Learn
Pillar guide Conformity assessment

EU Conformity Assessment for Machinery and Hardware Products

A practical guide for product teams on managing EU conformity assessment as product-development work, not late-stage documentation.

Question answered

Do we actually have EU conformity assessment under control early enough?

Outcome

Understand the core workflow and where late compliance work creates launch risk.

Why compliance is product-development work - and why treating it as late-stage documentation puts your launch at risk.

The problem: compliance surprises that delay launches

Most hardware teams do not set out to ignore EU compliance. They plan to handle it. The problem is when they handle it.

In practice, conformity work often drifts to the end of the development cycle. A test lab is booked late. A standard is consulted after the design is locked. The technical file is assembled under deadline pressure, and someone discovers that a risk assessment should have shaped decisions made months earlier.

The result is familiar: redesign loops, failed or repeated testing, blocked certification, and a launch date that moves to the right. None of this is caused by the regulation being unreasonable. It is caused by treating compliance as a documentation task instead of what it actually is - engineering work that needs to happen inside the product development process, not after it.

This guide explains what EU conformity assessment involves, how the core workflow operates, and where teams typically lose time by starting too late. It uses machinery as the primary worked example because the obligations are explicit and well-documented, but the same operating logic applies to most hardware products entering the European market.

Note: This guide is educational. It reflects the principles described in EU product legislation, the EU Blue Guide on implementation of product rules, and established machinery safety literature. It is not legal advice. The binding interpretation of EU legislation is the exclusive competence of the Court of Justice of the European Union.

What EU conformity assessment actually is

EU conformity assessment is the process by which a manufacturer demonstrates that a product meets the legal requirements - called essential requirements - before it is placed on the European market.

This is not a single certificate or a single test. It is a structured process that connects product design decisions to documented evidence of compliance.

The logic behind the system

The EU regulatory model for products is built on a few core principles that are worth understanding, because they explain why the work is structured the way it is:

  1. EU legislation sets the objectives, not the detailed specifications. Product directives and regulations define essential requirements - health, safety, environmental, or other protection goals that a product must meet. They do not prescribe exactly how to meet them. The how is left to the manufacturer.

  2. Harmonised standards provide a recognised path. European standardisation bodies (CEN, CENELEC, ETSI) publish harmonised standards that translate the essential requirements into concrete technical specifications. A product designed and tested according to a relevant harmonised standard benefits from a presumption of conformity with the requirements that standard covers.

  3. Standards are voluntary, but alternatives carry a heavier burden. Manufacturers can always choose other technical solutions. But when you deviate from a harmonised standard, you carry the burden of demonstrating - and documenting - that your alternative approach meets the essential requirements. In practice, this often means involving a third-party conformity assessment body.

  4. The manufacturer is responsible. Regardless of which path is chosen, the manufacturer bears primary responsibility for ensuring that the product complies. This includes conducting the conformity assessment, assembling the technical documentation, issuing the declaration of conformity, and affixing the CE marking.

  5. Other actors in the supply chain also have obligations. Importers must verify that the manufacturer has fulfilled their obligations. Distributors must check that the product carries the required markings and documentation. If an importer or distributor modifies a product or markets it under their own name, they take on the manufacturer's responsibilities.

What this means for product teams

These principles have a practical consequence: conformity is not something that happens to your product at the end. It is a set of decisions and evidence that must be built up during design and development.

The essential requirements define what your product must achieve. The standards suggest how. The technical documentation proves that you did. And the declaration of conformity is the manufacturer's legal statement that the product meets all applicable requirements.

If the risk assessment, design rationale, and test evidence are not developed alongside the product, they cannot be credibly assembled afterward.

The core workflow: what teams need to manage early

EU conformity assessment follows a logical sequence. The specific steps vary by product category and applicable legislation, but the underlying workflow is consistent across hardware products.

Conformity assessment workflow showing the path from applicable rules through risk assessment, standards, design, validation, technical documentation, and CE marking.

A practical conformity workflow connects regulatory decisions to engineering work, validation evidence, and final market-entry documentation.

Step 1: Determine which rules apply

Identify the EU directives and regulations that cover your product. Most hardware products fall under one or more product directives - for example, the Machinery Regulation, the Low Voltage Directive (LVD), the Electromagnetic Compatibility Directive (EMC), or the ATEX directive for products used in explosive atmospheres.

Several directives may apply to the same product simultaneously. A piece of industrial equipment might need to comply with machinery requirements, electrical safety requirements, and EMC requirements - each with its own set of essential requirements.

When this should happen: At the start of the product definition, before the design is committed. The applicable rules define the safety and performance objectives the design must meet.

Step 2: Identify hazards and define intended use

For most hardware products - and especially for machinery - the essential requirements are only applicable when the corresponding hazard exists for the product in question. This means you need to systematically identify all relevant hazards associated with the product, considering its intended use and any reasonably foreseeable misuse.

