Electronic Product Development Compliance

From CE Mark to Cyber Security requirements, compliance is usually an after-thought. Compliance failures are mostly avoidable, but only if standards are considered from the start rather than after design is complete.

Why Compliance Goes Wrong

Most compliance failures are avoidable, but compliance is often treated as something that happens after the design is finished. Many teams don’t know what the product requirements are for compliance and just hope their product passes. By the time a product reaches formal testing, the decisions that determine whether it passes have already been made, in the schematic, in the PCB layout, in the power supply design.

A failure at that stage means a board re-spin, a delayed launch, additional test costs, and a difficult conversation with the people who approved the investment. The same problem, caught at schematic review, is a conversation and a few hours of engineering time.

Start with the end in mind. The standards your product needs to meet are knowable from day one. Engaging with compliance early isn’t additional work, it’s probably the most cost-effective way to do the work you’d have to do anyway. Using the standards from the start shouldn’t be a competitive advantage; it should be standard practice. Yet we see countless projects where the team isn’t aware of which directives apply or how to demonstrate compliance.

At Ignys, compliance support is built into how we develop electronic products.

What Is CE Marking?

CE marking is mandatory for most electronic products sold in the EU. In many cases it’s a self-declaration by the manufacturer that the product meets applicable EU health, safety, environmental and (where relevant) cybersecurity requirements. Products covered by certain directives, or where harmonised standards are not fully applied, may require third-party assessment by a notified body.

The CE mark signals compliance to regulators, importers, distributors, and customers. It is the manufacturer’s legal responsibility to ensure it is warranted, supported by a Technical File documenting how compliance has been demonstrated. Compliance is an ongoing obligation: just because a product was compliant last year doesn’t mean that it still is.

CE Marking, UKCA Marking and the UK Market

The conformity marking landscape for Great Britain changed materially in October 2024, and the position is now more flexible than many manufacturers realise. This section sets out what currently applies and where the limits of that flexibility lie.

The current legal position

In August 2023, the Department for Business and Trade announced its intention to recognise CE marking on the Great Britain market indefinitely, beyond the previously scheduled 31 December 2024 cutoff. That intention was put into law by the Product Safety and Metrology etc. (Amendment) Regulations 2024, which came into force on 1 October 2024. The regulations cover 21 product regulations across five government departments (DBT, DESNZ, DWP, HSE and Defra), including the regimes for EMC, radio equipment, machinery, LVD, toys, PPE, ecodesign, civil explosives and, in most circumstances, restriction of hazardous substances in electrical equipment.

For products falling under those 21 regulations, manufacturers placing goods on the Great Britain market have a genuine choice: apply the UKCA marking, apply the CE marking, or apply both. Either route is legally sufficient. UKCA has not been withdrawn and remains valid; it is simply no longer mandatory for the categories covered by the 2024 amendment.

Products sold only in the UK

If your product is sold only in Great Britain and falls within the 21 regulations above, you can choose either UKCA or CE marking. There is no requirement to do both, and no commercial penalty for picking either route. For most embedded electronics products this means a single conformity assessment package serves the UK market on its own. CE is typically the more practical choice in this scenario because the harmonised standards, notified body ecosystem and documentation conventions are more widely supported.

Products sold in both the UK and EU

For products placed on the Great Britain and EU markets, CE marking on its own is sufficient for both, provided the product sits within the 21 regulations covered by the 2024 amendment. A single CE conformity package, supported by an EU Declaration of Conformity and, where required, a UK Declaration of Conformity, satisfies both jurisdictions.

Northern Ireland

Northern Ireland operates under the Windsor Framework and remains aligned with EU product law. CE marking is required for goods placed on the Northern Ireland market. A separate UKNI marking applies in specific cases where a UK conformity assessment body has carried out the work and the goods are intended for Northern Ireland rather than the EU.

