Europe AI & Data Rules Hub
< All Topics
Print

CE Marking Roadmap for AI-Enabled Products

Updated
ByIuliia Gorshkova

Bringing an AI-enabled product to the European market requires navigating a complex regulatory landscape where digital intelligence meets physical safety. The CE marking, traditionally associated with mechanical safety and electromagnetic compatibility, now represents a declaration that a product’s intelligent functions are as robust, safe, and accountable as its hardware. For developers of AI-enabled devices—ranging from autonomous lawn mowers and medical diagnostic tools to industrial cobots and smart home hubs—the path to compliance is no longer a simple checklist. It is a systematic engineering and governance process that integrates artificial intelligence into the established framework of EU product safety legislation. This roadmap outlines the practical steps, documentation requirements, and strategic decisions necessary to affix the CE mark to products where AI is not merely an accessory but a core component of safety and performance.

Understanding the Regulatory Landscape for AI-Enabled Products

The regulatory environment for AI-enabled products in Europe is a layered structure. At the base are the “New Legislative Framework” (NLF) directives, which establish the general principles of conformity assessment, market surveillance, and the free movement of goods. Above this sit the product-specific regulations and directives that define the essential requirements for safety, health, and environmental protection. For AI-enabled products, this landscape is currently undergoing a significant transformation with the introduction of the Artificial Intelligence Act (AI Act). Understanding how these layers interact is the first step in any compliance roadmap.

The New Legislative Framework (NLF) and Harmonised Standards

The NLF provides the procedural backbone for CE marking. It includes key directives such as the General Product Safety Directive (GPSD) for consumer goods and the Machinery Directive for equipment with moving parts. These directives do not prescribe specific technical solutions; instead, they set out Essential Requirements that a product must meet to be considered safe. Compliance is typically demonstrated by following harmonised standards—technical specifications published by European standardisation bodies (CEN, CENELEC, ETSI). Adhering to these standards provides a “presumption of conformity,” meaning that if your product meets the standard, it is presumed to meet the corresponding essential requirements of the directive. For AI, standards are still evolving, but existing standards on functional safety (e.g., IEC 61508 for programmable electronics) and cybersecurity (e.g., IEC 62443) are critical references.

The Role of the AI Act in Product CE Marking

The AI Act introduces a horizontal regulation that applies to all sectors. Crucially for CE marking, it establishes a link between AI systems and existing product safety legislation. The AI Act defines an “AI system” and categorises it based on risk: unacceptable, high, limited, and minimal. For products that are already subject to CE marking under other regulations (e.g., medical devices, machinery, toys), the AI Act imposes additional obligations if the integrated AI system is classified as high-risk. This means that manufacturers must perform a dual assessment: ensuring the product complies with the essential requirements of the “hardware” directive (like the Machinery Directive) and ensuring the AI system itself complies with the AI Act’s requirements for high-risk systems. The AI Act effectively becomes a mandatory layer of the conformity assessment process for many AI-enabled products.

National Implementations and Market Access Nuances

While EU directives and regulations create a harmonised single market, member states retain authority over market surveillance and the designation of Notified Bodies. This leads to subtle differences in enforcement and interpretation. For example, the German market surveillance authorities (under the German Product Safety Act, ProdSG) are known for their rigorous technical inspections and proactive market checks, particularly for consumer products with smart features. In contrast, authorities in other member states may focus more on documentation and traceability. Furthermore, national laws may impose specific requirements for products used in critical infrastructure or public sector applications, which can go beyond the baseline EU requirements. Companies must be aware that the CE mark grants access to the entire EU market, but the product may face scrutiny from any national authority, making consistent and well-documented compliance essential.

Defining the Product and its AI System

Before any technical testing or documentation can begin, the manufacturer must precisely define the product and the role of the AI within it. This scoping phase determines which regulatory frameworks apply and what level of scrutiny the product will face. A vague description of “AI-powered” is insufficient; a clear engineering and functional boundary must be established.

Identifying the Applicable Legislation

The first step is to map the product to the correct EU legislation. An AI-enabled product often falls under multiple directives. For instance, a smart vacuum cleaner with a camera for navigation is a consumer product (GPSD), an electrical device (Low Voltage Directive), and a radio equipment (RED). If its AI performs complex data processing or makes autonomous decisions, it may also be considered under the AI Act. A medical device using AI for diagnosis falls squarely under the Medical Device Regulation (MDR). The key is to identify the primary function of the product. The directive that governs this primary function usually leads the conformity assessment. However, all applicable directives must be satisfied. The manufacturer must create a regulatory map, identifying each directive and the specific essential requirements that apply to their product’s features.

Characterising the AI System and its Risk Level

Under the AI Act, the classification of the AI system is a critical determinant of obligations. The manufacturer must conduct a self-assessment to classify the AI system. This involves asking a series of questions: Is the system based on machine learning, logic-based approaches, or statistics? Is its purpose to generate outputs (predictions, recommendations, decisions) that influence physical or virtual environments? Most importantly, is the AI system considered “high-risk” according to Annex III of the AI Act? High-risk AI systems include those used in safety components of products (subject to existing CE marking legislation), critical infrastructure management, educational and vocational training, employment, essential private and public services, law enforcement, migration, and administration of justice. If the AI system is embedded in a product that already requires CE marking (like a machinery product), it is automatically considered high-risk. This classification dictates the entire compliance pathway.

