Cybersecurity — NCSC Advisory and IoT Security (No Mandatory Certification as of 2026)?

New Zealand has no mandatory IoT cybersecurity certification as of 2026; NCSC guidance is advisory only. Chinese MLPS obligations do not apply in the NZ market. Voluntary alignment with ETSI EN 303 645 is recommended best practice. Exporters should monitor NZ policy for future mandatory IoT security requirements.

Electrical Safety — AS/NZS 62368-1 Compliance for Controlled Electrical Devices?

AS/NZS 62368-1 compliance is mandatory for in-scope consumer wireless/IoT devices sold in New Zealand as controlled electrical devices; CCC certification and GB 4943.1 reports are not accepted; an NZ-specific Supplier Declaration of Conformity referencing AS/NZS 62368-1 is required.

EMC — Electromagnetic Emissions and Immunity (AS/NZS / TTMRA)?

NZ does not have a standalone EMC authority; AS/NZS CISPR 32 / CISPR 35 compliance via the CED pathway under ESR 2010 or Australian ACMA RCM (TTMRA) are the primary compliance routes. Chinese GB EMC test reports are not directly recognised and must be supplemented.

CED — Voltage, Frequency, and Plug Type Compliance (230 V / 50 Hz / Type I)?

NZ requires 230 V / 50 Hz / Type I (AS/NZS 3112) plug compliance; Chinese domestic 220 V / Type A or non-AS/NZS plug configurations do not satisfy NZ CED requirements without modification. AS/NZS 62368-1 is the applicable safety standard; CCC is not accepted.

RSM Radio Compliance — General User Radio Licence (GURL)?

GURL-eligible consumer Wi-Fi and Bluetooth devices do not require individual RSM type approval, but must comply with RSM technical standards; SRRC approval and CCC certification are not recognised in New Zealand. Importer or supplier is legally responsible for compliance.

Supplier Declaration of Conformity (SDoC) — Importer / Supplier Obligation?

A Supplier Declaration of Conformity (SDoC) against applicable AS/NZS standards is a mandatory pre-supply obligation under ESR 2010 for controlled electrical devices in New Zealand; CCC and SRRC do not satisfy this obligation; the NZ importer or supplier must issue the SDoC and retain supporting test evidence.

CROSS-STANDARD public interest · Wireless / IoT device

China-to-New Zealand Wireless / IoT Device Compliance Gap Matrix (RSM / MBIE)

Name: China-to-New Zealand Wireless / IoT Device Compliance Gap Matrix (RSM / MBIE)
Creator: Cross-Standard
License: https://creativecommons.org/licenses/by/4.0/

AI-compiled from official public sources — cross-checked by multiple AI models, not human-verified. Informational only; see disclaimer. Public-interest, source-linked comparison of common China Wi-Fi and Bluetooth IoT device documentation against New Zealand RSM radio compliance under the Radiocommunications Act 1989 and General User Radio Licences (GURL), CED electrical safety requirements under the Electricity Act 1992 and Electrical Safety Regulations 2010, Supplier Declaration of Conformity (SDoC) obligations, EMC requirements via AS/NZS standards and the Trans-Tasman MRA, and NCSC cybersecurity advisory context.