Sectors that sit outside the 2024 amendment

Not every product category is covered. Different rules apply to medical devices, construction products, marine equipment, rail products, cableways, transportable pressure equipment, aircraft and unmanned aircraft systems. UAS is the clearest current example of divergence: UK class marking requirements (UK0 through UK6) came into force on 1 January 2026 and apply throughout the United Kingdom. If your product sits in one of these sectors, the CE route alone may not be sufficient for the GB market and a separate UK assessment may be required.

Looking ahead: the Product Regulation and Metrology Act 2025

The Product Regulation and Metrology Act 2025 was enacted on 21 July 2025. It gives the Secretary of State powers to make secondary legislation that can extend, restrict or diverge from the current CE recognition position. The current alignment is a policy stance enabled by legislation, not a permanent guarantee. For products with a long service life or a long development cycle, building a conformity strategy that can flex between UKCA and CE routes without retesting is prudent risk management.

Which Directives Apply to Your Product?

Understanding which directives apply is the first step in building a compliance plan. Most electronic products fall under one or more of the following.

EMC Directive

Applies to virtually all electronic products. It requires that products do not generate electromagnetic interference beyond defined limits, and that they are not susceptible to interference that degrades their performance.

Low Voltage Directive

Applies to mains-powered equipment operating at 50 to 1000V AC or 75 to 1500V DC. Requires products to be designed for the safety of users and third parties. Compliance is demonstrated against the relevant harmonised standard for the product type, for example EN 62368-1 for audio, video, information and communication technology equipment (which replaced EN 60950-1 in December 2020), EN 61010 for measurement, control and laboratory equipment, or EN 60335 for household appliances.

Radio Equipment Directive (RED)

Applies to any product that intentionally transmits or receives radio waves. Bluetooth, Wi-Fi, Zigbee, LoRa, cellular, GPS and similar technologies. RED encompasses EMC and electrical safety requirements, so products under RED don’t additionally need EMCD or LVD separately.

Since 1 August 2025, RED has also required cybersecurity compliance under Articles 3.3(d), (e) and (f), with the EN 18031 series of harmonised standards (EN 18031-1, -2 and -3) providing presumption of conformity. If your product uses radio technology and connects to the internet, this applies.

RoHS Directive

Restricts ten hazardous substances in electrical and electronic equipment, including lead, mercury, cadmium, hexavalent chromium, two flame retardants (PBB and PBDE) and four phthalates (DEHP, BBP, DBP and DIBP). Managed through component selection and supplier declarations.

WEEE Directive

Governs end-of-life collection and recycling. Requires product registration, the crossed-out wheeled bin label, and in some markets, producer responsibility obligations.

Ecodesign Directive

Sets minimum energy efficiency requirements for energy-related products. Relevant if your product has standby or off-mode power consumption.

Not sure which directives apply to your product?

Pre-Compliance Testing

Pre-compliance testing is one of the most cost-effective investments in a product programme. It’s also one of the most underused.

Formal compliance testing at an accredited laboratory is expensive, has lead times, and when it finds problems it triggers a cascade: redesign, new prototypes, re-booking test slots, schedule slip. Pre-compliance testing finds the same problems earlier, at a point where they can be fixed in the current board revision rather than a new spin.

Designing for Compliance from the Start

EMC compliance is a design activity, not a testing one. The decisions that determine whether an electronic product passes are made during schematic capture and PCB layout.

The design decisions that most affect EMC compliance

Power supply design, switching frequency, filtering, and the EMI behaviour of DC-DC converters
Clock and crystal circuits, the most common source of radiated emissions problems
PCB ground plane; a solid, continuous ground plane is the single most important EMC design feature on most boards
Component placement, physical separation of noisy and sensitive circuits
Signal routing, return current paths, differential pair routing, high-speed signal edge management
Filtering and decoupling, at power entry, signal interfaces, and around high-frequency devices
Shielding, where design alone is insufficient
Cabling, routing cabling in a prescribed and consistent manner to avoid unnecessary coupling

We apply EMC-aware design practice throughout hardware development as standard. The goal is to arrive at pre-compliance testing with a board already engineered to pass.

