CE marking, the 18 most common pitfalls

Author Hugues Orgitello Last updated 25 May 2026

CE · Pillar

Eighteen errors come up in virtually every CE marking project that derails, whether in internal audit or in market surveillance. This page lists them with their root cause and the way to avoid them, so they can be caught before placing on the market. They are organised into three families: scoping errors, documentation errors, maintenance errors.

Family 1: Scoping errors

These errors arise upstream of the whole approach. They are the most costly because they often invalidate all the work done.

1: Missing the RED directive on a "non-radio" product

This is pitfall number one for IoT products. A Wi-Fi or BLE connected sensor falls automatically under Directive 2014/53/EU, even if the radio function is marginal (OTA updates, telemetry). Many manufacturers assess EMC and safety, miss RED, and end up non-compliant.

Root cause: the project team considers radio as an auxiliary feature rather than a regulated function. Once the product is launched, the omission only appears in market surveillance.

How to avoid it: from the requirements stage, draw up the exhaustive list of intentional radiators in the product, including third-party modules. Any active radio communication triggers RED, whatever its functional role. Keep this list current at each architecture change.

2: Confusing Class A and Class B in EMC

Class A (industrial) allows higher emissions than Class B (residential): but with a mandatory warning to the user. A product declared Class A and sold to consumers violates essential requirements. Conversely, a product declared Class B but actually a strong emitter fails in industrial environments and triggers complaints.

Root cause: the emission class is often decided late, based on test results rather than actual intended use.

How to avoid it: decide the class before design, based on the target use. If use is mixed or uncertain, target Class B by default. Reclassifying a product after the fact implies either retests or restricting distribution.

3: Authorised representative without a formal contract

A non-EU manufacturer must designate a representative by written mandate. Many settle for a verbal agreement or a mention on the website. Under inspection, the absence of a formalised mandate invalidates the designation and exposes the product to withdrawal.

Root cause: the representative function is perceived as administrative and entrusted to a third party without sufficient contractual formalisation.

How to avoid it: formalise the mandate in a contract reflecting the representative's obligations under Decision 768/2008/EC, file retention, accessibility, communication with authorities. The contract must be dated, signed by both parties, and retained with the technical file.

4: Online sales without an EU economic operator

Since Regulation (EU) 2019/1020, an economic operator established in the EU must be identifiable on every product placed on the market. Direct sales from a third country, via a marketplace, without this operator, exposes to immediate withdrawal. The platforms themselves are now responsible for control.

Root cause: ignorance or deliberate avoidance of the obligation, particularly among sellers on international marketplaces.

How to avoid it: designate an EU fulfilment service provider that formally assumes this role, or a dedicated authorised representative, before the first EU sale. Affix its identity (name, address) on the product, packaging or manual.

5: Underestimating sub-assembly scope

A "CE marked" radio module, OEM power supply, or LED driver does not exempt the final product from its own marking. Many manufacturers think integrating CE-marked components suffices.

Root cause: confusion between conformity of a component in isolation and conformity of the final product in its use configuration.

How to avoid it: systematic rule, each finished product is reassessed in its final configuration, even if all its components are individually CE-marked.

6: Reusing a module's marking without reassessing the final product

A pre-certified Wi-Fi/BLE module keeps its conformity only in the exact conditions in which it was tested: supplied antenna, minimum spacing, ground plane, clean power supply. Integrated into a final product, the slightest deviation (PCB antenna instead of external, different ground plane, noisy supply) invalidates the tests.

Root cause: the module manufacturer's test conditions are not reproduced in the final product, but the marking is retained by default.

How to avoid it: require the module manufacturer's detailed integration guide, verify compatibility point by point, then redo at minimum the final radio tests in the actual product configuration. Written document annexed to the file proving similarity of conditions.

§ § §

Family 2: Documentation errors

These errors concern the quality of the technical file and DoC. They are the most frequently noted in market surveillance audits.

7: Citing a withdrawn harmonised standard

A standard whose presumption was withdrawn from the OJEU more than a year ago still appears in many DoCs. This is an almost systematic ground for audit rejection. The presumption no longer exists; the technical case alone is insufficient if the current version is not equivalent.

Root cause: absence of regulatory watch in the company. The DoC is drafted once then copied for subsequent products without version control.

How to avoid it: verify in the OJEU the version in force of each cited standard before every DoC drafting. Set an alert every 6 months on the standards used across the product portfolio. See Standards.

8: Dating the DoC before the test reports

A DoC dated 1 March, based on a test report dated 15 March, is legally void. This seems obvious, and yet it is the most frequent sequencing error, usually driven by commercial pressure.

Root cause: time-to-market pressure; the DoC is prepared in parallel with tests and signed in anticipation.

How to avoid it: lock the internal process, no signed DoC until all test reports are finalised, signed and archived. Quality workflow forbidding DoC release without the test manager's visa.

9: Undocumented safety-critical component

The LVD directive requires documentation of critical components, typically transformers, optocouplers, Y capacitors, lithium batteries, fuses. If one of them is not documented with its own safety certification (VDE, UL, IEC 60384), the file is incomplete.

Root cause: the BOM is managed by purchasing, the technical file by quality, without formal linkage between the two.

How to avoid it: from the design BOM, identify critical components and require suppliers to provide their conformity certificates. Keep a reference file per critical component updated at each BOM revision. See Technical file.

10: Undersized or deformed CE marking

The CE pictogram is strictly defined graphically: shape of the C and E, proportions, minimum height of 5 mm. A deformed, squashed or undersized marking is immediately visible. And the approximate rendering of "China Export" is a classic defect on white-label imported products.

