Skip to content

Machinery Regulation (Reg. EU 2023/1230)

The Machinery Regulation, Regulation (EU) 2023/1230, lays down health and safety requirements for the design and construction of machinery, related products and partly completed machinery, so that they can be made available on the Union market while ensuring a high level of protection of persons and, where appropriate, domestic animals, property and the environment. Adopted under the New Legislative Framework, it replaces the historic Directive 2006/42/EC (Machinery Directive) with a directly applicable act and introduces, for the first time, express provisions on systems with self-evolving behaviour based on machine learning and on safety-relevant cybersecurity. It integrates with the other programme acts published on this site — AI Act (of which it is harmonisation legislation under Annex I), GDPR, Data Act, DGA, PLD, DSA, CRA and NIS2 — with which it shares the New Legislative Framework and the product-safety regime.

Identifiers
Title Regulation (EU) 2023/1230 of the European Parliament and of the Council of 14 June 2023 on machinery and repealing Directive 2006/42/EC of the European Parliament and of the Council and Council Directive 73/361/EEC
CELEX 32023R1230
OJ EU L 165 of 29.6.2023
Adoption date 14 June 2023
Entry into force 19 July 2023
Full applicability 20 January 2027 (with early application of certain provisions: see Status of applicability)
Rectifications Corrigendum published in OJ L 169 of 4.7.2023 — incorporated in the text of this page
Amendments Regulation (EU) 2024/2748 (internal market emergency procedures) — not reflected in the consolidated text used (version 29.6.2023)

Structure

  • 9 chapters (I–IX) covering a total of 54 articles
  • 86 recitals
  • 12 annexes (I–XII):
    • I — Categories of machinery or related products subject to specific procedures (Article 25(2) and (3))
    • II — Indicative list of safety components
    • III — Essential health and safety requirements (EHSRs)
    • IV — Technical documentation
    • V — EU declaration of conformity and EU declaration of incorporation
    • VI — Internal production control
    • VII — EU type-examination
    • VIII — Conformity to type based on internal production control
    • IX — Conformity based on full quality assurance
    • X — Conformity based on unit verification
    • XI — Assembly instructions for partly completed machinery
    • XII — Correlation table (Directive 2006/42/EC → this Regulation)

Scope of application

The Regulation applies (Article 2) to machinery, partly completed machinery and related products: interchangeable equipment, safety components, lifting accessories, chains, ropes and webbing, removable mechanical transmission devices. Excluded, among others, are safety components supplied as identical spare parts, fairground equipment, weapons, air/sea/rail means of transport and motor vehicles governed by sectoral legislation (Article 2(2)).

Products must meet the essential health and safety requirements (EHSRs) of Annex III (Article 8) and follow the conformity assessment procedures of Article 25, with affixing of the CE marking (Articles 23-24). For the categories listed in Annex I (Article 6) an enhanced procedure with a notified body is mandatory (EU type-examination or full quality assurance): these include safety components and machinery embedding systems with self-evolving behaviour based on machine learning — the direct point of contact with the AI Act.

Cross-references with the AI Act, GDPR, Data Act, DGA, PLD, DSA, CRA and NIS2

The Machinery Regulation intersects the seven EU acts published on this site: the AI Act (of which it is harmonisation legislation under Annex I — AI systems that are machinery or safety components of machinery are simultaneously products under the Machinery Regulation and, where the conditions are met, high-risk AI systems), the GDPR (for personal data processed by machinery with sensors, cameras or biometric components), the Data Act (because connected machinery are connected products that generate data), the DGA (for data from connected machinery flowing into data intermediation and altruism services — indirect intersection), the PLD (liability for defective products, where compliance with the EHSRs contributes to determining non-defectiveness), the DSA (for machinery placed on the market via online marketplaces — narrow intersection) and the NIS2 (for machinery used by essential and important entities). The CRA is the closest sibling act (cybersecurity of products with digital elements, intersecting the safety-relevant cybersecurity EHSRs of machinery).