Dataset 2026-06-11 Last verified 2026-06-17 6 rows

GAP MATRIX

Compliance Gap Matrix

Gap matrix
Compliance item	Common China baseline	New Zealand (RSM / MBIE)	Gap / action	Source + verification date
Cybersecurity — NCSC Advisory and IoT Security (No Mandatory Certification as of 2026)	China's Cybersecurity Law 2017 and the Multi-Level Protection Scheme (MLPS, standardised as GB/T 22239) establish mandatory cybersecurity obligations for network products and critical information infrastructure. IoT devices connecting to Chinese public networks may require MLPS assessment. The national standard GB/T 36951 provides IoT security requirements. China's regulatory framework is considerably more prescriptive and mandatory in scope than NZ's advisory-only approach.Cybersecurity Law of the People's Republic of China 2017 GB/T 22239 — Information security technology: Baseline for classified protection of cybersecurity (MLPS 2.0) GB/T 36951 — Information security technology: IoT security requirements	As of 2026, New Zealand has no mandatory pre-market IoT product cybersecurity certification scheme. The National Cyber Security Centre (NCSC), operating under the Government Communications Security Bureau (GCSB), publishes advisory guidance on IoT security and supply chain risk. Manufacturers and importers are strongly encouraged to follow NCSC guidance and applicable international best practices (e.g. ETSI EN 303 645 for consumer IoT security). Consumer protection obligations under the Consumer Guarantees Act 1993 may be interpreted to encompass a product's fitness for purpose with respect to security, but this is not a pre-market certification obligation. Exporters should monitor NZ policy developments, as mandatory IoT security baseline requirements may be introduced in future legislative or regulatory updates.NCSC (NZ) — IoT Advisory and Supply Chain Risk Guidance (voluntary) Government Communications Security Bureau Act 2003 (NZ) — NCSC statutory basis Consumer Guarantees Act 1993 (NZ) — fitness for purpose (advisory cybersecurity relevance) ETSI EN 303 645 — Cyber security for consumer Internet of Things (international best practice, voluntary in NZ)	NZ has no mandatory IoT cybersecurity certification as of 2026; China's MLPS obligations are domestic and create no NZ-market legal requirements. Exporters to NZ are not required to certify to NCSC guidelines, but voluntary compliance with ETSI EN 303 645 or equivalent is recommended as best practice and as preparation for potential future mandatory requirements. China's mandatory MLPS scheme does not transfer any compliance credit in NZ.[INFORMATIONAL] New Zealand has no mandatory IoT cybersecurity certification as of 2026; NCSC guidance is advisory only. Chinese MLPS obligations do not apply in the NZ market. Voluntary alignment with ETSI EN 303 645 is recommended best practice. Exporters should monitor NZ policy for future mandatory IoT security requirements.	NCSC — National Cyber Security Centre (NZ) / GCSB2026-06-17 · reference
Electrical Safety — AS/NZS 62368-1 Compliance for Controlled Electrical Devices	In China, IT and audio/video equipment electrical safety is governed by GB 4943.1 (Information technology equipment — Safety) for applicable in-scope products, which requires CCC (China Compulsory Certification) administered by CNCA and carried out by CQC or other designated bodies. The Chinese standard GB 4943.1 is technically aligned with IEC 60950-1; China is progressively transitioning to GB 4943.1-2022 aligned with IEC 62368-1.GB 4943.1 — IT equipment electrical safety (China mandatory for CCC-listed categories) CCC — China Compulsory Certification (CNCA/CQC) GB 4943.1-2022 — updated China edition aligned with IEC 62368-1 (transitional)	Wireless and IoT devices sold in New Zealand that qualify as controlled electrical devices (CEDs) under the Electrical Safety Regulations 2010 (ESR 2010) must comply with applicable AS/NZS safety standards. AS/NZS 62368-1 (Audio/video, IT and communications technology equipment — Safety requirements) is the primary applicable standard for consumer Wi-Fi, Bluetooth, and IoT devices. Compliance must be established before the device is supplied to the New Zealand market. Evidence of compliance (test reports from an accredited laboratory) must support the Supplier Declaration of Conformity (SDoC) and be retained by the supplier. WorkSafe New Zealand administers enforcement under the Electricity Act 1992 and ESR 2010.AS/NZS 62368-1:2018 — Audio/video, IT and communications technology equipment: Safety requirements Electrical Safety Regulations 2010 (ESR 2010) — New Zealand Electricity Act 1992 (NZ) AS/NZS 3112 — Plugs, socket-outlets and socket-outlet adaptors (plug compliance)	CCC certification and GB 4943.1 test reports are not recognised in New Zealand. AS/NZS 62368-1 (or IEC 62368-1 with AS/NZS deviations noted) test reports from an IANZ- or JAS-ANZ-accredited laboratory are required to support the NZ SDoC. While IEC 62368-1 and AS/NZS 62368-1 are technically close, the supplier must issue a NZ-specific SDoC referencing AS/NZS 62368-1 and must ensure plug / mains voltage compliance is separately addressed.[INFORMATIONAL] AS/NZS 62368-1 compliance is mandatory for in-scope consumer wireless/IoT devices sold in New Zealand as controlled electrical devices; CCC certification and GB 4943.1 reports are not accepted; an NZ-specific Supplier Declaration of Conformity referencing AS/NZS 62368-1 is required.	WorkSafe New Zealand2026-06-17 · reference
