【BSMI】Taiwan BSMI to Enforce Mandatory Inspection for LED Light Source Control Devices

/in , , /by

If your product portfolio includes lighting equipment, LED drivers, or power supplies targeting the Taiwanese market, please look closely at this upcoming regulatory change. The Bureau of Standards, Metrology and Inspection (BSMI) under the Ministry of Economic Affairs in Taiwan has officially announced that LED light source control devices will be included in the list of mandatory commodity inspection items.

This regulatory measure is being introduced to ensure consumer rights and electrical safety across the market.

Official Implementation Timeline:

  • Enforcement Date: January 1, 2027
  • What this means: Starting from this date, all covered LED light source control devices must pass BSMI inspection, obtain the appropriate certification, and bear the Commodity Inspection Mark before they can be legally imported, manufactured, or sold in Taiwan.

💡 Word-of-Advice for Hardware Manufacturers: Although the mandate officially kicks in on January 1, 2027, the testing, factory auditing (if applicable), and bureaucratic review processes for BSMI can take several months. We strongly recommend initiating your product gap analysis and pre-testing phases now to prevent any supply chain disruptions when the gate closes.



For further inquiries, please contact:
Email:Charles.liao@theonelab.co
Phone:(02)8601-2828

【SDPPI】Indonesia Revises SAR Regulations for Tablets and Wearables (KEPMEN No. 197 of 2026)

/in , /by

The Indonesian Ministry of Communication and Digital Affairs (KOMDIGI, formerly KEMKOMINFO/SDPPI) has officially issued a new decree, KEPMEN No. 197 of 2026, regarding Specific Absorption Rate (SAR) limits for telecommunication devices. This latest regulation immediately replaces the previous KEPMEN No. 177 of 2024.

For manufacturers of mobile phones, tablets, and connected wearables targetting the Indonesian market, this update introduces key strategic flexibilities—particularly regarding tablet exemptions and laboratory declaration extensions.

⚠️Key Regulatory Updates

Extended Validity for SAR Laboratory Declaration Letters (SAR SUKET):

Valid until July 31, 2027


For products requiring SAR testing, manufacturers can still utilize a Laboratory Declaration Letter (SAR SUKET) to apply for SDPPI certification. You do not need to wait for the final, formal SAR test report to be issued, ensuring faster time-to-market.

New SAR Head-Position Testing Exemptions for Tablets

Major Relief for Non-Voice Tablets

Under the old framework, all tablet computers were subject to mandatory SAR testing for the head position. The new 2026 regulation revises this requirement based on the product’s intended use.

Are Your Tablets Exempted from Head-Position SAR Testing?


If your tablet is not designed for voice communication (e.g., it does not support traditional cellular voice calls) and its speaker is not intended to be used close to the human ear, it is now fully exempt from SAR head-position testing.

Documents Required to Claim Exemption: To legally bypass the head-position test during your SDPPI application, you must submit:

  1. A formal Declaration Letter stating the device is not designed for voice calls and the speaker is not for near-ear use.
  2. Technical Product Specifications supporting this claim, including clear internal photos showing the exact layout and positions of all internal hardware components.

Streamline Your Indonesia SDPPI Certification


Navigating Indonesia’s evolving testing landscape requires precise documentation to avoid costly delays. THE ONE is ready to review your tablet designs, draft the required declaration letters, and leverage the SAR SUKET pathway for your upcoming launches.

For further inquiries, please contact:
Email:Charles.liao@theonelab.co
Phone:(02)8601-2828

EU CE

【EU】EU Agrees to Simplify AI Rules to Boost Innovation, Ban ‘Nudification’ Apps, and Set Clear Hardware Integration Timelines

/in , /by

Understanding the “Digital Omnibus on AI”: Key Compliance Deadlines Enforced for High-Risk Systems (2027) and Smart Integrated Products (2028).