This is the risk assessment. It determines which essential requirements apply, how significant the associated risks are, and what level of risk reduction is required.

The risk assessment is not a form to fill in. It is an engineering analysis. It identifies potential sources of harm, estimates the severity and probability of that harm occurring, and evaluates whether the resulting risk is acceptable or requires further reduction.

When this should happen: During early design, when there is still room to make design changes that eliminate or reduce risks at the source. The risk assessment is an iterative process - it should be revisited as the design evolves.

Step 3: Map applicable standards

Once you know which directives apply and which hazards are relevant, identify the harmonised standards that cover those requirements. These standards are your most efficient path to demonstrating compliance, because they provide concrete technical specifications and confer the presumption of conformity.

Harmonised standards are organised in a hierarchy:

  • Type A standards define the general risk assessment methodology, such as ISO 12100 for machinery safety.
  • Type B standards address specific safety aspects common across many product types, such as emergency stop functions, guards, noise measurement methods, or safety-related control systems.
  • Type C standards provide detailed requirements for a specific product type. When a relevant Type C standard exists, it is the most direct path to demonstrating compliance.

Not every essential requirement will be covered by a standard. Where gaps exist, the manufacturer must apply appropriate technical solutions and document the rationale.

When this should happen: Alongside the risk assessment, early enough to influence design decisions.

Step 4: Design with risk reduction in mind

The EU regulatory model prescribes a clear priority order for addressing risks - the principles of safety integration:

  1. Eliminate or minimise the risk through design. This is the first and most important step. Wherever possible, hazards should be designed out of the product entirely. This produces inherently safer products and avoids dependence on add-on protective measures.

  2. Apply protective measures for risks that cannot be eliminated by design. This includes guards, interlocks, safety-related control systems, and other technical protective devices.

  3. Inform users about residual risks. Where risks remain despite design measures and protective devices, the manufacturer must provide warnings, instructions, and safety information.

This hierarchy is not a suggestion. It is embedded in the essential requirements. A product that relies entirely on warning labels without having first attempted to reduce risk through design and protective measures does not comply.

When this should happen: Throughout detailed design and engineering. Every significant design decision with safety implications should be traceable back to the risk assessment.

Step 5: Validate and test

Testing and validation provide the evidence that the product meets the essential requirements and conforms to the applicable standards. This includes type testing, functional safety validation, environmental testing, and any other verification activities required by the relevant standards.

If a third-party conformity assessment body (a Notified Body) is required by the applicable directive, plan for this early. Notified Body involvement depends on the product category and the conformity assessment procedure specified in the directive. For many product types, the manufacturer can perform the conformity assessment internally. For higher-risk categories, third-party involvement is mandatory.

When this should happen: Validation planning should begin during design. Test execution happens when prototypes or production-representative samples are available, but the test plan should reflect the standards identified in Step 3.

Step 6: Assemble the technical documentation

The technical file (or technical documentation) is the manufacturer's central evidence package. It must demonstrate that the product complies with all applicable essential requirements.

A typical technical file includes:

  • A product description and identification
  • Overall and detailed design drawings, including control circuits
  • The risk assessment documentation, showing the procedure followed, the hazards identified, the essential requirements that apply, the protective measures implemented, and any residual risks
  • The harmonised standards and other specifications applied, indicating which essential requirements they cover
  • Test reports and certificates from validation activities
  • The instructions for use
  • The declaration of conformity

The technical file must be available for inspection by market surveillance authorities for a defined period, typically ten years after the last unit is placed on the market. It does not need to be submitted proactively, but it must be producible on request.

When this should happen: Documentation should be built up continuously throughout the project, not assembled at the end. Each design decision, risk assessment update, and test result should feed into the file as the project progresses.

Step 7: Issue the declaration and apply CE marking

The declaration of conformity is the manufacturer's formal legal statement that the product meets all applicable requirements from all relevant directives. It identifies the product, the directives and standards applied, and the person authorised to sign on behalf of the manufacturer.

The CE marking is the visible symbol of this declaration. It signifies that the product complies with all applicable EU product legislation and may be placed on the European market.

No CE marking without the declaration. No declaration without the supporting technical documentation.

When this should happen: After all evidence is assembled and reviewed, but the ability to complete this step on time depends entirely on the work done in Steps 1 through 6.

Machinery as a worked example

The EU Machinery Directive (2006/42/EC), now transitioning to the new Machinery Regulation (EU) 2023/1230, is one of the most well-documented product directives and illustrates how conformity assessment works in practice.

Why machinery is a useful reference

Machinery is a useful example for product teams because the directive makes the relationship between risk assessment and compliance unusually explicit. The directive states directly that the machinery safety risk assessment is the key aspect concerning compliance. Every essential health and safety requirement (EHSR) listed in the directive is only applicable when the corresponding hazard exists for the specific machine, and the extent of compliance is determined by the assessed risk and the state of the art.

This means the risk assessment is not just a supporting document. It is the operational tool that determines which requirements apply, how they should be addressed, and to what degree.