EMC — Electromagnetic Emissions and Immunity (AS/NZS / TTMRA)	China's EMC requirements for IT and multimedia equipment are governed by GB 9254 (radiated and conducted emissions for IT equipment) and GB 17625.1 (conducted harmonic disturbance). Immunity requirements follow the GB/T 17626 series. These standards mirror IEC/CISPR publications but are mandatory as Chinese national standards for domestic market supply.GB 9254 — IT equipment electromagnetic emissions (China mandatory) GB 17625.1 — Conducted harmonic disturbance limits GB/T 17626 series — EMC immunity test methods	New Zealand does not maintain a standalone EMC regulatory framework equivalent to Australia's ACMA EMC framework. EMC requirements for consumer electronics and wireless devices in NZ are addressed through: (a) compliance with applicable AS/NZS standards (primarily AS/NZS CISPR 32 for emissions and AS/NZS CISPR 35 for immunity) as part of the controlled electrical device (CED) compliance pathway under the Electrical Safety Regulations 2010; and (b) Trans-Tasman Mutual Recognition Arrangement (TTMRA) alignment, under which Australian ACMA EMC compliance is recognised as satisfying equivalent NZ obligations. IEC CISPR-based test reports from accredited laboratories are accepted as evidence.AS/NZS CISPR 32 — Multimedia equipment electromagnetic emissions AS/NZS CISPR 35 — Multimedia equipment immunity Electrical Safety Regulations 2010 (ESR 2010) — CED compliance pathway Trans-Tasman Mutual Recognition Arrangement (TTMRA)	Chinese GB 9254 / GB 17625.1 test reports alone do not satisfy NZ EMC obligations. AS/NZS CISPR 32 or equivalent IEC CISPR 32 test reports from an accredited laboratory are the accepted evidence path for NZ. Australian ACMA EMC compliance (RCM) satisfies NZ TTMRA obligations and is the most efficient dual-market compliance path. A China-only EMC test report must be supplemented with AS/NZS or IEC CISPR equivalents.[INFORMATIONAL] NZ does not have a standalone EMC authority; AS/NZS CISPR 32 / CISPR 35 compliance via the CED pathway under ESR 2010 or Australian ACMA RCM (TTMRA) are the primary compliance routes. Chinese GB EMC test reports are not directly recognised and must be supplemented.	New Zealand Parliamentary Counsel Office / MBIE2026-06-17 · reference
CED — Voltage, Frequency, and Plug Type Compliance (230 V / 50 Hz / Type I)	China uses 220 V / 50 Hz AC power and GB 2099 / GB 1002-series plug and socket standards (primarily Type A flat two-pin and Type I angled two-pin; GB 1002 round-pin also used). Consumer electronics are rated for 220 V; power adapters for export may include universal input. CCC certification covers electrical safety under GB 4943.1 for in-scope IT equipment.GB 4943.1 — IT equipment electrical safety (China mandatory for CCC-listed categories) GB 2099.1 / GB 1002 — Chinese plug and socket standards CCC — China Compulsory Certification (CNCA/CQC, for applicable product categories)	New Zealand uses 230 V / 50 Hz AC power supply and Type I (Australian/NZ angled 3-pin flat blade) sockets, standardised under AS/NZS 3112. Consumer electronics and wireless/IoT devices supplied as controlled electrical devices (CEDs) under the Electrical Safety Regulations 2010 must be appropriate for NZ mains voltage and must be fitted with or supplied with a compliant Type I plug. Power supply units (PSUs) must be rated for 230 V / 50 Hz operation or include a universal input (100–240 V). Devices must comply with AS/NZS 62368-1 (or AS/NZS 60950-1 where still applicable) for electrical safety.AS/NZS 3112 — Approval and test specification for plugs, socket-outlets and socket-outlet adaptors AS/NZS 62368-1 — Audio/video, IT and communications technology equipment — Safety requirements Electrical Safety Regulations 2010 (ESR 2010) Electricity Act 1992 (NZ)	Chinese domestic products use 220 V / Type A or Type I (GB) plugs, which differ from NZ 230 V / Type I (AS/NZS 3112) angled plug standard. Chinese products supplied into NZ must be re-fitted or bundled with a compliant AS/NZS 3112 Type I plug; PSU must be rated for 230 V / 50 Hz or universal input. CCC (GB 4943.1) is not recognised; AS/NZS 62368-1 compliance is required and must be evidenced in the SDoC.[INFORMATIONAL] NZ requires 230 V / 50 Hz / Type I (AS/NZS 3112) plug compliance; Chinese domestic 220 V / Type A or non-AS/NZS plug configurations do not satisfy NZ CED requirements without modification. AS/NZS 62368-1 is the applicable safety standard; CCC is not accepted.	WorkSafe New Zealand / MBIE2026-06-17 · reference
