I have a finished product, what is the very first step?

Define the target markets, not the standards. The list of countries where you intend to sell decides which regulations apply, and only then which standards and tests follow. A product sold in the EU, the US and Japan faces three independent regulatory systems that do not recognise each other's results automatically. Fix the geography first, then build the compliance plan around it.

How do I know whether I can self-certify or need a third party?

It depends on the product family and the regime. In the EU, most electronic products self-declare under module A (the manufacturer signs the declaration after testing). A Notified Body becomes mandatory for higher-risk families (medical, ATEX, lifts) or when a radio standard cannot be fully applied. In the US, unintentional radiators use SDoC, intentional radiators require a TCB. The split is structural, not a matter of preference.

How much should I budget for a typical connected product?

As an order of magnitude, a Wi-Fi or BLE product entering the EU and the US runs from roughly EUR 20 000 to EUR 60 000 in accredited lab testing across EMC, radio, safety and exposure, before any Notified Body or operator fees. A cellular product, with PTCRB and operator acceptance on top, climbs well beyond that. Treat every figure as a range that scales with radio complexity and the number of markets.

How long does a first certification take?

Plan for four to nine months from a stable, frozen design to a complete dossier and marking, for a mainstream connected product. Lab scheduling, retest loops after a failure, and Notified Body lead times are the usual time sinks, not the tests themselves. Cellular and multi-market projects sit at the long end of that range.

Can I reuse a certified radio module to skip testing?

Partly. A pre-certified module carries its own radio approval, which the integrator can often inherit under defined conditions (same antenna or a listed antenna, unchanged firmware, layout rules respected). But the integrator still owns the finished-product dossier: EMC of the whole device, electrical safety, RF exposure and the declaration itself are never inherited. Modules reduce radio testing, they do not remove the project.

Is certification a one-off event or an ongoing obligation?

Ongoing. The marking or grant is the start of the product's regulated life, not the end. You must keep the technical documentation current, manage substantial modifications (which can trigger re-assessment), watch for withdrawn standards, and run post-market surveillance, handling complaints, incidents and, if needed, recalls. Budget for the surveillance phase, not only the entry ticket.

Do EU and US accept each other's test results?

Not automatically. The EU and the US are separate legal systems with different essential requirements, standards and procedures. Some test data overlaps and can be reused (an accredited EMC report may feed both files), but the declarations, marks and identifiers are distinct, CE marking and an EU declaration on one side, an FCC grant and FCC ID on the other. Plan dual files in parallel, not a single one.

Getting started with certification: where to begin

Author Hugues Orgitello Last updated 31 May 2026 ~11 min read

Guide · Orientation for a first certification project

You have a product, or a prototype that is nearly one, and someone has told you it needs to be "certified" before it can be sold. The word covers a lot: a marking on the enclosure, a signed declaration, a folder of test reports, an entry in a regulator's database. This page is the map. It gives you the mental model behind every certification project, shows you how to tell whether you can sign for yourself or must bring in a third party, sketches how the EU, the US and the rest of the world differ, and frames the time and money to anticipate as orders of magnitude. Read it first, then follow the links into the detailed guides.

The mental model

Certification is not one decision, it is a chain. Each link is determined by the one before it, and getting the order right is what separates a smooth project from an expensive detour. The chain runs like this:

Target markets. The countries (or regions) where you will place the product on the market.
Applicable rules. For each market, the regulations and directives that the product triggers, by what it is and how it works.
Standards. For each rule, the technical standards that, when applied, demonstrate compliance.
Tests. The measurements an accredited laboratory performs against those standards.
Technical documentation. The file that records the design, the standards used, the test reports and the reasoning.
Marking and declaration. The visible mark on the product (CE, the FCC ID, others) and the signed statement that closes the file.
Post-market surveillance. The obligations that continue for the product's whole commercial life.

The single most common first-timer error is starting in the middle, picking a standard or booking a test before the markets and the rules are settled. The arrow only points one way: markets decide rules, rules decide standards, standards decide tests. Never the reverse.

Step	The question it answers	Who owns it
Target markets	Where will I sell?	You (commercial decision)
Applicable rules	Which laws apply to this product?	You, with regulatory input
Standards	How do I prove conformity?	You and your test lab
Tests	Does it actually pass?	Accredited laboratory
Technical documentation	Can I show my work?	You (the manufacturer)
Marking and declaration	What do I affix and sign?	You
Post-market surveillance	What happens after launch?	You, ongoing

Notice that the manufacturer owns most of the chain. A laboratory runs tests and a Notified Body may examine a dossier, but the responsibility for the CE marking and the declaration stays with the person who places the product on the market. That principle, set out in the European Commission's Blue Guide, underlies the entire EU system.

Step 1: settle the target markets

Geography is the master variable. A connected sensor sold only in France faces EU rules. Add the United States and you add an entirely separate system, the FCC, with its own database, its own identifiers and its own laboratories. Add Japan, and you add the MIC and the Giteki mark. None of these accept the others' results by default.