Global software compliance and smart hardware market access have reached a pivotal milestone. The European Commission has welcomed the political agreement reached between the European Parliament and the Council of the EU on simpler, innovation-friendly rules for artificial intelligence (AI).

Part of the EU’s simplification agenda to boost Europe’s competitiveness, the newly proposed “Digital Omnibus on AI” aims to ease the administrative burden of the AI Act for businesses while robustly safeguarding society, safety, and fundamental rights. Furthermore, the agreement institutes an outright ban on “nudification” applications to protect citizens.

4 Crucial Takeaways from the EU AI Act Simplification

1. Launch of the “Digital Omnibus”

Proposed just five months ago, this initiative streamlines compliance and implementation procedures for EU businesses. It reduces regulatory hurdles—particularly benefiting SMEs—while maintaining stringent protections for safety and fundamental rights.

2. Strict Ban on AI ‘Nudification’ Apps

In a decisive move to protect privacy and human dignity, the agreement strictly bans deepfake “nudification” applications that generate non-consensual explicit imagery using artificial intelligence.

3. Timeline for High-Risk AI Systems

A definitive implementation roadmap has been established. AI systems utilized in designated high-risk infrastructure—such as biometrics, critical infrastructure, education, employment, migration, asylum, and border control—must fully comply by December 2, 2027.

4. Timeline for Integrated Hardware Products

For AI systems embedded into physical consumer or industrial products, such as lifts, medical devices, or toys, the compliance rules will apply starting August 2, 2028. This phased sequencing ensures technical testing standards and verification tools are well-established before enforcement.

⚠️ THE ONE Compliance Insights & Recommendations

The EU’s decision to sequence the enforcement dates (2027 for standalone software systems and 2028 for embedded hardware) highlights the regulatory body’s awareness that technical standards must mature before physical CE-marking conformity assessments can begin.

For manufacturers exporting smart connected products, IoT devices, or interactive consumer goods (such as smart toys) to the European market, early-stage compliance architecture is critical. The simplified rules imply a more streamlined but precise enforcement mechanism. We strongly advise international brands to begin auditing their AI functionalities against the high-risk categorization criteria today.

For further inquiries, please contact:
Email:Charles.liao@theonelab.co
Phone:(02)8601-2828

VN QCVN

【Vietnam ICT】Enforces Circular No. 14/2026/TT-BKHCN: Paradigm Shift to Risk-Based Conformity Framework and Introduction of E-Labeling

/in , /by

A significant regulatory transition is set to reshape the market access landscape in Southeast Asia. The Vietnamese Ministry of Science and Technology (MoST) officially issued Circular No. 14/2026/TT-BKHCN. This landmark regulation will enter into force on May 25, 2026, fully replacing the long-standing Circular No. 28/2012/TT-BKHCN.

The core of this regulatory overhaul is Vietnam’s transition away from its traditional legacy group-based classification. In its place, MoST is introducing a modernized, risk-based conformity assessment framework aligned with international standardization and regulatory best practices.

THE ONE has compiled the four key technical takeaways from Circular No. 14/2026/TT-BKHCN that international manufacturers must understand:

4 key technical takeaways from Circular No. 14/2026/TT-BKHCN

1. Eight Conformity Assessment Methods

The new framework introduces eight rigorous conformity assessment methods. The exact method applicable to a device will be heavily dictated by its specific risk tiering, including testing, factory audits, or document reviews.

2. Risk-Driven Validity & Surveillance

Under the new regime, both the validity period of conformity certificates and the frequency of ongoing market surveillance will be directly determined by the product’s risk level. Higher-risk products will undergo more frequent surveillance cycles.

3. Digitalization and E-Labeling Support

In an effort to streamline administrative burdens, MoST has enabled full online submission for approval applications. Crucially, the new regulation officially opens the door for e-labeling, offering manufacturers flexibility in product marking and significantly reducing physical printing and packaging redesign overheads.

4. Grandfathering Clause for Existing Approvals

To ensure business continuity, existing Type Approval Certificates (TAC) and Declarations of Conformity (DoC) granted under the old regime will remain fully valid until their original, listed expiration dates.

