit: the authorised representative performs the tasks specified in the mandate received from the manufacturer, which must include keeping the technical documentation at the disposal of national surveillance authorities. The manufacturer draws up the documentation (Article 10), but the AR is the point of contact in the EU. If the AR cannot produce it, the product is blocked.
8 structured PDF documents per product. Network protection assessment (Art. 3.3(d)), privacy and data protection assessment (Art. 3.3(e)), anti-fraud assessment (Art. 3.3(f)), Declaration of Conformity, CE marking guidance. Generated from product data provided by the manufacturer. Article-by-article traceability to Directive 2014/53/EU and Delegated Regulation (EU) 2022/30. Ready for Art. 11 retention and market surveillance inspection.
Penetration testing, firmware security analysis, encryption implementation, secure boot configuration, EN 18031 laboratory testing, vulnerability scanning, product redesign. These are implementation-level services performed by the manufacturer or a specialised cybersecurity firm. REDCheck documents the cybersecurity posture — it does not assess or implement it.
REDCheck structures and documents. The authorised representative collects the product data and files the output. The manufacturer is responsible for the security implementation. The two layers complement each other.
These are the consequences under Directive 2014/53/EU for radio equipment placed on the EU market without Art. 3.3 cybersecurity documentation. As the authorised representative, the market surveillance authority contacts you first.
Article 40 of Directive 2014/53/EU. Market surveillance authorities can require corrective measures, withdrawal from the market, or product recall. The request goes to the authorised representative.
Article 46 of Directive 2014/53/EU. Member States impose penalties for non-compliance, which may include criminal penalties for serious infringements.
Article 43 of Directive 2014/53/EU. Missing or incomplete technical documentation, absent EU Declaration of Conformity, or improper CE marking triggers formal non-compliance proceedings. The authorised representative must respond within a set deadline.
The manufacturers face these consequences. The authorised representative is the first point of contact for enforcement.
| Option | Cost for 70 manufacturers | Total time | Output quality |
|---|---|---|---|
| Manual drafting (Word templates) | Professional time only | 1,050+ hours | Variable, no Annex V-specific structure |
| Outsource to CE marking consultancy | €56,000-€105,000 | Depends on provider | High, but cost-prohibitive at scale |
| Enterprise SaaS platform | €8,000-€20,000/year | 2-4 weeks setup | High, requires integration |
| REDCheck Professional Pack | €999 (one-time) | ~23 hours total | Structured, Art. 3.3(d)(e)(f), article-by-article |
REDCheck generates a structured documentation package covering Article 3(3), points (d), (e) and (f) of Directive 2014/53/EU, as activated by Delegated Regulation (EU) 2022/30, according to Article 21 and Annex V, from the information that the user enters. The truthfulness, accuracy and completeness of that information is the responsibility of the manufacturer — or of the authorised representative entering data on their behalf.
We guarantee that the document structure follows Annex V of Directive 2014/53/EU and that the legal references cited are correct as of the latest verification date. We do not guarantee that a specific document will be accepted by a market surveillance authority in a specific case, nor by an importer or distributor in a commercial transaction.
REDCheck is not legal advice. For specific situations, consult a lawyer or specialised regulatory consultancy.
70 licenses. 8 PDF documents per product. Art. 3.3(d)(e)(f) structure. Browser-side. One payment.