Scoping the AI System’s Intended Purpose and Boundaries

The concept of “intended purpose” is central to both the AI Act and traditional product safety law. The manufacturer must clearly define what the AI system is designed to do and, just as importantly, what it is not designed to do. This definition forms the basis for risk assessment and the design of safety measures. For example, an AI-based driver monitoring system in a commercial vehicle is intended to detect driver drowsiness. Its intended purpose does not include navigating the vehicle or braking. This boundary must be clearly documented and technically enforced. Any foreseeable misuse must also be considered. The manufacturer has a legal obligation to design the product in a way that prevents misuse, or at least to provide clear warnings and instructions if misuse cannot be prevented. For AI systems, this includes considering how the system might behave if it receives data outside its operational parameters or if it is used in an environment for which it was not designed.

Conducting a Comprehensive Risk Assessment

Risk assessment is the cornerstone of CE marking for any product with a safety component, and it becomes significantly more complex when AI is involved. The process must cover traditional hazards (mechanical, electrical, thermal) as well as AI-specific risks related to data, algorithms, and human-AI interaction. The goal is to identify all potential hazards and reduce the risks to an acceptable level.

Traditional vs. AI-Specific Risk Analysis

A traditional risk assessment, following standards like ISO 12100, focuses on hazards like pinch points, electrical shock, or excessive heat. An AI-specific risk assessment must address a different class of problems. These include:

  • Data-related risks: Poor data quality, biased datasets, data poisoning, or data drift over time leading to degraded performance.
  • Algorithmic risks: Model brittleness (failing on edge cases), lack of robustness, adversarial attacks (manipulating inputs to cause misclassification), and unintended optimisation objectives.
  • Human-AI interaction risks: Over-reliance on the AI system (automation bias), misunderstanding of the AI’s capabilities or limitations, and unexpected system behaviour that could confuse or startle the user.
  • System-level risks: Failures in the feedback loop, conflicts between AI-driven actions and safety rules, or cascading failures in a connected system.

The risk assessment must be a living document, updated throughout the development lifecycle as new information becomes available.

Applying the State-of-the-Art and Presumption of Safety

The essential requirements of EU directives mandate that products be designed according to the “state of the art.” For AI, this is a moving target. The state of the art includes not only the latest algorithms but also the latest methods for testing, validation, and explaining their behaviour. It implies using robust and reliable development practices. For example, simply achieving a high accuracy score on a test dataset is not sufficient if the model’s decision-making process is opaque and its failure modes are unknown. The manufacturer must demonstrate that they have considered the current best practices in AI safety and ethics. This is where adherence to emerging standards and technical guidelines becomes crucial. Presumption of safety applies when a product is designed in accordance with harmonised standards. However, for AI, where standards are still being developed, manufacturers may need to use a combination of existing standards and a custom “technical solution” to justify compliance, which often requires involvement from a Notified Body.

Integrating Risk Control Measures into the Design

Once risks are identified, they must be mitigated through a hierarchy of controls. First, the design should be changed to eliminate the hazard. If that is not possible, protective measures should be integrated into the control system. Finally, if risks remain, warnings and information for the user should be provided. For AI-enabled products, this translates to:

  1. Inherently Safe Design: Choosing a simpler, more predictable algorithm over a complex but slightly more accurate one if the complexity introduces unacceptable risks. Limiting the AI’s autonomy in safety-critical situations.
  2. Technical Safeguards: Implementing redundant safety systems (e.g., a traditional sensor system that overrides an AI-driven action). Using confidence thresholds where the AI system will refuse to make a decision if it is not certain. Implementing runtime monitoring to detect data drift or model degradation.
  3. User Information: Providing a clear and accessible user manual that explains the AI’s capabilities, limitations, and proper use cases. Including instructions on what to do if the AI behaves unexpectedly.

Designing for Robustness, Cybersecurity, and Data Governance

For an AI-enabled product to be considered safe and reliable, it must be robust against variations in input, secure from malicious interference, and grounded in sound data management principles. These are not just “good practices”; they are becoming explicit requirements in EU regulations.

Ensuring Robustness and Generalisation

Robustness refers to the AI system’s ability to maintain its performance under conditions that are different from its training environment. A product that works perfectly in a lab but fails in real-world lighting, weather, or usage patterns is not compliant. Testing for robustness involves more than just validation on a hold-out dataset. It requires stress testing with adversarial examples, noisy data, and out-of-distribution inputs. The manufacturer must define the operational design domain (ODD)—the specific conditions under which the AI is intended to operate—and demonstrate through testing that the system is safe within that domain. If the system is designed to operate outside its ODD, the manufacturer must justify how safety is maintained, which is a significant technical and regulatory challenge.

