Source: OJ L 2024/2847, 20.11.2024Current language: EN
- Cyber resilience for products with digital elements
Basic legislative acts
- CRA regulation
Article 49 Information obligation on notified bodies
Summary What does Article 49 of the CRA regulation say?
This article establishes the reporting and information-sharing obligations that notified bodies must fulfil.
It operates within the broader framework governing notified bodies, sitting alongside articles on their designation, monitoring, and operational requirements.
The article covers two distinct flows of information: upward reporting to the notifying authority, and lateral sharing with peer notified bodies carrying out similar work on the same product categories.
Important points:
- Notified bodies are required to keep their notifying authority informed of key developments, including certificate refusals, suspensions or withdrawals, changes to the conditions of their notification, and any requests received from market surveillance authorities.
- Notified bodies must proactively share information on negative conformity assessment results, and positive results upon request, with other notified bodies covering the same products with digital elements.
- These obligations support oversight and consistency across the conformity assessment system by ensuring both supervisory authorities and peer bodies remain informed.
Springlex's summary of the article, a reading aid, not a substitute for the legal text.
Notified bodies shall inform the notifying authority of the following:
any refusal, restriction, suspension or withdrawal of a certificate;
any circumstances affecting the scope of and conditions for notification;
any request for information which they have received from market surveillance authorities regarding conformity assessment activities;
on request, conformity assessment activities performed within the scope of their notification and any other activity performed, including cross-border activities and subcontracting.
Notified bodies shall provide the other bodies notified under this Regulation carrying out similar conformity assessment activities covering the same products with digital elements with relevant information on issues relating to negative and, upon request, positive conformity assessment results.
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.
Definition
component
Definition
cybersecurity
Definition
manufacturer
Definition
withdrawal
Definition
notified body
Definition
Union harmonisation legislation
Definition
product with digital elements
Definition
conformity assessment
Definition
remote data processing
Definition
conformity assessment body
Definition
notifying authority
Definition
electronic information system
Definition
market surveillance authority
Definition
hardware
Definition
software