Technical File and Declaration of Conformity

CE marking is often self-declared, but not unsupported. The manufacturer must compile and maintain a Technical File, documented evidence for the compliance claim. It must be retained and made available to regulatory authorities for at least ten years from when the last unit was placed on the market.

A typical Technical File includes:

Product description and identification
Design documentation (schematics, PCB layout, BOM)
Applicable directives and harmonised standards
Risk assessment
Test reports and pre-compliance results
Declaration of Conformity
Instructions for use and labelling

The Declaration of Conformity (DoC) is the formal document declaring the product meets all applicable requirements. It is prepared and signed by the manufacturer, not issued by a third party.

Many manufacturers hold CE marks without an adequate Technical File. That’s a legal exposure worth addressing.

We have extensive experience compiling and maintaining Technical Files across multiple directive scopes. If you need one built, reviewed, or brought up to date, we can help.

When Do You Need a Notified Body?

For many electronic products, you don’t. CE marking can be achieved through self-declaration against harmonised standards, with no third-party involvement required.

A notified body is required when the product falls outside harmonised standards, when the harmonised standard is not applied in full (including where restrictions on a harmonised standard apply, such as some of the restrictions on the EN 18031 series), or when the relevant directive specifically mandates third-party assessment. Examples include certain radio equipment configurations under RED, and machinery types listed in Annex IV of the Machinery Directive.

Medical devices are regulated under a separate framework, the EU Medical Device Regulation 2017/745 (MDR) or the In Vitro Diagnostic Regulation (IVDR), with its own notified body, conformity assessment and technical documentation requirements. That scope is not covered on this page.

For mainstream consumer electronics, industrial equipment, and IoT devices, self-declaration is the standard route. We’ll advise on whether your product is an exception.

FCC Compliance for the US Market

If your product is intended for North America, FCC compliance is required entirely separate from CE, with its own testing requirements, authorisation procedures, and labelling rules. FCC routes vary by product:

Supplier’s Declaration of Conformity (SDoC): a self-declaration for certain categories
Certification: mandatory for intentional radio transmitters, via an FCC-recognised Telecommunications Certification Body

We can support FCC compliance alongside CE marking for products with a dual UK/EU and US commercial case, managing the testing programme and documentation in parallel.

Cybersecurity Compliance: EN 18031 and the Cyber Resilience Act

Cybersecurity is now a market access requirement for connected products, not an optional extra.

EN 18031: Internet-connected radio equipment sold in the EU must comply with the cybersecurity requirements of the Radio Equipment Directive under Articles 3.3(d), (e) and (f), in force since 1 August 2025. The harmonised standards EN 18031-1 (internet-connected radio equipment), EN 18031-2 (equipment processing personal, traffic or location data) and EN 18031-3 (equipment enabling the transfer of money or virtual currency) cover network protection, authentication, access control, secure firmware update mechanisms and related requirements. Note that the harmonised standards were listed in the Official Journal with restrictions, so where a restricted clause applies to your product, notified body involvement may be required.

EU Cyber Resilience Act (CRA): Regulation (EU) 2024/2847 entered into force on 10 December 2024. Mandatory vulnerability and incident reporting obligations apply from 11 September 2026. Full application, including the conformity assessment and CE marking requirements for products with digital elements, applies from 11 December 2027. The CRA extends cybersecurity requirements to a much wider range of connected products throughout their lifecycle, including ongoing security updates and vulnerability management. Products in development now should be assessed against CRA requirements.

Talk to us about cybersecurity compliance

Compliance Recovery

Not every compliance engagement starts at the beginning of a programme. Common recovery scenarios we support:

Failed formal testing — diagnosis and a clear route to resolution, minimising additional test slots and redesign cost
Products designed without compliance in mind — assessment of requirements and the most cost-effective path forward
Approaching a regulatory change — reviewing designs against new standards, including EN 18031
Technical file gaps — reviewing, completing, or updating documentation
Legacy products requiring re-certification — updating against current standards

If you have a compliance problem, the starting point is a clear technical assessment.

