The Machinery Directive becomes a Regulation and enters the 21^st century

On 21 April, the European Commission proposed a revised version of the Machinery Directive. The Directive would become a Regulation, meaning that it would be directly applicable in the Member States. This would considerably improve harmonisation.

The objective of the Machinery Regulation is to ensure that machinery products are safe. It lays down essential requirements -for health and safety- that machines must meet before they are placed on the EU market.

It is worth noting that the proposed text aims at making machine requirements fit for 21^st century. The new text mentions artificial intelligence and cybersecurity several times. The Commission noted that the former Directive did not sufficiently address risks relating to new technologies, including software update and autonomous machines. The definition of a safety component has been clarified to include non-physical components such as software.

For the sake of coherence, the proposed Regulation refers to the future AI Regulation (see briefing here) and the Cybersecurity Act. Applicable AI requirements are those contained in the AI Regulation, but the Machine Regulation still covers the incorporation of the AI system into the device to ensure that this does not affect safety. A European cybersecurity certificate or conformity statement can prove compliance with the cybersecurity requirements laid down by the Machine Regulation.

Please find below the link to the proposed Regulation and a summary of the proposal.

Conditions for placing a machine on the market

Manufacturers can only place on the EU market products that comply with the essential health and safety requirements. Before placing a product on the market, manufacturers shall draw up the technical documentation and carry out the relevant conformity assessment procedures. Once compliance has been demonstrated, they shall draw up a declaration of conformity and affix the CE marking.

Importers and distributors shall ensure that they only import or distribute products that comply with the rules.

Risk assessment

The manufacturer of a machinery product shall carry out a risk assessment to determine the essential requirements that apply to its product. When the machinery product integrates an AI system, the machinery risk assessment shall consider the risk assessment for the AI system that was carried out pursuant to the AI Regulation.

Cybersecurity requirements

A hardware component for connection that is critical for the safety compliance of the machine shall be designed so that it is adequately protected against accidental or intentional corruption. Likewise, critical software and data shall be adequately protected.

Compliance with cybersecurity requirements can be demonstrated via a European cybersecurity certification certificate or conformity statement pursuant to the Cybersecurity Act -in so far as those requirements are covered by the certificate or statement.

Requirements for fully or partially autonomous systems

Control systems of machinery products with fully or partially evolving behaviour shall be designed in a way that does not enable the machine to perform action beyond its defined tasks and space.

The proposed text also requires autonomous systems to respond to people adequately and appropriately. They shall also communicate their planned actions. The idea is to avoid triggering psychological stress in a context of interactions or coexistence with humans.

For AI systems as such, the new AI Regulation applies as it contains specific safety requirements. To avoid performing two conformity assessments, the specific AI requirements should be checked as part of the conformity assessment procedure set in the Machinery Regulation.  The essential requirements from the Machinery Regulation apply to ensure the safe integration of the AI system into the overall machinery.

Presumption of conformity

A machinery product which is in conformity with harmonised standards shall be presumed to be in conformity with the Machinery Regulation.

High-risk vs non-high risk

Annex I contains a list of high-risk machinery products. It is worth mentioning here:

- Software ensuring safety functions, including AI systems, is considered high-risk

-Machinery embedding AI systems ensuring safety functions is considered high-risk

For high-risk machinery, only third-party certification will be accepted, even when manufacturers apply the relevant harmonised standards.

Machinery which is not high-risk can follow the internal check procedure.

Notified bodies shall be established under the national law of a Member State.

Substantial modification of the product

The definition of a substantial modification has been modified to also include software update. A modification is considered substantial if it was not foreseen by the manufacturer and may affect compliance. The person that carries out the substantial modification should be required to perform a new conformity assessment before placing the modified product on the market or putting it into service. That requirement only applies to the modified part of the machine.

Penalties in case of non-compliance

Member States are responsible for setting the corresponding penalties for failure to comply with the requirements.

Next steps

The text will go through the ordinary legislative procedure. The European Parliament and the Council will come with their own positions on the proposal and will have to agree on a common version.  

If you have any questions on these issues, please contact Camille Dornier - Policy Manager: camille.dornier@eurosmart.com