A fair question from anyone facing DPP obligations: who actually checks? There is no single "EU passport police". Enforcement is a layered system — national market-surveillance authorities inside each member state, customs at the border, a registry that makes absences visible, and, less officially, buyers and retailers who simply won’t stock products without the data. Understanding who does what tells you where non-compliance actually hurts first.
Day-to-day enforcement of EU product law — and therefore of DPP obligations as they phase in — belongs to market-surveillance authorities, and each member state designates its own. Depending on the country and product group, that can be an economic-affairs inspectorate, an environment agency or a sector regulator; a company selling across the EU can in principle hear from any of them.
Their toolkit is broad: requesting documentation, testing products, ordering corrective action, restricting or withdrawing products from the market, and imposing penalties under national law. The EU requires those penalties to be "effective, proportionate and dissuasive" but sets no amounts — so figures vary by country, and any specific number you read online is one member state’s rule, not an EU-wide fine.
For goods manufactured outside the EU, the first enforcement layer is the border. Customs authorities cooperate with market surveillance and can detain shipments that don’t meet product-law requirements — once a passport obligation applies to a product group, a missing or non-compliant passport is exactly such a failure.
This is why importers should take enforcement more seriously than anyone: a fine arrives after a process with rights of reply; a detained container stops your business immediately. Stock stuck in a bonded warehouse during your selling season, storage charges running, delivery commitments breaking — that is the enforcement scenario that actually keeps supply-chain managers awake, and it requires no court decision to begin.
The EU DPP Registry — open for registration from 19 July 2026 — adds a structural layer: passports are registered centrally, which gives authorities and customs a way to verify that a claimed passport exists and resolves. Absence becomes checkable at scale rather than discoverable only by inspection.
Alongside the official system sits de-facto enforcement that often bites earlier. Complaints from competitors or NGOs can trigger checks. More routinely, retailers and B2B buyers start demanding passport data as a listing condition — they carry their own compliance exposure and pass the requirement down the chain. Many companies will feel "enforcement" first as a procurement questionnaire, not an inspector’s letter.
Strip away the anxiety and a DPP check is mundane. An inspector — or a customs officer, or a buyer — does three things: asks for the passport (scans the QR data carrier or requests the link), checks accessibility and completeness (does it resolve, is it readable, are the required fields for the product group present and current), and tests the substance (do the claims match the product, and can you produce the evidence behind them — test reports, declarations, certificates).
That third step is where preparation shows. A passport assembled from verified documents, sealed with an eIDAS qualified seal and filed in the registry — which is how PassPer publishes every passport — turns an inspection into a formality. If you’re not sure yours would pass all three steps, a free readiness check is a low-stakes way to find out before someone official does.
Take the 2-minute readiness check, watch the 10-minute interactive walkthrough, or download the full 2026 compliance guide. No account needed.