RED certification, step-by-step procedure
RED · Pillar
The RED certification procedure differs noticeably from other CE directives. RED offers more assessment modules and more frequently requires Notified Body involvement, notably when article 3.2 harmonised standards are not fully applied. This page details the available modules, selection criteria, and the practical sequence of a radio product project in 2026.
Four RED assessment modules
Section titled “Four RED assessment modules”Annexes II to IV of the RED directive define four conformity routes, to be chosen based on harmonised standards applicability:
| Module | Annex | Typical application | Third party required |
|---|---|---|---|
| A | II | Harmonised standards fully applied | No |
| A1 | III | Standard partially applied: NB for specific tests | NB for certain tests |
| B + C | IV | Standard not applied: EU type examination | NB (examination + follow-up) |
| H | V | Complete audited quality system | NB (ISO 9001-like audit) |
Unlike EMC and LVD directives which offer only module A, RED allows choosing a route suited to product maturity and harmonised standards availability.
Module A: Internal control (most frequent)
Section titled “Module A: Internal control (most frequent)”Module A applies when all applicable RED harmonised standards (articles 3.1(a), 3.1(b), 3.2, 3.3) are fully applied. The manufacturer:
- Performs the tests (in-house or accredited external lab)
- Assembles the technical file per Annex V
- Signs the EU Declaration of Conformity
- Affixes the CE marking
No Notified Body intervenes. For a 2.4 GHz Wi-Fi/BLE product applying EN 300 328, EN 301 489-17, EN 62311 and EN 62368-1, module A is the standard route.
Module A1: Internal control + supervised tests
Section titled “Module A1: Internal control + supervised tests”Module A1 applies when one or more harmonised standards are partially applied or no standard exactly covers the product. The Notified Body intervenes only to supervise the specific tests concerned.
Typical case: a product using a proprietary modulation in the 868 MHz band not fully covered by EN 300 220. The NB validates tests on this modulation; the rest of compliance (EMC, safety, other bands) is in self-declaration.
Module B + C: EU type examination
Section titled “Module B + C: EU type examination”Module B+C is mandatory when:
- no article 3.2 harmonised standard is applicable or fully applied, OR
- cybersecurity article 3.3 is assessed without EN 18031 at assurance level > basic.
Procedure:
- Module B, the NB examines a representative sample, validates the design against essential requirements, and issues an EU-type examination certificate.
- Module C, the manufacturer declares its production conforms to the certified type and applies the CE marking.
The 4-digit NB number is affixed next to CE to signal its intervention.
Module H: Full quality assurance
Section titled “Module H: Full quality assurance”Module H applies to manufacturers with a complete quality system (ISO 9001 + RED-specific procedures) audited by an NB. Once certified, the manufacturer can:
- self-declare each product without ad-hoc NB intervention;
- benefit from relaxed quality system surveillance (annual audits).
Suited to high-volume manufacturers with many references, the initial investment (€30,000–80,000 for system certification) is amortised by reduced per-unit assessment costs.
When is a Notified Body required?
Section titled “When is a Notified Body required?”Three criteria trigger NB obligation for RED:
- Modulation/band not covered by an article 3.2 harmonised standard (module B+C or partial A1).
- Cybersecurity 3.3 not covered by EN 18031 or high assurance level (module B or third-party assessment).
- Audited quality system for module H.
For a standard IoT product using Wi-Fi, BLE and/or cellular with standard modulations, an NB is generally not required, module A suffices.
Choosing a RED Notified Body
Section titled “Choosing a RED Notified Body”The NANDO database lists NBs notified for directive 2014/53/EU. For RED, about 30 NBs are notified in 2026. The most used for IoT electronic products:
| NB | Number | Specialties |
|---|---|---|
| TÜV Rheinland | 0035 | All radio types |
| TÜV SÜD | 0123 | All radio types, cellular |
| DEKRA Certification | 0344 | Cellular, Wi-Fi, BLE |
| INTERTEK Italia | 0359 | All radio types |
| LCIE Bureau Veritas | 0081 | All radio types |
| CETECOM | 0680 | Cellular specialist, SDR |
| Element (formerly TRP) | 1313 | Cybersecurity, SDR |
| 7Layers | 0700 | Cellular, OTA |
Selection criteria:
- Notified scope: verify the NB is notified for your product's specific tests (cybersecurity for example is not covered by all).
- Lead times: 6 to 16 weeks depending on load.
- Costs: an EU-type examination certificate (module B) typically costs €8,000 to €30,000 for a standard radio product, €30,000 to €80,000 for cybersecurity 3.3 high level.
- Industry reputation with operators and customers (useful in B2B).