So the first deliverable of any project is a simple list: the markets at launch, and the markets within eighteen to twenty-four months. The second list matters because retro-fitting a market later (re-opening a frozen design, re-testing) costs far more than planning for it from the start. If the United States is on the horizon, design the radio for both EN 300 328 and the relevant FCC rules from day one, not after the EU file is closed.

The three big regulatory worlds for electronics are the EU, the US and "the rest", a patchwork of national schemes (Japan, Korea, China, Brazil, India and dozens more), many of which lean on the same IEC and ISO standards but wrap them in their own marks and paperwork.

Step 2: find the applicable rules

Once the markets are fixed, you list, for each one, the rules the product triggers. In the EU this means identifying the applicable directives and regulations. A mains-powered connected device typically triggers four at once:

Rule	Scope	Pillar
Directive 2014/30/EU (EMC)	Electromagnetic compatibility	CE
Directive 2014/35/EU (LVD)	Electrical safety, mains voltages	CE
Directive 2014/53/EU (RED)	Radio equipment (Wi-Fi, BLE, cellular)	RED
Directive 2011/65/EU (RoHS)	Restricted hazardous substances	CE

These stack. They are cumulative, not alternative: a radio product is not "either RED or EMC", it is both, plus safety, plus substances. The RED in particular absorbs the EMC and safety requirements for radio products, but the documentation still has to address each essential requirement.

In the US, the equivalent exercise lands on FCC Part 15 (and Part 22/24/27 and others for licensed bands), plus separate safety listing through an NRTL. The mapping is not one-to-one with the EU, which is exactly why the two files must be built in parallel rather than translated from each other.

A useful tie-break when you are unsure which rules apply: describe the product by its physical reality, what voltages it uses, what it radiates, what substances it contains, what environment it lives in, and match each property to a rule. A product that does not transmit on purpose is not radio equipment under the RED, even if it contains a crystal oscillator. Classification by function, not by marketing category.

Step 3 to 5: standards, tests, documentation

With the rules fixed, each one points to a set of harmonised (EU) or recognised (US) standards. Applying a harmonised standard in full grants the presumption of conformity: the law assumes the matching essential requirement is met. This is the engine of the EU system. You do not argue from first principles that your product is safe, you show that you applied the standard the regulator points to.

A typical standard map for a Wi-Fi/BLE product:

Emissions and immunity (EMC): EN 55032 and EN 55035.
Radio (RED art. 3.2): EN 300 328 for the 2.4 GHz band, EN 301 489-17 for radio EMC.
Safety (RED art. 3.1a / LVD): EN 62368-1.
RF exposure: EN 62311.
Cybersecurity (RED art. 3.3): EN 18031.

The tests then flow from the standards. They are run by a laboratory accredited to ISO/IEC 17025, which is what makes the resulting reports admissible in a regulatory file. You can do pre-compliance measurements on your own bench to flush out problems early, but the formal evidence has to come from an accredited lab.

Everything is then assembled into the technical documentation (often called the technical file or, in the EU, the technical construction file). This is the spine of the whole project: product description, design and manufacturing drawings, the list of standards applied, risk assessment, test reports and the declaration. Market surveillance authorities can demand it, and an incomplete file is itself a non-conformity, regardless of how well the product performs. See our dedicated guide on the EU declaration of conformity for the document that closes the file.

Step 6: marking and declaration

This is the visible end of the process, and the part most people picture when they hear "certification". In the EU it is the CE marking plus a signed declaration of conformity. In the US it is an FCC grant and an FCC ID on the label (for certified devices) or an SDoC statement. Each market has its own mark, its own placement rules and its own legal weight.

The crucial point: the mark is a claim, not a permit. CE marking is the manufacturer's own statement that the product meets every applicable requirement, backed by the file behind it. No EU authority "grants" CE marking; you affix it on your own responsibility once the file is complete. The US is partly different, intentional radiators receive an actual grant from a TCB, which is closer to a permission. Knowing which model you are in changes who you answer to and when.

Step 7: post-market surveillance

The mark is the beginning of the regulated life, not the end. Obligations that continue:

Keep the file current. Standards get withdrawn and replaced; a declaration citing a superseded standard quietly loses its presumption of conformity.
Manage modifications. A substantial change to the product can require fresh assessment. A new radio module, a different power supply, a firmware change touching the radio: each must be evaluated against the rules.
Monitor the field. Complaints, returns and incidents have to be tracked, and serious safety issues reported to authorities.
Be ready to act. If a non-conformity surfaces, corrective action up to and including a recall may be required.

Many first projects budget the entry tests and forget the surveillance phase. It is cheaper to design the surveillance process once than to improvise it under pressure after an incident.

Self-certify, or bring in a third party?

This is the question that most shapes cost and timeline, so it deserves its own decision. The short version: in the EU, most electronic products self-declare, and a Notified Body (NB) is needed only in specific cases. The dedicated guide on self-declaration versus a Notified Body works through the modules in detail; here is the high-level map.