What Ignys Offer

Compliance scoping
Design for compliance
Pre-compliance EMC testing support
Technical File compilation and maintenance
Declaration of Conformity preparation
CE marking support
RED, LVD, and EMC Directive compliance
FCC compliance support for the US market
EN 18031 cybersecurity compliance assessment
Cyber Resilience Act (CRA) readiness review
RoHS and WEEE compliance support
Notified body liaison where required
Technical File audit and gap analysis
Compliance support for product recovery and redesign

Electronic Product Development Compliance FAQs

Q: When should we start thinking about compliance?

At the requirements stage, before schematic capture begins. The design decisions that most affect compliance are made during schematic and PCB design. Engaging early costs very little; engaging with failures at testing can cost a great deal.

Q: Do we need a notified body for CE marking?

For most products, no, self-declaration is the standard route. Notified body involvement is required for certain radio equipment configurations, machinery types listed in Annex IV of the Machinery Directive, and where restrictions on harmonised standards apply (such as some clauses of EN 18031). Medical devices are regulated under a separate framework (MDR or IVDR) which has its own notified body requirements. We’ll advise on whether your product is one of these cases.

Q: Do we need separate UK marking alongside CE marking?

For most products sold in Great Britain, no. The Product Safety and Metrology etc. (Amendment) Regulations 2024 mean that CE marking is accepted indefinitely for the 21 product regulations in scope. Some sectors (medical devices, construction products, marine equipment, rail, aircraft, unmanned aircraft systems and others) sit outside this and have their own arrangements. We’ll flag if your specific product or sector changes this.

Q: What is pre-compliance testing?

EMC testing conducted during development to find and fix issues before formal testing. Not a regulatory requirement, but one of the most cost-effective investments in a programme. Finds the same problems as formal testing, at a stage where they can be fixed in the current revision.

Q: What is a Declaration of Conformity?

The formal document in which the manufacturer declares the product meets all applicable CE marking requirements. Prepared and signed by the manufacturer, not issued by a third party. Must be made available to customers and regulators.

Q: What is a Technical File?

The body of evidence supporting the CE marking declaration: design documentation, risk assessments, test reports, and the DoC. Required to be maintained and available to regulators for at least ten years from when the last unit was placed on the market. Many manufacturers hold CE marks without an adequate Technical File. That’s a legal exposure.

Q: Our product connects to the internet, do we need cybersecurity compliance?

Yes, if selling into the EU. EN 18031 has been mandatory for internet-connected radio equipment since 1 August 2025. The EU Cyber Resilience Act extends further requirements, with reporting obligations applying from 11 September 2026 and full application from 11 December 2027. Get a compliance scope review now.

Q: Our product has already failed testing. Can you help?

Yes. We start with a structured technical review of the test report and existing design, giving you a clear picture of the problem and what it will take to resolve it before any engineering work begins.

Q: What certifications does Ignys hold?

Ignys holds three ISO certifications: ISO 27001 for information security management, ISO 9001 for quality management, and ISO 14001 for environmental management.

ISO 27001 means your design files, technical documentation, and product IP are managed within an externally certified information security framework throughout the engagement. It’s a level of assurance that most electronics consultancies and smaller compliance houses are not able to provide.

ISO 9001 gives your procurement and supply chain teams the assurance that our quality management processes meet the internationally recognised standard. This is important for supplier qualification within larger organisations and PLCs.

ISO 14001 reflects our commitment to managing our environmental impact responsibly, which matters increasingly to the business units and corporate entities we work with.

Q: Are you ready to get your product to market?

Compliance doesn’t have to be the part of your programme that derails everything else. With the right support at the right stage it protects your commercial investment.

Whether you’re starting a new programme and want compliance built in from day one, or you’re facing a problem mid-programme that needs resolving fast, let’s have a straightforward conversation. No obligation.