The European Commission proposes amendments to Regulation (EU) 44/2014: focus on cybersecurity and digital risk management.

On May 5, 2025, the European Commission published a draft Regulation introducing significant amendments to Regulation (EU) No. 44/2014, concerning the constructional and general requirements for the type-approval of two- or three-wheeled vehicles and quadricycles (L-category vehicles). The document is currently open for public consultation and represents a decisive step toward the mandatory adoption of cybersecurity measures in light vehicles.

What does the new draft Regulation provide for?

The central element of the proposal is the mandatory compliance with UN ECE Regulation No. 155, concerning cybersecurity and cybersecurity management systems (CSMS), for all L-category vehicles (including motorcycles, mopeds, tricycles, and quadricycles), with the exception of L1e subcategory vehicles designed to be pedalled.

Implementation timeline of the new European regulation

The draft Regulation sets two key dates for the entry into force of the requirement:

  • 11 December 2027: mandatory for all new types of L-category vehicles
  • 11 June 2029: requirement extended to all existing types

Objective: Strengthen the safety of connected vehicles

The Commission’s objective is to harmonize cybersecurity requirements at the European level, which are already in place for other categories of vehicles, with particular focus on protection against cyberattacks, vulnerability management, and the implementation of digital security systems from the design phase (the principle of “security by design”).

This measure fits into the broader context of regulatory updates aimed at:

  • Strengthening road safety

  • Protecting users and personal data on board vehicles

  • Supporting the evolution of intelligent and connected vehicles

Why is this development relevant for manufacturers?

With the introduction of mandatory compliance with UN ECE Regulation 155, manufacturers of category L vehicles will have to:

  • Integrate CSMS systems into their production processes

  • Demonstrate the ability to detect, prevent, and respond to cybersecurity threats

  • Adapt their type approval procedures to the new requirements

Regulatory compliance will therefore require investments in training, technology, and documentation compliance, with a significant impact on all actors in the supply chain, from manufacturers to electronic component suppliers.

why choose ats group?

ATS Group is a group of companies operating in the field
of Inspections, Certifications and Type Approvals in the Automotive sector.

kh.jpg

type approval of whole vehicles

ATS Group, through its companies designated by e24 and e5 marks, is able to issue the type approval of complete vehicles.

Explore now
jkjk.jpg

type approval of vechicles parts

With the type approval Approval Authority designations (E57), (E5) and (E24) ATS Group is able to carry out approvals of components, systems and technical units of vehicles in general.

Explore now
2FpjJnuuG6

certifications

ATS Europe, as a Certification Body accredited under ISO 17021-1: 2015 as a Certification Body for Quality Management Systems under ISO 9001: 2015, has become a leading company in the field of certifications.

Explore now
WLTP-base.jpg

testing laboratories

The test laboratories affiliated with ATS Group are ISO 17025 accredited, ensuring reliability, accuracy, and compliance with international standards.

Explore now
ats-app

ats app

Our proprietary online platform can manage the whole approval process, fron the quotation till the direct download on the final Type Approval Certificate.

Explore now
vvv.jpg

competitives prices based on market analysis

ATS Group offers competitive prices and fast turnaround times, ensuring an efficient and high-quality service to meet customer needs promptly.

Explore now