CRA Compliance in Slovakia

NBU serves as Slovakia's national competent authority for the CRA, with market surveillance for consumer and industrial products coordinated with the Slovak Trade Inspection (SOI) and sector-specific regulators. Slovakia's automotive dominance — with Volkswagen, Kia, Stellantis, and Jaguar Land Rover all operating major plants — means that CRA's application to automotive components is of significant national economic interest. NBU has established itself as an active participant in EU cybersecurity policy and technical working groups. SK-CERT operates Slovakia's national CSIRT function with coordination across the EU CSIRTs network.

Slovak manufacturers submit Article 14 notifications to SK-CERT through its secure reporting portal. SK-CERT maintains incident response capability and participates in the EU CSIRTs network for cross-border incident coordination. The Article 14 obligation requires an early warning within 24 hours of detecting active exploitation and a full notification within 72 hours. Slovakia's cybersecurity law framework, updated to transpose NIS2, designates SK-CERT as the CSIRT for essential and important entity incident coordination, and CRA Article 14 notifications will integrate with this framework. Manufacturers should pre-register with SK-CERT and document their Article 14 reporting procedure.

Market surveillance for CRA products in Slovakia is coordinated between NBU and the Slovak Trade Inspection (SOI), with customs authorities involved for imported products. The full CRA penalty regime applies: up to €15 million or 2.5% of global annual turnover for violations of essential cybersecurity requirements. SOI has active market surveillance operations under EU product safety regulations including the Radio Equipment Directive. Slovak manufacturers, particularly in the automotive supply chain, should anticipate that their CRA compliance will be scrutinised as part of OEM supply chain audit requirements, adding a private sector enforcement dimension alongside public authority surveillance.

NBU and SK-CERT publish cybersecurity guidance in Slovak for businesses, including implementation guides and awareness resources. The Slovak Business Agency (SBA) provides SME support including subsidised cybersecurity advisory services through EU-funded programmes. The Slovak Chamber of Commerce and Industry (SOPK) provides regulatory compliance guidance. The Slovak University of Technology (STU) in Bratislava provides technical research and conformity assessment expertise relevant to CRA product evaluations. Slovakia's Industry 4.0 national strategy includes cybersecurity as a key component, with investments available for manufacturers through Operational Programme Integrated Infrastructure.