Root cause: the marking is applied by the industrialisation team from a low-resolution image, and deformed to fit mechanical constraints.

How to avoid it: retrieve the official vector file from European Commission sources, and impose its minimum height (unless the directive explicitly waives for very small products). Systematic visual check before industrialisation validation.

11: Manual not translated, or machine-translated

The manual must be available in the official languages of the Member State where the product is placed on the market. Unreviewed automatic translation is a classic ground for withdrawal, incorrect technical terms, ambiguous safety warnings, distorted legal mentions.

Root cause: underestimation of the technical complexity of regulatory translation; reliance on automatic tools or non-specialist translators.

How to avoid it: have translations reviewed by a professional translator familiar with the technical domain (engineer or specialist translator), and test understanding with a native end user. Manual versions managed like code (versioning, validation, traceability).

12: DoC too generic or wrongly cites directives

A DoC that mentions "all applicable directives" without naming them is invalid. Similarly, citing an old version (e.g. 2004/108/EC instead of 2014/30/EU) is immediate ground for rejection.

Root cause: the DoC is drafted from an old template without updating references.

How to avoid it: use an up-to-date template explicitly listing each directive with number and year. Validate the template by an internal or external regulatory referent.

§ § §

Family 3: Maintenance errors

These errors arise after the initial placing on the market. They are the most difficult for the manufacturer itself to detect.

13: Modifying the product without updating the file

A hardware revision (component change, new antenna, different power supply) must trigger a reassessment of affected tests. But in practice, revisions are done by purchasing without informing quality, and the file stays frozen on the old version.

Root cause: change management processes do not extend to the regulatory file; each works in its silo.

How to avoid it: integrate a quality review into the BOM change process, any change to a critical component triggers a documented CE impact analysis. Dashboard showing per product the last file revision vs. the last hardware revision. See Procedure.

14: No documented recall procedure

In case of failure, Regulation 2019/1020 imposes a rapid and traceable recall procedure. Many manufacturers have no formal procedure, they improvise when the failure arrives, which multiplies delays and costs by five.

Root cause: the recall is perceived as an exceptional event not to be anticipated, rather than a process to be formalised.

How to avoid it: document the recall procedure from placing on the market, identification, contacting distributors, consumer message, recall registry, communication to authorities. Test the procedure with a dry run every 18 months.

15: Antennas or accessories substituted after marking

A product tested with a specific external antenna may have its manufacturer substitute a cheaper antenna in production. The product appears functional but its radio characteristics change, emissions, EIRP, spectral mask, without this appearing in production.

Root cause: pressure on BOM cost; antenna characteristics are not perceived as critical.

How to avoid it: lock the antenna in critical BOM. Any antenna change triggers at minimum a Article 3.2 RED retest, ideally also 3.1(b) for radio EMC.

16: Software update affecting radio without reassessment

A firmware update that modifies transmit power, timing, modulation, or adds a band, triggers a new RED assessment. Many software teams modify these parameters without informing quality.

Root cause: the software release cycle is faster than the regulatory cycle; radio parameters are accessible to developers without safeguards.

How to avoid it: lock radio parameters in firmware by signature or build control. Any modification of these parameters goes through the product manager who assesses CE impact. Version firmware with timestamps and traceability.

17: DoC covering an obsolete reference

A 2020-dated DoC for a product still in production in 2026 remains legally valid, but it may cite standards withdrawn since. Presumption of conformity at the time of each placing on the market must be maintained, not only at the date of the initial DoC.

Root cause: the DoC is perceived as a launch document, not a living document.

How to avoid it: annual review of all active DoCs, update of cited standards if necessary (with retests if the new standard requires them), new DoC number after major update.

18: Absence of review before RED 3.3 cybersecurity transition

Since 1 August 2025, the cybersecurity requirements of Article 3.3 apply to all connected radio products. Many products already on the market at this date must be reassessed for their first unit produced after the transition. Failing to anticipate this transition is a concrete risk.

Root cause: cybersecurity is a recent domain in CE marking; few internal teams know how to apply EN 18031.

How to avoid it: cybersecurity audit of each portfolio product before August 2025; compliance plan for products needing it; integrate EN 18031 into the design of new products from kick-off.

Working on reviewing a complete CE technical file before audit or inspection for a real product? AESTECHNO can audit your design and certification plan. Get in touch →

In summary

The 18 pitfalls are not rare legal subtleties; they are recurring errors that appear in more than half of audits. Three families dominate:

1. Scoping errors (1–6), missed directive, inappropriate emission class, informal representative, online sales without EO, mishandled sub-assembly, module CE reused without verification.
2. Documentation errors (7–12), withdrawn standards, badly dated DoC, critical components missing, deformed marking, faulty translation, too generic DoC.
3. Maintenance errors (13–18), untracked modification, no recall procedure, antenna substituted, impactful software update, obsolete DoC, untimely cybersecurity transition.

None are inevitable. All are detectable through an independent file review before placing on the market, ideally performed by a third party who did not participate in the design and brings a fresh eye.

Three useful internal indicators to measure a company's regulatory maturity:

• Rate of presence of certified critical components in files (target: 100 %).
• Average delay between a BOM modification and the file update (target: ≤ 4 weeks).
• JOUE watch coverage rate on standards cited by active DoCs (target: 100 % with quarterly alert).

Without these indicators, the portfolio drifts and the manufacturer's responsibility silently grows.

Sources & references

1. EU Safety Gate / RAPEX, dangerous products notified , European Commission ec.europa.eu/safety-gate-alerts/screen/webReport