SG 61/24
UK Product Security and Telecommunications Infrastructure (PSTI) regulations will be fully enforced and mandatory for IoT manufacturers selling on UK markets from April 29, 2024.
The UK PSTI Act specifies the cybersecurity requirements applicable to consumer IoT products made available on the UK market. It is enforced by the Office for Product Safety and Standards (OPSS).
To avoid penalties, businesses involved in the manufacturing, importing or distributing of connectable consumer products must take diligent steps to understand and implement the required security measures.
The UK PSTI act imposes substantial monetary penalties for manufacturers who do not comply with the legislation, including:
- For the purposes of section 36 the relevant maximum fine in relation to a person, is the greater of:
- £10 million
- 4% of the person’s qualifying worldwide revenue using the most recent complete accounting period for calculation
- A penalty notice given in respect of a relevant breach may, in addition to requiring the person to pay a penalty of a specified amount (‘the fixed penalty’), involve the paying of a further daily penalty to the Secretary of State within a specified period. This will not exceed GBP 20,000 for each day for which the relevant breach continues after the end of the period specified for payment of the fixed penalty
How can SGS support you?
SGS Brightsight provides independent third-party assessment against the different security compliance conditions in Schedule 2 and works with SGS in the UK, who can issue a certificate of compliance (CoC) for PSTI. The SGS certificate supports the manufacturer in showing deemed compliance to conditions in Schedule 2 in their statement of compliance. Furthermore, a UK PSTI assessment can be combined with RED compliance for articles 3.3 (d), (e) and (f).
Upon successfully completion of an evaluation assessment using the EN 303 645 standard, we can also issue our cybersecurity mark to demonstrate your product's adherence to the highest security standards, which can include UK PSTI.
Read more about the UK PSTI Act here, or contact us for more information. In the end, it’s only trusted because it’s tested.
© SGS Société Générale de Surveillance SA. This publication or website is a property of SGS Société Générale de Surveillance SA. All contents including website designs, text, and graphics contained herein are owned by or licensed to SGS Société Générale de Surveillance SA. The information provided is for technical and general information purposes only and offers no legal advice. The information is no substitute for professional legal advice to ensure compliance with the applicable laws and regulations. All information is provided in good faith “as is”, and SGS Société Générale de Surveillance SA makes no representation or warranty of any kind, express or implied, and does not warrant that the information will be error-free or meet any particular criteria of performance or quality.