RSM Radio Compliance — General User Radio Licence (GURL)	In China, wireless transmitters including Wi-Fi and Bluetooth modules require SRRC (State Radio Regulation of China) radio type approval issued by MIIT. Terminal equipment connecting to public telecommunications networks additionally requires a MIIT Network Access License (NAL). Domestic compliance is governed by applicable MIIT radio regulations and GB radio standards.SRRC Radio Type Approval — MIIT Regulation on Radio Transmitter Type Approval MIIT Network Access License (NAL) — for terminal equipment Applicable GB standards for radio emissions and spectrum use	Most consumer Wi-Fi (2.4 GHz / 5 GHz) and Bluetooth short-range devices are eligible to operate under a General User Radio Licence (GURL) administered by Radio Spectrum Management (RSM) under the Radiocommunications Act 1989 and Radiocommunications Regulations 2001. Individual device-level RSM type approval is generally not required for GURL-eligible devices. However, devices must comply with applicable RSM technical standards and GURL conditions; the importer or supplier bears legal responsibility for compliance. Devices not covered by any GURL (e.g. certain higher-power or out-of-band devices) require individual RSM spectrum licensing.Radiocommunications Act 1989 (NZ) Radiocommunications Regulations 2001 (NZ) RSM General User Radio Licence (GURL) — short-range devices including Wi-Fi and Bluetooth	SRRC radio type approval is not recognised by RSM; it does not satisfy NZ GURL conditions or RSM technical standards. Most consumer Wi-Fi / Bluetooth devices avoid individual NZ type approval via GURL eligibility, but the importer or supplier must verify GURL eligibility and ensure technical standards compliance independently of SRRC. CCC certification of radio modules is likewise not recognised in New Zealand.[INFORMATIONAL] GURL-eligible consumer Wi-Fi and Bluetooth devices do not require individual RSM type approval, but must comply with RSM technical standards; SRRC approval and CCC certification are not recognised in New Zealand. Importer or supplier is legally responsible for compliance.	RSM (Radio Spectrum Management) / MBIE2026-06-17 · reference
Supplier Declaration of Conformity (SDoC) — Importer / Supplier Obligation	For China domestic supply, mandatory product categories (including certain IT and consumer electronic products) require CCC (China Compulsory Certification) obtained through CNCA-authorised bodies. The certification resides with the product/manufacturer, not solely the importer. For radio-enabled products, SRRC type approval is issued to the radio module or device. There is no separate SDoC obligation analogous to NZ ESR 2010 Part 3 in the Chinese regulatory system.CCC — China Compulsory Certification (CNCA/CQC, applicable product categories) SRRC Radio Type Approval (MIIT) — for wireless devices MIIT NAL — Network Access License for terminal equipment	Under Part 3 of the Electrical Safety Regulations 2010 (ESR 2010), any person who supplies a controlled electrical device (CED) in New Zealand — including importers and distributors — must hold a Supplier Declaration of Conformity (SDoC) for that device model before supply. The SDoC must: (a) identify the device and supplier; (b) declare the applicable AS/NZS standard(s) with which the device complies; (c) be based on test evidence from a recognised laboratory; and (d) be retained and produced on request by WorkSafe NZ or other enforcement authorities. There is no central NZ product registration database comparable to the Australian EESS; compliance responsibility rests entirely with the NZ-market supplier or importer.Electrical Safety Regulations 2010 (ESR 2010), Part 3 — Supplier declaration of conformity Electricity Act 1992 (NZ) — statutory basis for electrical equipment supply obligations WorkSafe NZ enforcement guidelines	NZ requires the importer or local supplier to issue a model-specific SDoC before supply — this is a NZ-market-specific legal obligation that cannot be fulfilled by Chinese CCC certification or SRRC approval. The SDoC must reference applicable AS/NZS standards and be signed by the NZ-responsible party. Unlike Australia, NZ does not require EESS supplier registration in a public database, but absence of a valid SDoC exposes the supplier to WorkSafe NZ enforcement action.[INFORMATIONAL] A Supplier Declaration of Conformity (SDoC) against applicable AS/NZS standards is a mandatory pre-supply obligation under ESR 2010 for controlled electrical devices in New Zealand; CCC and SRRC do not satisfy this obligation; the NZ importer or supplier must issue the SDoC and retain supporting test evidence.	New Zealand Parliamentary Counsel Office / WorkSafe NZ2026-06-17 · reference

