At our desk we field a predictable wave of panic every time a United States import rule flips from voluntary to mandatory, and the CPSC eFiling change is the one lighting up our inbox this summer. We run a freight marketplace and do not file customs entries ourselves, yet the shippers and forwarders on our platform keep asking the same two questions. What has to be in the ACE system now, and what happens to my container if it is missing? Since 8 July 2026, the data from your compliance certificate has to travel into US Customs and Border Protection's ACE system at the moment of entry, not sit in a folder waiting to be furnished on request. That single change of timing is what trips people up, so let me walk through it the way we walk clients through it.
What changed on 8 July 2026, and why the timing matters
The certificate itself is not new. The Consumer Product Safety Improvement Act of 2008, the CPSIA, already required importers of regulated consumer products to certify that their goods meet the applicable safety rules. For years that certificate simply had to exist and be available to CBP or the CPSC on request. Many importers kept a PDF on file and forwarded it only if someone asked.
The 2026 rule changes the mechanics, not the underlying duty. Now the certificate data must be transmitted electronically into ACE, CBP's Automated Commercial Environment, at the time of entry. The CPSC describes this as eFiling, and it runs through the Partner Government Agency message set, the same electronic pipe that agencies like the FDA already use inside ACE. A shipment of covered goods that arrives without the filing is no longer just missing a document you can produce later. It is missing a required entry element.
One date is easy to overlook. For goods entered directly into US commerce the mandate started on 8 July 2026. For admissions into a Foreign-Trade Zone, the eFiling requirement begins on 8 January 2027. If you use an FTZ to defer duty, you have a short grace period, but the clock is already running.
CPC or GCC: which certificate your product needs
The first thing we ask a client is whether their product is a children's product, because that decides which certificate applies. A children's product, broadly one designed or intended primarily for users 12 and under, needs a Children's Product Certificate, the CPC. It has to be backed by testing at a CPSC-accepted third-party laboratory. Almost everything else that falls under a CPSC safety rule, ban, or standard needs a General Certificate of Conformity, the GCC, which can rest on the manufacturer's own test results or a reasonable testing program.
The two certificates carry similar data but sit on different evidence, and mixing them up is a common way to file something that later fails an audit. Here is how we lay it out for shippers on the platform.
| Feature | Children's Product Certificate (CPC) | General Certificate of Conformity (GCC) |
| Applies to | Products designed or intended primarily for children 12 and under | Non-children consumer products under a CPSC rule, ban, or standard |
| Testing basis | Mandatory third-party testing at a CPSC-accepted laboratory | Manufacturer testing or a reasonable testing program |
| Who issues it | Domestic manufacturer or importer | Domestic manufacturer or importer |
| eFiled at entry since | 8 July 2026 | 8 July 2026 |
| Typical goods | Toys, cribs, children's apparel, car seats | Lighters, mattresses, portable generators, many household items |
A point that surprises people. Even when a product qualifies for a testing exemption or a determination that a rule does not apply, you often still owe a certificate. The exemption removes the testing burden, not the paperwork. You issue a certificate that cites the rule and names the exemption, and you eFile it.
How the filing actually happens inside ACE
The mechanics run through your customs broker in nearly every case we see, because the broker owns the ACE connection and files the entry. What the broker needs from you is the certificate data, cleanly and early. The CPSC accepts two flavours of the PGA message set, and knowing the difference saves a lot of back-and-forth.
Full versus reference message set
With the full PGA message set, every required data element is transmitted directly through ACE for each shipment at the time of entry. No CPSC account is needed. With the reference PGA message set, the importer loads the certificate into the CPSC Product Registry first, then hands the broker a short certificate identifier that points at the stored record. High-volume importers who ship the same SKUs repeatedly tend to prefer the reference route, because the data lives in one place and the broker just cites it.
The data elements you must supply
Whichever route you choose, the CPSC expects a defined set of certificate data. There are seven core elements, and your broker cannot invent any of them for you.
- Product identifier, such as a GTIN, UPC, SKU, model number, or another consistent code.
- The CPSC safety rules the product is certified against, listed by citation.
- Date of manufacture for the goods being certified.
