As an importer, you serve as a critical gatekeeper for the EU market. The CRA requires you to verify that every product you bring into the EU meets all cybersecurity requirements.
Importers play a vital gatekeeping role in EU product safety. Under the Cyber Resilience Act, you must ensure that the manufacturer has fulfilled their obligations before placing a product on the EU market. If you import a non-compliant product, you share liability for any resulting harm. This makes thorough due diligence not just a legal requirement, but essential risk management.
Before placing a product on the EU market, verify that the manufacturer has carried out the appropriate conformity assessment procedure and that the product meets all essential cybersecurity requirements.
Ensure that the manufacturer has prepared the required technical documentation, including the cybersecurity risk assessment, SBOM and conformity assessment results. Keep documentation available for authorities.
Confirm that the product bears the CE marking and is accompanied by the EU declaration of conformity, user instructions and all required information in a language easily understood by users.
Exercise due care to ensure that products comply with CRA requirements. If you have reason to believe a product is non-compliant, do not place it on the market until compliance is established.
Maintain records of all compliance checks, supplier communications and any identified non-conformities. Keep the EU declaration of conformity and technical documentation accessible for at least ten years.
If you become aware that a product on the market does not comply with CRA requirements, immediately inform the manufacturer and the relevant market surveillance authority. Take corrective action where necessary.
We provide importers with the tools, processes and expertise to efficiently verify CRA compliance across their entire product portfolio — regardless of the number of suppliers or product categories.
Ensure every product you import meets CRA requirements. Our specialists will help you build efficient verification processes that scale with your portfolio.