The machinery conformity pathway

Before placing machinery on the EU market, the manufacturer must ensure:

  1. Compliance with all applicable Essential Health and Safety Requirements (EHSR), identified through the risk assessment
  2. A complete technical file that documents the risk assessment, design rationale, standards applied, and test evidence
  3. Instructions for use that inform the user about residual risks, required protective measures, and safe operating procedures
  4. A completed conformity assessment procedure, either self-assessment or, for certain higher-risk machinery categories, involving a Notified Body
  5. A declaration of conformity accompanying the machinery
  6. CE marking affixed to the machinery

What makes the risk assessment central

The EHSR in the Machinery Directive cover all possible hazards that may be associated with machinery: mechanical hazards, electrical hazards, thermal hazards, noise, vibration, radiation, hazardous substances, ergonomic risks, fire and explosion risks, and more. Three requirements always apply regardless of the risk assessment outcome: the principles of safety integration, marking requirements, and instructions.

The risk assessment methodology follows the structure described in EN ISO 12100:

  1. Define the limits of the machinery - its intended use, foreseeable misuse, space limits, and expected lifetime
  2. Identify the hazards - systematically, across all phases of the machinery lifecycle (transport, installation, operation, maintenance, decommissioning)
  3. Estimate the risk for each identified hazard, considering the severity of potential harm and the probability of its occurrence
  4. Evaluate the risk - determine whether the risk is acceptable or requires further reduction
  5. Reduce the risk - following the three-step hierarchy: inherently safe design, protective measures, information for use

This is an iterative process. After implementing risk reduction measures, the manufacturer re-assesses the risk to verify that it has been adequately reduced and that no new hazards have been introduced.

What this means for your schedule

For machinery, and for many other hardware products, the risk assessment must be conducted early enough to influence the design. If it is performed after the design is finalised, the only available risk reduction options are protective add-ons and warnings, which sit at the bottom of the compliance hierarchy. The most effective and most valued risk reduction - inherently safe design - is only available when the risk assessment drives design decisions from the start.

Documentation that makes your product market-ready

The technical file is not bureaucratic overhead. It is the evidence package that protects the manufacturer, satisfies market surveillance authorities, and, in the event of a product liability claim, demonstrates that the manufacturer acted with due diligence.

The documentation requirements reflect the conformity workflow:

DocumentPurposeBuilt when
Risk assessmentIdentifies applicable requirements and drives design decisionsFrom early design, updated iteratively
Design documentationShows how the product meets requirements through design and protective measuresThroughout detailed design
Standards mappingRecords which harmonised standards were applied and which requirements they coverDuring design planning, refined during development
Test reports and certificatesProvides evidence of conformity with specific requirements and standardsDuring validation
Instructions for useInforms users about residual risks, safe use, and required protective measuresDrafted during design, finalised before market entry
Declaration of conformityLegal statement that the product meets all applicable requirementsIssued before placing on the market

The technical file should be a living artefact that grows with the project. Assembling it at the end, from memory, incomplete records, and reconstructed rationale, is a common source of delays and gaps that can block market entry.

Why a structured workflow matters

The conformity assessment process is not inherently complex. It follows a clear logic: identify the rules, assess the risks, design to meet the requirements, validate, document, and declare.

What makes it difficult in practice is the way it interacts with everything else a product team is doing. Design decisions have compliance consequences. Standards influence engineering choices. Test planning depends on risk assessment outputs. Documentation depends on all of the above.

When this work is managed in fragments, the connections between decisions are lost. Gaps appear. Requirements are missed or addressed too late. The result is rework, delays, and the recurring feeling that compliance is unpredictable.

A structured workflow does not add work. It makes the existing work visible, connected, and traceable. It ensures that risk assessments drive design decisions, that standards are mapped before engineering is committed, that test plans reflect real requirements, and that documentation accumulates as a natural output of the process rather than a last-minute scramble.

The teams that launch on time with clean compliance are not the ones who spend the most on consultants. They are the ones who manage conformity as a first-class part of the product development process from the start.

Cluster pages

Go deeper in this topic

Essential Requirements in Practice: Turning Legal Text into Product Work How essential requirements become engineering decisions, validation work, and technical-file evidence inside real hardware projects. Risk Assessment under ISO 12100 A practical guide to how ISO 12100 risk assessment works, why it is iterative, and why spreadsheet-based handling breaks down for real machinery projects.
Next question

What does this look like inside a real product project?

What EU Conformity Assessment Means in a Real Product Project A practical article on where conformity assessment sits in a hardware product project, who owns the work, and why starting late creates launch risk.
Coming next

Topics this guide connects to

  • The Machinery Directive and the new Machinery Regulation
  • Risk assessment for machinery: ISO 12100 in practice
  • Essential Health and Safety Requirements (EHSR)
  • Harmonised standards: how they work and when to use them
  • The technical file and Declaration of Conformity
  • Upcoming regulatory changes