Situation	EU route	Third party?
Mainstream connected product, standards fully applied	Module A (self-declaration)	No
Radio standard only partially applicable	Module A1 or B+C	Yes (NB)
Higher-risk family (medical, ATEX, lifts, pressure)	Per-directive modules	Yes (NB), often mandatory
US, unintentional radiator	SDoC	No (but accredited lab)
US, intentional radiator	Certification	Yes (TCB grant)

Two ideas cut across this table. First, even a pure self-declaration almost always relies on an accredited laboratory for the test reports, "self-certify" means you sign the declaration yourself, not that you skip the lab. Second, the boundary is set by the rules, not by your appetite: you cannot self-declare your way around a medical-device classification or an intentional radiator that the FCC requires a TCB to grant.

EU vs US vs global, at a glance

A high-level comparison to set expectations. None of these substitutes for the per-region guides, but the shape of the differences matters when you scope a project.

Dimension	EU	US	Rest of world (typical)
Headline mark	CE marking	FCC ID / FCC logo	National mark (Giteki, KC, NOM, ...)
Who signs off	Manufacturer (self-declaration)	TCB grant for radio; SDoC otherwise	Often an in-country body or test report
Core legal text	Directives and regulations	Title 47 CFR (FCC), NRTL for safety	National regulation, often citing IEC/ISO
Identifier on product	No central ID	FCC ID (grantee code + product code)	Varies
Standards basis	Harmonised EN standards	ANSI / FCC procedures	Frequently IEC / ISO derived

The single most useful takeaway: the technical measurements often overlap (the physics of EMC does not change at a border), so test data can be partly reused, but the legal wrappers never line up automatically. For a head-to-head on the measurement side, see CE versus FCC for EMC. The reuse of data across regions is real but partial; do not assume an EU file unlocks the US.

How much time and budget to anticipate

Every figure below is an order of magnitude, framed as a range. Real numbers swing with radio complexity, the number of markets, the lab's queue and whether you pass the first time. Use them to size a project, not to quote a customer.

Product profile	Indicative lab testing (EU + US)	Indicative duration
Non-radio mains device (EMC + safety + RoHS)	EUR 8 000 to 20 000	2 to 4 months
Wi-Fi / BLE connected product	EUR 20 000 to 60 000	4 to 7 months
Cellular product (plus PTCRB and operators)	EUR 60 000 and well beyond	6 to 12 months
Higher-risk family (medical, ATEX, ...)	Highly variable, often six figures	9 months and up

Three drivers move these numbers more than anything else:

Radio. Adding an intentional radiator multiplies the test scope (radio conformance, radio EMC, exposure) and pulls in third parties (TCB in the US, sometimes an NB in the EU).
Number of markets. Each region adds its own marks, fees and sometimes in-country testing. The marginal market is rarely free, even when standards overlap.
Retest loops. A failure on the first pass is the most common schedule killer. A quoted six-week test becomes four months when a non-conformity sends you back to redesign and re-book the chamber.

For a deeper breakdown, see the guides on the certification timeline and the cost of certification. They turn these orders of magnitude into line items.

The typical sequence of a project

Putting the chain on a calendar, a mainstream connected product usually runs in this order:

Scope. Fix markets, map rules, draft the standard list. Decide self-declaration versus third party. (Weeks.)
Design for compliance. Choose the radio approach (module versus chipset), apply EMC layout rules, plan for safety and exposure from the schematic stage. (Overlaps development.)
Pre-compliance. Bench measurements to catch the obvious failures before paying for the chamber. (Days to weeks.)
Freeze the design. Certification tests are only valid on a stable design. Freezing too early forces re-tests, too late delays everything.
Formal testing. Accredited lab runs EMC, radio, safety and exposure. Retest any failures. (Weeks to months.)
Assemble the file. Compile the technical documentation, write the risk assessment, gather reports.
Declaration and marking. Sign the declaration, affix the mark, obtain the FCC grant if applicable.
Launch and surveillance. Place on the market, then maintain the file and monitor the field. (Ongoing.)

The points where projects slip are predictable: an unstable design that triggers re-tests, a market added late, and Notified Body or TCB queues that nobody budgeted time for.

Common first-timer mistakes

Starting from a standard instead of the markets. Booking an EMC test before confirming which directives apply, then discovering the radio scope was never covered.
Designing the radio for one region only. Optimising for the EU, then finding the FCC needs a different channel plan or power profile after the design is frozen.
Assuming a certified module removes the project. The module's radio approval helps, but the integrator still owns EMC of the whole device, safety, exposure and the declaration. A module is a head start, not a finish line.
Treating CE marking as a permit someone grants you. No one issues it; you affix it on your own responsibility, which means the file must genuinely stand up.
Citing a withdrawn standard. Lists are revised several times a year; a declaration pointing at a superseded version quietly loses its presumption of conformity.
Forgetting post-market obligations. Budgeting only the entry tests, then improvising surveillance, modification control and recall readiness under pressure.
Building one file and hoping it travels. EU and US data overlaps but the declarations and identifiers do not; plan parallel files from the start.

Avoiding these is mostly a matter of respecting the order of the chain and reading the per-topic guides before, not after, committing money. This page is the hub; the CE pillar, the RED pillar and the FCC pillar go a level deeper into each system.