CE marking in 2026: from physical goods to digital products.

What CE marking actually is

CE marking is not a quality label. It is a manufacturer’s declaration that a product meets all the EU harmonisation requirements that apply to it. The CE mark is affixed by the manufacturer (or the authorised representative) — not by an EU agency — and it makes the product legally placeable on the market across all 30 EEA countries.

A product needs CE marking only if it is covered by at least one EU harmonisation directive or regulation. If your product falls outside that perimeter (e.g. furniture without electrical components, most non-toy household items), CE marking does not apply — but the General Product Safety Regulation (GPSR) almost certainly does.

The directives and regulations behind the mark

A single product often falls under several texts at the same time. A connected industrial robot can trigger Machinery, EMC, RED and (from 2027) the Cyber Resilience Act simultaneously. Here are the ones you are most likely to meet.

The five steps to CE-mark a product

Three big shifts to track through 2026 and 2027

1. The Machinery Regulation (EU 2023/1230) replaces the Directive

From 14 January 2027, the new Machinery Regulation applies. It introduces explicit requirements for AI-enabled machines (autonomous behaviour, safety functions implemented in software), cybersecurity, and digital instructions. Any manufacturer with a machine in the catalogue should have begun the gap analysis by now.

2. The Cyber Resilience Act (EU 2024/2847) extends CE marking to software

From 11 December 2027, every "product with digital elements" — connected devices, IoT, embedded software, sometimes standalone software — needs CE marking under the CRA. Concretely: secure-by-default configuration, documented vulnerability handling, free security updates for the expected lifetime (minimum 5 years), and a Software Bill of Materials (SBOM). Self-assessment for most; third-party for "important" and "critical" categories.

3. The Construction Products Regulation overhaul

The new Construction Products Regulation (CPR) replaces Regulation 305/2011, with phased application across 2026–2030. New: a Digital Product Passport for construction products, sustainability requirements, and tighter market surveillance. If you sell concrete, steel, insulation, doors, windows or any product covered by a harmonised technical specification, the obligations are moving fast.

Where teams trip up

• Missing a directive: most CE-marked products fall under 3 to 5 texts simultaneously, not one.
• Treating notified-body involvement as optional when the module clearly mandates it.
• Ignoring "substantial modifications": a firmware update can re-trigger the entire conformity assessment.
• Importing under your own brand without verifying the manufacturer’s technical file — the importer becomes liable.
• Confusing CE marking with the UKCA mark, the Eurasian EAC mark, or the Swiss equivalent — they overlap but are not the same.

CE marking is no longer just a physical-goods discipline

For 30 years, CE was a physical-goods passport. From 2027 it covers software too. The teams that will scale fastest are the ones treating CE marking as a living portfolio mapping — every product, against every applicable text, against every market — rather than a one-time launch checklist.