Machinery ↔ AI Act axis (machinery and safety components with AI)

Machinery AI Act Nature of the intersection
Entire regulation; Art. 8 (EHSRs) AI Act, art. 6(1); Annex I Harmonisation legislation: the Machinery Regulation is listed in Annex I of the AI Act. An AI system that is a safety component of machinery (or is itself the machinery) subject to third-party conformity assessment is classified as high-risk under the AI Act
Art. 6; Annex I (categories subject to enhanced procedure) AI Act, art. 6(1)(a)-(b) Dual assessment: the Annex I categories requiring a notified body (e.g. safety components with self-evolving behaviour, machinery embedding machine learning systems) are typically the products that also trigger AI Act high-risk status; the two regimes cumulate on the same product
Annex III (EHSRs, incl. reliability of control systems and self-evolving behaviour) AI Act, art. 9 (risk management); art. 15 (accuracy, robustness) Technical convergence: machinery requirements on reliability and predictability of self-evolving control systems and AI Act requirements on robustness and risk management rely on the same technical safeguards (harmonised standards)
Art. 3 (definitions); art. 7 (safety components) AI Act, art. 3(1) (AI system) Definitional consistency: the Machinery Regulation notion of 'safety component' is the premise for qualifying an AI system as a high-risk safety component under the AI Act

Machinery ↔ CRA axis (physical safety and product cybersecurity)

Machinery CRA Nature of the intersection
Annex III (EHSRs on protection against corruption and control-system security) CRA, Annex I (essential cybersecurity requirements) Convergence: the machinery EHSRs on protection against corruption of software/data and on control-system security run alongside the CRA essential cybersecurity requirements for the same products where they are also products with digital elements
Art. 8; art. 25 (conformity assessment) CRA, art. 13 (manufacturer obligations) Cumulation of conformity: machinery with connected digital components is subject both to machinery conformity assessment and to CRA obligations; the two regimes operate in parallel on the same product
Art. 3 (definitions) CRA, art. 3(1) (product with digital elements) Scope overlap: many machines and related products with embedded software are simultaneously products with digital elements under the CRA

Machinery ↔ PLD axis (safety and product non-defectiveness)

Machinery PLD Nature of the intersection
Art. 8; Annex III (EHSRs) PLD, art. 7 (defectiveness) Substantive cross-reference: compliance with the machinery EHSRs contributes to the non-defectiveness of the product under the PLD; conversely, breach of the EHSRs may integrate defectiveness
Art. 10 (manufacturer obligations); Annex IV (technical documentation) PLD, art. 7(2) (presumption of defectiveness) Machinery technical documentation and risk assessment may constitute an evidentiary element in PLD proceedings
Art. 3 (definitions of 'machinery', 'related product') PLD, art. 4(1) (product) Definitional consistency: machinery is a 'product' under the PLD; the machinery manufacturer is typically the PLD manufacturer

Machinery ↔ GDPR axis (personal data processed by machinery)

Machinery GDPR Nature of the intersection
Annex III (EHSRs on integrity and security of control systems and software) GDPR, art. 5(1)(f) (integrity and confidentiality); art. 32 (security of processing) Product-side convergence: machinery EHSRs on integrity and security contribute to — without exhausting — the security of processing required by the GDPR where the machine processes personal data
Annex II (safety components, incl. devices detecting the presence of persons); art. 3 GDPR, art. 4(1) (personal data); art. 9 (special categories) Underlying processing: machinery with sensors, cameras or biometric components processes personal data (sometimes special categories); that processing remains fully GDPR-bound, undisturbed by the Machinery Regulation
Art. 8 (safety by design); Annex III GDPR, art. 25 (data protection by design) Substantive cross-reference: machine safety by design gives operational effect, at hardware/software level, to data protection by design

Machinery ↔ Data Act axis (connected machinery and generated data)

Machinery Data Act Nature of the intersection
Art. 3 (machinery, related product) Data Act, art. 2(5) (connected product) Frequent overlap: connected machinery falls within the Data Act notion of 'connected product'; the same product is subject to machinery EHSRs and to Data Act access/portability obligations
Annex III (control systems and operating data) Data Act, Chapter II — arts. 3-7 (data access and sharing) Product data: data generated by the machine's operation fall within the data to which the Data Act grants access to user and third parties
Art. 10 (manufacturer obligations) Data Act, art. 2, points 13, 14 (data holder/recipient) Cumulation of roles: the manufacturer of connected machinery is often also a data holder under the Data Act

