Key Insights for Radio Equipment from the REDCA November Meeting 2025

This blog was originally posted on 18th November, 2025. Further regulatory developments may have occurred after publication. To keep up-to-date with the latest compliance news, sign up to our newsletter.

AUTHORED BY AARON GREEN, SENIOR REGULATORY COMPLIANCE CONSULTANT, COMPLIANCE & RISKS

It was a privilege to virtually attend the REDCA November meeting, held in Athens, Greece, from 5-6 November 2025. In this blog, I discuss the event highlights, including presentations on:

The transition from the Radio Equipment Directive cybersecurity requirements to the Cyber Resilience Act (CRA) for all digital devices
Expansion of the USB-C common charger requirements to additional devices
The use of functional performance criteria in EMC test standards

Key Takeaways from REDCA 2025 November Meeting

Cyber Resilience Act (CRA) Implementation Progress

The CRA imposes obligations on manufacturers across the product lifecycle, encompassing design, development, and maintenance. Key requirements include conducting a risk assessment, meeting essential cybersecurity requirements, and handling vulnerabilities throughout the product’s expected life. Manufacturers must also report actively exploited vulnerabilities and severe incidents via a single reporting platform.

Conformity assessment is differentiated by product category, ranging from self-assessment for the default category and Important products class I, to required involvement of a notified body for Important products class II and Critical products.

Implementation is underway with the development of harmonised standards and a Single Reporting Platform by ENISA, which is due to be operational by September 11, 2026. Support measures, including regulatory sandboxes and simplified technical documentation, are planned to aid SMEs.

Want to learn more about Cybersecurity Rules in the Digital Age? Download our Guide.

USB-C Common Charger Requirements Update

The Commission has finalised a report on the extension of the Common Charger scope to include products like wearables, drones, and AR/VR headsets. The report concluded that “overall, there is no single policy option that would fit all the types of device considered in this study, and there is no clear case for applying any of the options to any of the devices, since the overall impacts are expected to be limited.”

The Commission will also launch a study in 2025 on the mandatory unbundling of cables from radio equipment, with a report due by December 28, 2026, which could lead to an amendment of the Directive.

Performance Criteria Electromagnetic Compatibility (EMC) Standards

Performance criteria presents a special challenge in EMC testing because there is no such thing as technologically neutral, generic performance. The European Commission and subsequently the IEC have raised concerns about these generic criteria, leading to restrictions or non-publication of certain standards in the OJEU (Official Journal of the European Union) since 2018.

Specific Examples and Concerns

Standards like ETSI EN 301 489-3 V2.3.2 now specify performance criteria for continuous and transient phenomena, focusing on maintaining intended operation, preventing unintentional transmission or state change, and protecting critical stored data.

A key concern is that standards like CISPR 35/EN 55035 allow the manufacturer to define acceptable performance (e.g., error rate, request for retry, data transmission rate), creating a potential for manufacturers to mislead end users.

Industry Response

Test Labs need to educate the industry that EMC immunity testing checks performance under simulated real-world conditions. They must use the product’s technical specification to determine acceptable performance and the modes to be tested. If manufacturers limit the modes tested, the lab must note this deviation in the test report.

Regulators are responding by not listing EMC immunity standards with non-specific performance assessments in the OJEU. Certain basic standards such as the IEC 61000-4-x series are moving criteria to informative annexes. Product-specific standards are starting to define specific performance criteria.

Additional Considerations

Japan’s MIC Update

MIC’s presentation included a note that the Bluetooth Low Energy (BLE) 2.4 GHz low power limits are much lower than Europe or North America, but the test method is also different.

Reconfigurable Radio Systems

The commission has considered potential interference from software-defined and reconfigurable radio systems, but does not consider the risks sufficient to warrant legislative action at this time.

Evolving Regulatory Landscape for Radio Equipment in Europe

Paul Didcott of Motorola delivered an epic presentation on the expanding regulatory burden for radio equipment in Europe:

Past (Aug 2005): The landscape consisted of only 4 Directives (3 for commercial products): R&TTE, Low Voltage, EMC, and General Product Safety (GPSD).
Present (Nov 2025): The number of applicable EU legislation pieces has expanded to 32. Current requirements are driven by the Radio Equipment Directive (RED), which covers radio, safety, and EMC, plus specific articles addressing cyber safeguards and interworking. Other key current regulations include the General Product Safety Regulation (GPSR), Common Charger requirements, RED Cyber requirements, and numerous environmental regulations like WEEE, RoHS, REACH, ErP (Ecodesign), and the Battery Regulation.
Future: An additional 19 pieces of legislation are under development within the next three years , including the Right to Repair (R2R) law, the Packaging & Packaging Waste Regulation (PPWR), and the Cyber Resilience Act (CRA). Chemical regulations like REACH and RoHS are also undergoing revisions.

The Elephant in the Room

The elephant in the room throughout the meeting, from CRA implementation to REACH SKIP reform to smart standards, is that the regulatory ecosystem contains too much information with inconsistent parameters.

CRA implementation will depend on a bill of materials that includes a cybersecurity assessment for all digital components that will be compiled into a complete cybersecurity assessment for the finished product.
REACH SKIP is currently under-utilised precisely because it contains more information than can be processed in a format that cannot be condensed.
The “smartification” of standards will hang on the need for consistent categorisation of product categories, functional categories and neutral technological categories.
According to ETSI, there are close to 1,000 wireless devices per person on earth, about 7 trillion devices in total and growing.

Conclusion

The REDCA November meeting illuminated a regulatory landscape of increasing complexity. From the implementation of the Cyber Resilience Act (CRA) and updates to the Common Charger requirements to the ongoing debate over performance criteria in EMC standards, the burden on manufacturers is clearly expanding, with 32 current and 19 future pieces of EU legislation in development.

In order to manage this burden, it will be imperative for industry, regulators and standards bodies to prioritize consistency and clarity in product categorization and technical requirements.

Experience the Future of ESG Compliance

The Compliance & Risks Sustainability Platform is available now with a 30-day free trial. Experience firsthand how AI-driven, human-verified intelligence transforms regulatory complexity into strategic clarity.

👉 Start your free trial today and see how your team can lead the future of ESG compliance.

The future of compliance is predictive, verifiable, and strategic. The only question is: Will you be leading it, or catching up to it?