【Future Regulatory Outlook】

This Circular represents the first wave of a larger regulatory alignment in Vietnam. MoST is currently drafting separate circulars intended to replace Circular No. 30/2011/TT-BTTTT and Circular No. 29/2025/TT-BKHCN. These forthcoming updates are expected to further revise specific type approval metrics and DoC procedures. Furthermore, an official, finalized risk-based product list is slated for publication in the coming months.

Given the ongoing restructuring and integration of mandates between Vietnam’s MIC and MoST, staying ahead of certification requirements is vital to avoid supply chain disruptions. We strongly advise manufacturers targeting the Vietnamese market to immediately review their product catalog against the upcoming 8 conformity methods.

Contat THE ONE

For further inquiries, please contact:
Email:Charles.liao@theonelab.co
Phone:(02)8601-2828

FCC

【FCC Announcement】FCC Looks to Prohibit Electronic Device Testing Using Labs in CountriesWithout Reciprocal Agreements

/in , /by

【FCC Public Announcement】 April 30, 2026, the Federal Communications Commission (FCC) voted to launch a rulemaking which proposes prohibiting the recognition of electronic device test labs and certification bodies in foreign countries that have not signed reciprocity agreements to recognize American test labs and certification bodies. The FCC also adopted new rules streamlining the approval process for devices that are tested in U.S. labs or labs in reciprocal countries. Test labs review electronic devices for sale and use in the United States as part of the FCC’s equipment authorization program.

Today’s actions help ensure integrity, security, and reciprocity in electronic device testing. Until 2015, the FCC only allowed device testing and certification in the U.S. or foreign countries with Mutual Recognition Agreements (MRA) with the U.S., guaranteeing reciprocal treatment. The new rules and the proposed rules adopted today look to restore – and improve upon – this successful policy in order to bolster FCC oversight and enforcement, strengthen the reliability and integrity of the FCC’s equipment authorization process, and prioritize national security.

The Notice of Proposed Rulemaking adopted today will seek comment on the proposed prohibition of recognizing any test labs and certification bodies in countries that lack either an MRA with the U.S. or other comparable reciprocal trade agreement. Under this proposal, these labs would be phased out over two years after any final rules were adopted and implemented.

In addition, the FCC adopted an Order to create a fast-track priority review process for devices tested in trusted test labs – namely those located in the United States or reciprocal international locations. The Order would also adopt a range of other measures to promote the integrity of the equipment authorization system: require the disclosure of the location and number of employees engaged in FCC-recognized testing, improve the FCC’s post-market surveillance procedures, strengthen enforcement mechanisms, and establish confidential reporting channels for industry participants to raise concerns about violations or national security threats.

Today’s action follows last year’s FCC adoption of rules to prohibit the recognition of test labs and certification bodies owned or controlled by foreign adversaries. Since those rules were adopted, the FCC has taken action to withdraw recognition from, or deny recognition to, twenty-three “Bad Labs” that threatened U.S. national security.

Action by the Commission April 30, 2026 by Second Report and Order, Order on Reconsideration, and Second Further Notice of Proposed Rulemaking (FCC 26-28). Chairman Carr, Commissioners Gomez and Trusty approving. Chairman Carr and Commissioner Trusty issuing separate statements.

Reference please check the below:

DOC-421311A1Download

For further inquiries, please contact:
Email:Charles.liao@theonelab.co
Phone:(02)8601-2828

EU CE

【EU】EU AI Act: Key Timeline for Businesses Using AI

/in , /by

As artificial intelligence continues to grow rapidly, the European Union has introduced the EU AI Act, the world’s first comprehensive regulation on AI.

The regulation officially entered into force in 2024 and will be implemented in phases over the next few years. Businesses that develop or use AI-related products are encouraged to start paying attention to the timeline and potential impact.

