Search every question across CRA sub-FAQs

No.

Accreditation is the preferred means of demonstrating competence, and an accreditation certificate can accompany the notification application. But the CRA also allows notification without accreditation if the body provides the documentary evidence needed to verify compliance with Article 39. In that case, the notifying authority must supply that evidence to the Commission and the other Member States, and the no-objection period is two months rather than two weeks.

No.

The CRA says bodies accredited and notified under other Union frameworks with similar requirements should still be newly assessed and notified under the CRA. Synergies may be used to avoid unnecessary burden where requirements overlap, but the body becomes a CRA notified body only once the CRA notification procedure is completed.

No.

Article 44 says the Commission assigns a single identification number even where the body is notified under several Union legal acts. The Blue Guide adds that this NANDO number is an administrative identifier for managing the lists of notified bodies; it does not itself confer substantive rights or scope beyond the published notification.

Under the CRA, free and open-source software means software whose source code is openly shared and which is made available under a licence that provides the rights to make it freely accessible, usable, modifiable, and redistributable.

No.

For the economic operators covered by the CRA, only free and open-source software made available on the market, meaning supplied for distribution or use on the Union market in the course of a commercial activity, falls under the full CRA product regime.

No.

Open-source status does not by itself decide the issue. The key CRA question is whether the software is supplied on the Union market in the course of a commercial activity.

The CRA does not reduce it to a single formal test.

Recital 15 gives practical indicators. Commercial activity may be characterised not only by charging a price for the software itself, but also by charging for technical support where that does not merely recover actual costs, by an intention to monetise, by using the software to monetise other services, by requiring personal-data processing as a condition of use for reasons other than security, compatibility, or interoperability, or by accepting donations exceeding the costs associated with the software's design, development, and provision.

Yes, in principle.

If the software is supplied on the Union market in the course of a commercial activity, open-source status does not prevent it from being treated as a product with digital elements under the CRA.

Yes.

The CRA makes clear that commercial activity is not limited to charging a price for the software itself. It can also arise from monetisation of related services or from the other commercial indicators listed in recital 15.

No.

The CRA says that accepting donations without the intention of making a profit should not be considered a commercial activity. The March 2026 draft guidance adds that a FOSS project funded only through voluntary donations is unlikely to be treated as placed on the market where access to the software, source code, and updates is not conditioned on donating.

But donations can still amount to commercial activity where, in practice, they function like the price of access, for example if releases, binaries, updates, or other essential benefits are available only to donors, or if the donation model is organised to generate systematic profit rather than sustain the project.

No.

The CRA says that the circumstances in which the software was developed, and how its development was financed, should not by themselves determine whether the activity is commercial or non-commercial.

No.

The CRA expressly says that the mere presence of regular releases should not in itself lead to the conclusion that free and open-source software is supplied in the course of a commercial activity.

No.

The March 2026 draft guidance says the decisive factor is whether access to the FOSS itself, including its maintenance and support, is conditioned on remuneration. If the FOSS can be downloaded and installed freely and users can separately buy consultancy or support, that does not by itself mean the FOSS is placed on the market.

But where a specific edition or version is supplied only under a paid arrangement that includes support or performance optimisation, that provision is monetised and is treated as being placed on the market.

Then the CRA says that should not be treated as a commercial activity on that basis alone.

Recital 18 states that products with digital elements qualifying as free and open-source software that are not monetised by their manufacturers should not be considered to involve a commercial activity.

Not automatically, but the CRA gives not-for-profit organisations a specific rule.

For the purposes of the CRA, development and publication of free and open-source software by a not-for-profit organisation should not be considered a commercial activity if the organisation is set up so that all earnings after costs are used to achieve not-for-profit objectives.

The March 2026 draft guidance adds that this can remain true even where the FOSS is directly monetised, for example through search-engine partnerships, as long as the organisation meets that not-for-profit condition. If such a legal person also meets the Article 3(14) criteria, it may be a steward rather than a manufacturer for that FOSS.

No.

The CRA says it does not apply to natural or legal persons who contribute source code to free and open-source software that is not under their responsibility.

No.

The CRA says a free and open-source software component intended for integration by other manufacturers is considered to be made available on the market only if that component is monetised by its original manufacturer.

No.

The CRA says the sole act of hosting products with digital elements on open repositories, including package managers or collaboration platforms, does not in itself constitute making them available on the market.

No.

Under recital 19, providers of repositories, package managers, and collaboration platforms are distributors only if they actually make the software available on the market, meaning they supply it for distribution or use on the Union market in the course of a commercial activity.

An open-source software steward is a legal person, other than a manufacturer, that systematically provides support on a sustained basis for the development of specific free and open-source software intended for commercial activities and ensures the viability of those products.