Cybersecurity as a Safety Requirement

AI systems are software, and like any software, they are vulnerable to cyberattacks. For a connected product, a cybersecurity breach is no longer just a data privacy issue; it is a physical safety issue. An attacker could manipulate sensor data to cause a medical device to deliver an incorrect dosage, or take control of an industrial robot to cause physical harm. The AI Act explicitly requires that high-risk AI systems be resilient against attempts by unauthorised third parties to alter their use or performance. This means implementing security measures throughout the lifecycle, including secure coding practices, encryption of data in transit and at rest, authentication and access control mechanisms, and regular vulnerability scanning. Standards like IEC 62443 provide a framework for cybersecurity in industrial environments that is highly relevant for AI-enabled machinery.

Data Governance and Quality Management

The performance and safety of most AI systems are fundamentally dependent on the data they are trained and operated on. The AI Act places a strong emphasis on data governance. This requires a systematic approach to data management that covers:

  • Data Collection: Ensuring data is relevant, representative, and collected ethically and legally (e.g., in compliance with GDPR).
  • Data Pre-processing: Applying consistent and well-documented methods for cleaning, labelling, and augmenting data.
  • Data Bias Mitigation: Actively checking for and addressing biases in datasets that could lead to discriminatory or unsafe outcomes.
  • Data Traceability: Maintaining records of the datasets used for training, validation, and testing, including their provenance and characteristics.

Establishing a Data Quality Management System is not just a compliance task; it is a core engineering discipline for building reliable AI.

Building the Technical Documentation (The “Technical File”)

The technical file is the central evidence of conformity. It is the collection of documents that a manufacturer must compile to demonstrate that their product meets all applicable regulatory requirements. For AI-enabled products, this file is extensive and must explicitly address the unique characteristics of the AI system. It must be kept for 10 years after the product is placed on the market and be provided to market surveillance authorities upon request.

Core Components of the Technical File

The technical file for an AI-enabled product will typically include, but is not limited to:

  • A general description of the product and its intended purpose.
  • Elements of the design and manufacturing process, including a list of harmonised standards applied.
  • Test reports and verification results (mechanical, electrical, EMC, AI performance, robustness tests).
  • Risk assessment reports (covering both traditional and AI-specific risks).
  • Information for the user (instructions for use, safety warnings, intended purpose).
  • For high-risk AI systems: a detailed description of the AI system’s elements, the development process, and the post-market monitoring plan.

Specific Documentation for High-Risk AI Systems (AI Act)

If the AI system is classified as high-risk, the technical documentation requirements are significantly expanded. The manufacturer must prepare a dedicated “technical documentation in accordance with Annex IV of the AI Act.” This includes:

  • General Description: The system’s capabilities, limitations, and intended purpose.
  • Development Process: Details of the data sets used, their sourcing, and pre-processing methods. A description of the AI system’s architecture, training methodologies, and design choices.
  • Verification and Validation: A detailed account of the testing procedures, metrics used, and results. This must demonstrate that the system is robust, secure, and as accurate as possible.
  • Explainability and Human Oversight: Information on the system’s level of autonomy, the skills and training required for the human operator, and the measures in place to ensure human oversight can be effective.
  • Post-Market Monitoring: A plan for how the manufacturer will collect and analyse performance data after the product is launched to identify emerging risks.

This level of detail requires a “design history file” for the AI, analogous to what is required for medical devices.

Engaging with Conformity Assessment Procedures

The conformity assessment is the formal process of verifying that the product meets the essential requirements. The procedure depends on the product’s risk classification and the applicable directives. For many AI-enabled products, this will involve a third-party assessment.

The Role of the Notified Body

A Notified Body is an organisation designated by a member state to assess the conformity of products before they are placed on the market. For products with AI, Notified Bodies with expertise in software, functional safety, and cybersecurity are essential. Their involvement is mandatory for products covered by regulations like the MDR or for machinery with complex safety functions. Under the AI Act, Notified Bodies will be required to assess high-risk AI systems that are not already covered by other legislation. The manufacturer must submit their technical documentation to the Notified Body, which will review it and may conduct audits of the manufacturer’s quality management system and technical testing. Choosing a Notified Body with proven experience in AI is a critical strategic decision.

The EU Declaration of Conformity (DoC)

Once all conformity assessment activities are complete and any outstanding issues have been resolved, the manufacturer issues the EU Declaration of Conformity. This is a formal, legally binding document in which the manufacturer declares that the product complies with all relevant EU legislation. The DoC must be published (usually on the manufacturer’s website) and accompany the product. It must include:

  • Name and address of the manufacturer (and its authorised representative).
  • A list of all directives and regulations the product complies with.
  • Details of the Notified Body that was involved (if any).
  • A statement that the technical documentation has been compiled and is available for inspection.

The DoC is the final administrative step before the CE mark can be affixed.

Applying the CE Marking

The CE mark itself is a specific logo that must be affixed to the product in a visible, legible, and indelible manner. It must be at least 5mm high. If the product is subject to multiple directives, the CE mark alone is sufficient, but the references to the specific directives must be included in the user instructions or Declaration of Conformity. The mark signifies that the product has undergone the full conformity assessment procedure and can be sold anywhere in

Table of Contents
Go to Top