📅 Key Timeline (Simplified)

2024

  • August 1, 2024 – Regulation enters into force
  • Transition period begins (approx. 2 years)

👉 At this stage:
Preparation phase. Most obligations are not yet enforced.

2025 (First wave of enforcement)

  • February 2, 2025 – Prohibited AI practices banned
    • Examples: social scoring, manipulative AI systems

👉 In short:
The most harmful AI uses are banned first

  • August 2, 2025 – Generative AI requirements begin
    • Transparency obligations
    • Disclosure of training data (where applicable)
    • Copyright compliance

👉 Focus:
General-purpose AI (e.g. ChatGPT-like models) comes under regulation

⭐⭐2026 (Main obligations apply)

  • August 2, 2026 – Most AI rules become fully applicable
    • High-risk AI requirements (risk management, documentation, testing, etc.)

👉 This is the key milestone for most businesses

2027 (Extended deadlines for certain sectors)

  • Additional time for AI embedded in regulated products
    (e.g. medical devices, machinery)

👉 Industry-specific AI may have longer timelines

🧭 What Should Businesses Do?

You should start paying attention if your product or service:

  • Uses AI (e.g. recommendation systems, chatbots, image recognition)
  • Integrates generative AI tools
  • Impacts decision-making, safety, or user rights
    (e.g. finance, hiring, healthcare)

For further inquiries, please contact:
Email:Charles.liao@theonelab.co
Phone:(02)8601-2828

BSMI

【BSMI】Household Energy Storage Equipment Will Be Subject to Mandatory Inspection Starting July 1, 2026.

/in , /by

Stationary Lithium Energy Storage Systems will be subject to mandatory inspection starting July 1, 2026. Imported and domestically manufactured products will be required to undergo inspection. The applicable conformity assessment procedures include either type approval followed by batch-by-batch inspection, or a dual-track approach consisting of batch inspection and registration of product certification.

For single cells or battery systems used in these products that comply with CNS 62619 or CNS 63056 and have obtained a Voluntary Product Certification (VPC) certificate issued by BSMI, such certificate may serve as proof of conformity for the single cells or battery systems.

For products with composite or multiple functions that fall within the scope of mandatory inspection, they must comply with the relevant inspection standards and the requirements of the registration of product certification scheme.

FCC Cyber

【US-FCC】FCC Names ioXt Alliance as Lead Administrator for U.S. Cyber Trust Mark Program

/in , /by

The Federal Communications Commission (FCC) today announced the selection of ioXt Alliance (ioXt) to serve as the Lead Administrator for the U.S. Cyber Trust Mark Program. This voluntary cybersecurity labeling program is designed to empower consumers with informed decisions regarding the security of wireless IoT products.

For manufacturers and stakeholders in the IoT ecosystem, this announcement marks a pivotal transition towards standardized cybersecurity labeling in the U.S. market:

  1. Advancing Implementation: As the Lead Administrator, ioXt will collaborate with the FCC to finalize the program’s implementation, focusing on consumer outreach and label finalization.
  2. Defining Standards & Testing: ioXt is tasked with recommending additional cybersecurity standards and technical testing procedures to the Commission. This will directly influence how IoT products are evaluated for the Cyber Trust Mark.
  3. Focus on National Security: Under Chairman Brendan Carr, the program places a significant emphasis on national and cyber security, ensuring that products entering American homes meet robust safety criteria.

For further inquiries, please contact:
Email:Charles.liao@theonelab.co
Phone:(02)8601-2828

CRA

【EU CRA】 Reporting Guide: Mandatory 24-Hour Notification Starts September 11, 2026

/in , /by

As the European Union moves toward the full implementation of the Cyber Resilience Act (CRA), the European Commission has clarified the mandatory reporting obligations for products with digital elements. Starting September 11, 2026, manufacturers must comply with rigorous timelines for reporting actively exploited vulnerabilities and severe security incidents.

