What risk assessment does the GPSR require before selling a product?

The General Product Safety Regulation (EU) 2023/988 (GPSR) requires manufacturers to complete an internal product safety risk assessment before placing a consumer product on the EU market. The assessment should be proportionate to the product and its reasonably foreseeable use, identifying hazards, who may be exposed (including vulnerable consumers), and which measures reduce risk to an acceptable level. Below is what the GPSR expects, how to do it, and what to keep as evidence.

What risk assessment does the GPSR require before selling a product?

The GPSR requires a mandatory internal risk analysis by the manufacturer before a product is placed on the EU market. It must be proportionate to the product and consider reasonably foreseeable use and misuse, the hazards the product may present, who is exposed, and how you will eliminate or reduce risks through design, safeguards, and consumer information.

In practice, your risk assessment should consider:

• Product characteristics, design, technical features, composition, packaging, and instructions.
• How the product interacts with other products or environments (for example, accessories, chargers, or surfaces).
• Product presentation, including labels, warnings, instructions for safe use and disposal, and age suitability.
• Vulnerable consumers, especially children, older users, and users with disabilities.
• Whether the product could attract children or be mistaken for food.
• Cybersecurity, connected features, and evolving or self-learning functions where these can affect safety.

How do you carry out a GPSR risk assessment step by step?

A GPSR risk assessment is best done as a repeatable workflow: define the product and foreseeable use, identify hazards and exposed user groups, estimate risk, apply controls, verify, then document and keep it updated. The goal is to show the product is safe under normal and reasonably foreseeable conditions and to justify the safety information you provide to consumers.

1. Define the product: model and variants, materials, key functions, accessories, and intended users.
2. Define intended and foreseeable use: include foreseeable misuse and typical environments (home, outdoors, wet areas).
3. Identify hazards: mechanical (cuts, entrapment), choking, strangulation, electrical, thermal, flammability, chemical, and microbiological hazards where relevant, plus software or cyber features that can create unsafe states.
4. Identify exposed groups: adults, children, and other vulnerable consumers, including bystanders where relevant.
5. Estimate risk using a simple matrix: severity of harm multiplied by probability (consider frequency and duration of exposure).
6. Apply risk controls in order: safer design, guards and protective measures, safer materials, packaging changes, quality controls, then warnings and instructions for use (IFU).
7. Verify controls: use relevant standards and testing where appropriate, and confirm labels and IFU match the final design and variant.
8. Document and review: update when you change the design, materials, suppliers, or software, or when complaints or accidents indicate new hazards.

What documents should you keep to prove GPSR risk assessment and compliance?

To demonstrate GPSR compliance, you should keep technical documentation that shows what you assessed, what you found, and how you controlled risks. This documentation should be prepared before placing the product on the market, kept up to date, and made available to market surveillance authorities on request. The GPSR expects documentation to be retained for 10 years.

• Risk assessment report, including identified risks and mitigation measures.
• General product description and safety-relevant specifications (including variants where safety differs).
• Design and manufacturing information relevant to safety (materials, critical components, supplier controls).
• Test reports and a list of standards applied (noting partial application where relevant).
• Label artwork, packaging files, warnings, and instructions for use, including required languages.
• Traceability information (type, batch, serial number, or other identifier) and manufacturer contact details.
• Records of complaints and accidents, investigations, and corrective actions, including withdrawals or recalls where applicable.
• Details of the EU-based Responsible Person economic operator shown on the product, packaging, or accompanying documentation.

How EARP helps with GPSR risk assessment and EU Responsible Person requirements

We help non-EU manufacturers and sellers meet GPSR expectations by making risk assessment evidence easier to compile, maintain, and present, while also fulfilling the required EU Responsible Person role. Our support is practical and documentation-focused, aligned with the GPSR and the Market Surveillance Regulation (EU) 2019/1020 (MSR).

• We guide you on what to include in a GPSR-aligned risk assessment file and technical documentation set.
• We perform completeness checks to ensure required safety documents are present and consistent across models and variants.
• We store documentation and make it available to EU authorities upon request, using structured processes.
• We act as your EU Responsible Person economic operator and support communication with market surveillance authorities.
• We support your corrective action process, including documentation handling and coordination steps when safety issues arise.

See our services or contact us to discuss your product and what you need to prepare before selling in the EU.

Related Articles

• What is a European Authorized Representative for US businesses?
• Do I need a European Authorized Representative to sell in Europe?
• How much does European Authorized Representative service cost in 2025?
• What is the difference between EU Authorized Representative and Responsible Person?
• How to become GPSR compliant for EU market entry?