The Machinery Regulation 2023/1230 - how it affects machine manufacturers and importers
Dec 16, 2025
The new Machinery Regulation (EU 2023/1230) replaces the previous Machinery Directive (2006/42/EC) and aims to strengthen machinery safety in an era of rapid technological development. Here we review the most important changes and what they mean for machine manufacturers, importers, and other economic operators.
Why a new Machinery Regulation?
The Machinery Directive has been a cornerstone for machinery safety in the EU for almost two decades. However, as AI, autonomous systems, and cybersecurity have become part of modern machinery, an expanded and improved legal framework was needed.
Unlike the directive, the Machinery Regulation is directly applicable in all EU countries, reducing interpretation disputes and creating a more unified market.
When does the Machinery Regulation come into effect?
The Machinery Regulation will start to apply on January 20, 2027. Until then, there is a transition period during which manufacturers and importers must adapt to the new requirements.
Machines sold or put into operation on the EU market before January 20, 2027 follow the Machinery Directive.
Machines sold or put into operation on the market after this date must comply with the Machinery Regulation.
Important changes in the Machinery Regulation
Machines with AI
Machines using AI are subject to new safety requirements. Among other things, one must define the functionalities of the AI system so that they cannot behave in an unpredictable or dangerous manner.
Substantial change - new CE marking
In cases of changes affecting the safety or performance of the machine, a new CE marking may be required. The regulation defines the concept of substantial change more clearly than the Machinery Directive.
Autonomous mobile machines
The regulation introduces detailed requirements for autonomous machines, providing better guidance in design and risk assessment.
Machines that always require certification
Annex IV of the Machinery Directive is replaced by Annex I of the regulation:
Annex I(A): Machines that must always be type-approved by a notified body.
Annex I(B): Machines that must be certified under certain conditions, similar to the current system.
Cybersecurity for connected machines
Manufacturers must ensure that connected machines are protected against cyberattacks. These attacks must not affect the machine's safety functions. This includes requirements for software updates and risk management related to digital threats.
Note that even the Cyber Resilience Act (CRA) could affect machines with connected functionalities.
Digital product documentation
User manuals, assembly instructions, and declarations of conformity (DoC) can be provided digitally, but physical manuals must be delivered upon customer request.
How are cybersecurity requirements affected?
Traditionally, machines were expected to be safe at launch - after that, the responsibility lay with the user. With the Machinery Regulation, this changes: the manufacturer is responsible for cybersecurity for up to 10 years by providing security updates.
This means that many companies will need to revise both their product strategy and business model.
How do you prepare for the Machinery Regulation?
To meet the new requirements, companies should:
Compare the requirements of the Machinery Directive with the Machinery Regulation.
Update procedures, processes, and templates (including risk assessments).
Check technical documentation and ensure it meets the new requirements.
Verify CE marking and EU declaration of conformity if you commission or sell a machine from January 20, 2027.
Train staff on the new requirements.
With Noex as a platform, you can easily structure and gather your documentation. Of course, the Machinery Regulation is already part of Noex, making it easier for you to proactively prepare for the change.
Summary
The Machinery Regulation 2023/1230 entails significant changes for all who develop, manufacture, use, import, or sell machinery within the EU.
CE marking and documentation remain core.
AI, autonomy, and cybersecurity will be new central focus areas.
Risk assessments need to encompass new types of risks that may arise from autonomous machines, AI-based safety features, cyber threats, human-machine interactions, and integrated manufacturing systems.
Clearer definitions regarding substantial modification/renovation.
Digital documentation that allows providing user manuals and assembly instructions digitally.
It is crucial to start the work on time to avoid costly delays, penalties, or market recalls.
FAQ - Frequently Asked Questions about the Machinery Regulation
When does the Machinery Regulation apply?
It will fully apply from January 20, 2027.
What applies until the Machinery Regulation?&h3>
The Machinery Directive remains mandatory until January 20, 2027.
For whom or what does the Machinery Regulation apply?
The new regulation continues to cover machines and related products, and with the expansion, safety components now also include software.
What applies to harmonized standards?
It is still unclear how standards that have so far been harmonized with the Machinery Directive will be handled. There are over 750 standards being reviewed and revised (where necessary) to meet the new requirements.
Does my high-risk machine require third-party inspection?
Previously, some machines could be approved by the manufacturer themselves if they followed a harmonized standard. This changes with the new regulation.
In Annex A, high-risk machines that must undergo independent third-party certification are listed.
There will be six machine categories that must always be reviewed and certified by a third party (notified body) regardless of whether standards have been followed or not.
This is due to increased complexity, partly due to AI.
Do you want to see how Noex can help you navigate the new Machinery Regulation?