1. The “24-Hour” Compliance Challenge

Under the CRA, the window for reporting is exceptionally narrow. Manufacturers must implement a multi-stage notification process:

  • Early Warning (24 Hours): Within 24 hours of becoming aware of an actively exploited vulnerability or a severe incident, an initial alert must be submitted.
  • Full Notification (72 Hours): A detailed analysis of the incident/vulnerability must follow the early warning.
  • Final Report: For vulnerabilities, a report is due 14 days after a corrective measure (patch) is available; for severe incidents, the deadline is one month.

2. Centralized Compliance via the Single Reporting Platform (SRP)

To streamline the process, ENISA is developing the CRA Single Reporting Platform (SRP).

  • One-Stop Reporting: Manufacturers will report only once through the SRP. The notification is automatically routed to the relevant Computer Security Incident Response Team (CSIRT) and ENISA simultaneously.
  • Operational Timeline: The platform will be fully operational by September 11, 2026. A testing phase will precede the launch, allowing manufacturers to dry-run their reporting pipelines.

3. Critical Implications for Product Certification

From a certification perspective, “Compliance” now extends beyond the physical product to the manufacturer’s operational lifecycle:

  • Vulnerability Management Audits: During the conformity assessment process, manufacturers must demonstrate they have the internal infrastructure to detect and report incidents within the 24-hour threshold.
  • SBOM and Supply Chain Transparency: Rapid reporting is impossible without a comprehensive Software Bill of Materials (SBOM). Certification will increasingly depend on a manufacturer’s ability to map their software supply chain accurately.
  • Cross-Border Information Sharing: While information is generally shared across EU member states immediately, a delegated act adopted in December 2025 allows CSIRTs to delay dissemination under specific cybersecurity grounds to prevent further exploitation.

如有任何問題,歡迎聯繫我們
電郵:Charles.liao@theonelab.co
電話:(02)8601-2828

BIS

【India BIS】India BIS Issues 2026 Conformity Assessment Amendment

/in , /by

On February 25, 2026, the Government of India published the Bureau of Indian Standards (Conformity Assessment) Amendment Regulations, 2026. This amendment introduces significant changes to fee payment structures, licence maintenance, and validity periods, affecting all manufacturers holding or seeking BIS certification.

1. Transition to “Annual Advance Payment” System 

The new regulations mandate that fees for the grant, renewal, and maintenance of licences must be paid annually in advance before the due date.

Crucially, the Production Statement must now be submitted simultaneously with the annual fee payment.

2. Stringent Penalties: Automatic Suspension and Cancellation 

BIS has implemented a more rigorous enforcement mechanism for non-compliance with payment schedules:

  • Immediate Suspension: Failure to pay by the due date will result in an automatic 90-day suspension of the licence.
  • Reinstatement Fee: To revoke a suspension, the licensee must pay the outstanding dues plus a late fee of INR 5,000.
  • Removal of Notice Period: For suspensions or cancellations caused by non-payment, the standard 21-day prior notice period no longer applies.

3. Extension of Licence Validity 

To streamline administrative processes, the initial grant and subsequent renewal periods for licences under Scheme-I, Scheme-II, and Scheme-X have been extended to a maximum of 5 years.

4. “Scheme-II”: A Registration Process Based on Self-Declaration

This amendment provides a detailed definition of Scheme-II (the registration system based on a self-declaration of conformity):

  • Process Transparency: Manufacturers must designate a third-party laboratory to conduct testing and submit a self-declaration of conformity for registration.
  • Market Surveillance: BIS reserves the right to draw samples from the market or customs at any time for surveillance testing.
  • Electronic Labelling (E-labelling): For electronic products with integrated displays, the use of electronic labels is permitted in place of physical labels.

For manufacturers with production facilities located outside India, please ensure that your Authorized Indian Representative (AIR) has signed the latest compliance declarations and affidavits to remain in full accordance with the updated regulatory requirements. 



For further inquiries, please contact:
Email:Charles.liao@theonelab.co
Phone:(02)8601-2828