INFORMATIONAL ONLY

Informational only / not a certification conclusion

AI-compiled, not human-verified. This comparison is generated and cross-checked by multiple AI models from public official sources; it has not been reviewed by a named human expert and may contain errors or out-of-date items. Confirm every requirement directly with the official regulator or standards body and a qualified professional before relying on it. Nothing here is legal, certification, customs, or market-access advice.

This page is an informational comparison aid, not a certification decision, legal opinion, RSM determination, WorkSafe NZ finding, customs decision, or market-access approval. Exporters, importers, and distributors should verify current New Zealand law, RSM technical standards, Electrical Safety Regulations 2010 requirements, applicable AS/NZS standards, and MBIE obligations with qualified regulatory professionals before shipment or supply in New Zealand.

E-E-A-T

Named editorial review

Pending named reviewer

Official regulator, standards body, notified body, customs, or primary legal source preferred. Local PDFs are not accepted.

Editorial controls

Rows must include publisher, official URL, access date, verification flag, and last_verified before human_reviewed can be true.

SOURCES

Official-source register.

NCSC — National Cyber Security Centre (NZ) / GCSB · accessed 2026-06-17 · reference · used in 1 rows
WorkSafe New Zealand · accessed 2026-06-17 · reference · used in 1 rows
New Zealand Parliamentary Counsel Office / MBIE · accessed 2026-06-17 · reference · used in 1 rows
WorkSafe New Zealand / MBIE · accessed 2026-06-17 · reference · used in 1 rows
RSM (Radio Spectrum Management) / MBIE · accessed 2026-06-17 · reference · used in 1 rows
New Zealand Parliamentary Counsel Office / WorkSafe NZ · accessed 2026-06-17 · reference · used in 1 rows

China-to-New Zealand Wireless / IoT Device Compliance Gap Matrix (RSM / MBIE)

Compliance Gap Matrix

Related Compliance Matrices

Named editorial review

Official-source register.