Compliance deadlines for regulated hardware.
The regulatory deadlines bearing down on Medtech, consumer electronics, and connected-device teams — dated, sourced, and kept current. One page per regime.
-
EU Digital Product Passport (ESPR)
Next: 19 Jul 2026
The EU Digital Product Passport registry becomes operational on 19 July 2026 under the Ecodesign for Sustainable Products Regulation (Regulation (EU) 2024/1781). Registry launch is the infrastructure milestone; product DPP obligations attach family by family via delegated acts from 2027 onward.
-
EU Right to Repair Directive
Next: 31 Jul 2026
The EU Right to Repair Directive (Directive (EU) 2024/1799) must be transposed into national law by 31 July 2026. Manufacturers of Annex II products must repair on request beyond the guarantee period, supply spare parts and repair information, and accept a 12-month guarantee extension when repair is chosen over replacement.
-
EU Cyber Resilience Act
Next: 11 Sept 2026
The EU Cyber Resilience Act (Regulation (EU) 2024/2847) entered into force in December 2024. Its reporting obligations apply from 11 September 2026 and its main obligations from 11 December 2027. It covers nearly every product with digital elements sold into the EU.
-
EU Battery Regulation
Next: 18 Feb 2027
The EU Battery Regulation (Regulation (EU) 2023/1542) has applied since 18 February 2024. Its carbon-footprint and supply-chain due-diligence obligations phase in via delegated acts — several of which have been delayed — and the digital battery passport becomes mandatory on 18 February 2027 for EV, industrial (>2 kWh) and light-means-of-transport batteries.
-
EU MDR Transition
Next: 31 Dec 2027
Under Regulation (EU) 2023/607, the EU Medical Device Regulation transition runs to 31 December 2027 for Class III and Class IIb implantable devices and 31 December 2028 for other Class IIb, Class IIa and Class I devices — provided manufacturers met the 2024 notified-body application milestones.
-
FDA Section 524B
In force
FDA Section 524B has required cybersecurity documentation for cyber devices in premarket submissions since 29 March 2023, with the Refuse to Accept policy enforced from 1 October 2023 and final guidance issued 27 June 2025. It is fully in force — an incomplete cybersecurity package can have a submission refused before review.