Machinery ↔ NIS2 axis (machinery used by essential and important entities)

Machinery NIS2 Nature of the intersection
Annex III (EHSRs, incl. control-system security) NIS2, art. 21 (risk management measures); Annex II (critical sectors, incl. manufacturing) Trust chain: NIS2 entities (including manufacturing) use machinery; machinery secure by design contributes to the cybersecurity baseline NIS2 imposes on the entity
Art. 8; art. 25 NIS2, art. 24 (European cybersecurity certification schemes) Products/entities complementarity: the Machinery Regulation governs the product, NIS2 the entity using it; the two regimes operate cumulatively

Machinery ↔ DGA axis (data from connected machinery and intermediation)

Machinery DGA Nature of the intersection
Art. 3 (machinery, related product) DGA, art. 2(11) (data intermediation service) Indirect intersection: data generated by connected machinery may flow into data intermediation and altruism services governed by the DGA; the DGA regulates the data service, not the machine-product

Machinery ↔ DSA axis (placement via online marketplaces)

Machinery DSA Nature of the intersection
Art. 10; art. 13 (obligations of economic operators) DSA, Chapter III (online marketplace obligations: trader traceability, tackling non-compliant products) Intersection confined to online channels: where a machine is offered on an online marketplace, the DSA obligations of the platform provider run alongside the product conformity required by the Machinery Regulation

Definitional framework

Concept Machinery AI Act GDPR Data Act DGA PLD DSA NIS2
Product / system art. 3 (machinery, related product) art. 3(1) (AI system) n/a art. 2(5) (connected product) n/a art. 4(1) n/a n/a
Safety component art. 3; art. 7; Annex II art. 6(1) (high-risk) n/a n/a n/a art. 4(4) (component) n/a n/a
Manufacturer / operator art. 3; art. 10 art. 3(3) (provider) art. 4(7) (controller) art. 2(13), (14) art. 2(11) art. 4(10) art. 3(b) art. 6(38)
Personal data (GDPR cross-reference) art. 3(50) art. 4(1) art. 2(3) art. 2(3) art. 4(6) (GDPR cross-reference) art. 6(14)
Conformity assessment / CE marking art. 25; arts. 23-24 art. 43; art. 48 n/a n/a n/a n/a n/a art. 24
Cybersecurity Annex III art. 15 art. 32 (relevant) n/a (substantive cross-reference) n/a art. 21

Amendments and rectifications

The text of this page is generated from the original version (CELEX 32023R1230, OJ L 165 of 29.6.2023) and incorporates the corrigendum published in OJ L 169 of 4.7.2023, which corrected certain commencement and application dates in the final articles (Articles 6, 47, 50-54).

The Machinery Regulation was subsequently amended by Regulation (EU) 2024/2748 (internal market emergency procedures): that amendment is not incorporated in the consolidated text used on this page, dated 29.6.2023.

The Regulation repeals (Article 51), with effect from 20 January 2027, Directive 2006/42/EC (Machinery Directive) and Directive 73/361/EEC. The correlation table (Annex XII) maps the correspondence between the provisions of Directive 2006/42/EC and those of this Regulation.

Status of applicability

The Regulation has been in force since 19 July 2023 and applies, in general, from 20 January 2027 (Article 54). Some provisions have earlier commencement dates:

  • 19 July 2023: Article 6(7) and Articles 48 and 52;
  • 20 January 2024: Articles 26 to 42 (notification of conformity assessment bodies);
  • 20 July 2024: Article 6(2) to (6), (8) and (11), Article 47 and Article 53(3);
  • 20 October 2026: Article 50(1) (penalties);
  • 20 January 2027: general application and repeal of Directive 2006/42/EC.

Entries from the AI-centric glossary relevant to this act:

Official sources

Section index

  • Recitals — 86 full recitals
  • Text — 9 chapters, 54 articles
  • Annexes — 12 annexes (categories, safety components, EHSRs, conformity, correlation table)