Project sequence for a RED certification
Section titled “Project sequence for a RED certification”Here is the chronology of a RED project in module A for an 868 MHz + BLE IoT sensor, mains-powered, with 3.3 cybersecurity:
Phase 1: Scoping (weeks 1-2)
Section titled “Phase 1: Scoping (weeks 1-2)”- Identify all applicable directives (RED + implicit EMC via 3.1(b), LVD, RoHS, REACH, ecodesign).
- List the intentional transmitters present: 868 MHz (LoRa), BLE 2.4 GHz, NFC (if present).
- Select the harmonised standards in force for each band and article.
- Assess article 3.3 cybersecurity applicability and required assurance level.
Phase 2: Design and risk analysis (weeks 3-6)
Section titled “Phase 2: Design and risk analysis (weeks 3-6)”- Perform RED 3.1(a) safety risk analysis (RF exposure, SAR if concerned).
- Document cybersecurity architecture (3.3).
- Select critical components (certified radio modules, power supplies, batteries).
- Prepare radio configurations (powers, modulations, antennas).
Phase 3: Internal pre-tests (weeks 7-10)
Section titled “Phase 3: Internal pre-tests (weeks 7-10)”- Conducted and radiated EMC pre-tests.
- Radio 3.2 pre-tests (EIRP, spectral occupancy) in semi-anechoic chamber.
- Internal EN 18031 assessment (architecture review, security tests).
- Design fixes if needed.
Phase 4: External campaign (weeks 11-16)
Section titled “Phase 4: External campaign (weeks 11-16)”- EMC + radio tests in ISO 17025 accredited lab.
- LVD safety tests per EN 62368-1.
- Cybersecurity assessment by specialised body (can be in parallel).
- Partial retests after fixes (if needed).
Phase 5: File assembly (weeks 17-18)
Section titled “Phase 5: File assembly (weeks 17-18)”- Compilation of Annex V (description, drawings, standards, tests, etc.).
- SDR documentation if applicable.
- DoC drafting and signature.
- CE marking application.
Phase 6: Placing on the market (week 19+)
Section titled “Phase 6: Placing on the market (week 19+)”- Production of first marked units.
- File archival (10 years after last unit).
- Post-market surveillance: quality returns, cybersecurity vulnerabilities, modifications.
Total schedule for a typical RED IoT product: 4 to 6 months from the start of the certification phase. For a cellular product with NB, add 2 to 4 months for the EU type examination.
CE marking and NB number
Section titled “CE marking and NB number”RED marking rules are the same as for other CE directives, with one specificity:
- If module A: CE marking alone, height ≥ 5 mm.
- If module A1, B+C, or H: CE marking followed by the 4-digit number of the NB, typographic height at least equal to CE.
Example: CE 0123 for a product having passed EU-type examination with TÜV SÜD.
The marking must appear on the product, its packaging, and instructions. For very compact modules (probes, bare microcontrollers), a height derogation is admitted if legibility remains assured. Marking on packaging and instructions remains mandatory.
RED special cases
Section titled “RED special cases”Multi-radio products
Section titled “Multi-radio products”For a product integrating multiple radios (Wi-Fi + BLE + LTE), each radio is assessed per its article 3.2 standard, but EMC article 3.1(b) tests must be done in combined mode, all radios active simultaneously, to identify intermodulations.
Products with variable operating modes
Section titled “Products with variable operating modes”A Wi-Fi access point that can also operate in client mode must be tested in all modes. The DoC may cover modes or separate DoCs may be produced.
SDR: Software Defined Radio
Section titled “SDR: Software Defined Radio”Software-defined equipment requires specific documentation in the technical file:
- List of authorised hardware-firmware combinations
- Description of protection mechanisms against unauthorised configurations
- Signed and traced software update procedure
A firmware modification affecting radio parameters requires a new 3.2 assessment and DoC update.
Products with eSIM
Section titled “Products with eSIM”Products integrating an eSIM (embedded SIM remotely reprogrammable) are assessed as cellular products. The eSIM itself is not separately CE-marked; installed operator profiles do not affect the CE status.
Modifications after placing on the market
Section titled “Modifications after placing on the market”RED reassessment rules are strict:
| Modification | Reassessment required? |
|---|---|
| Cosmetic | No |
| Software without radio impact | No |
| Equivalent component change | Depends on EMC impact |
| Antenna change | Yes (3.2 + 3.1(b)) |
| Transmit power change | Yes (3.2) |
| Band addition | Yes (3.2 new band) |
| Modulation change | Yes (3.2) |
| Firmware update affecting radio | Yes (3.2) |
| Cybersecurity redesign | Yes (3.3) |
The modification history must appear in the technical file with an impact justification for each revision.
Sources & references
- Annexes II to V of Directive 2014/53/EU , EUR-Lex eur-lex.europa.eu/eli/dir/2014/53/oj
- NANDO: RED Notified Bodies , European Commission single-market-economy.ec.europa.eu/single-market/goods/building-blocks/notified-bodies_en