- Place of manufacture, with the manufacturing party's name, full address, and contact.
- Date of the most recent compliance testing the certificate relies on.
- Testing laboratory details, including name, address, and contact, where third-party testing applies.
- The person who maintains the compliance records, with full contact information.
Notice how the responsibility splits, because clients get this wrong constantly. The Importer of Record is ultimately legally responsible for the certificate and its accuracy. The customs broker is the party responsible for actually filing that data in ACE at entry. Those are two different jobs. An integrator like UPS or FedEx, or your broker, can transmit the data, but none of them create the certificate, and none of them stand behind facts you supplied wrong. Get the numbers right, hand them over clean, and the broker files them. If you are working out who holds the Importer of Record role on a given shipment, our guide to who pays the tariff under DDP versus DAP is a useful companion, because the party that clears the goods usually carries this duty too.
No de minimis, no value threshold
This is the part that catches ecommerce sellers hardest. There is no de minimis exception and no minimum value that lets a covered product skip the filing. A single low-value parcel of a regulated toy needs its certificate data eFiled exactly as a full container would. If your model relied on splitting shipments small to slide under a threshold, that lever does not exist here.
The timing is pointed, because the low-value entry channel is already under pressure from the wider unwind of de minimis on many goods. We cover that shift in our look at US-China tariffs and the end of de minimis, and the CPSC rule layers a safety-data obligation on top of the duty story. For direct-to-consumer sellers shipping small parcels, the practical answer is to get certificate data into the reference registry once and let the broker cite it on every entry.
The 600-plus flagged HTS codes, and why the flag is not the rule
The CPSC published guidance identifying roughly 600 Harmonized Tariff Schedule codes as likely to be subject to eFiling. It is tempting to treat that list as the whole test. Do not. The agency is explicit that the flag is a guide, and the list is not guaranteed to capture every product under a CPSC rule.
The real trigger is legal, not tariff-based. If your product is subject to a CPSC safety rule, ban, or standard, it needs a certificate, and that certificate now needs eFiling, whether or not its HTS code appears on the flagged list. We have seen importers assume that a code missing from the list means no obligation, which is exactly backwards. Classify the product against the safety rules first, then check the flag as a secondary prompt. There is a mirror-image trap too. If your goods sit under a flagged HTS code but are genuinely not subject to any CPSC rule, do not simply stay quiet at entry. File a Disclaimer Message Set, which formally tells CBP the product is out of scope. That keeps you from triggering an unnecessary review and from taking an avoidable hit to your risk score. If you are also matching goods to origin rules, the same discipline applies to a preferential certificate of origin, where the paperwork follows the product's legal status, not a convenient shortcut.
What goes wrong at the border when the filing is missing
I have watched a shipper learn this the expensive way. The goods were compliant, the certificate existed on a laptop, but nothing was transmitted at entry. CBP did not care that the PDF was reachable. The entry was incomplete.
The first thing that happens when the eFiling is absent or defective is not a seizure. The entry gets flagged in the system, typically as Under Review or routed to an Intensive Exam, and the shipment becomes highly likely to be selected for a physical examination. That is where the real early cost lands. Exams take time, so release slips while the container waits, and demurrage accrues. Exam and handling fees get charged back to the importer. The longer-term sting is quieter. A missed or messy filing dents your CBP risk score, so future shipments draw heavier targeting and more holds even when they are clean. Physical detention at the port and outright refusal of admission are still on the table, but they are the escalation, not the opening move. None of it touches the actual safety of your product. It is a filing failure, which makes it doubly frustrating for a shipper who did the testing and skipped the transmission. Keeping your other entry documents clean helps here too, and our guide to bills of lading covers the paperwork that has to line up alongside the CPSC data.
The entry checklist we walk clients through
After enough of these conversations, the failure points are boringly repetitive. Here is what we flag before a covered shipment moves.
- Confirm the certificate type early. Decide CPC or GCC before booking, because a children's product without third-party lab testing cannot be certified on the day the box ships.
- Gather all seven data elements first. The missing field is almost always the testing lab contact or the compliance-record point of contact. Chase those before the vessel sails, not after.
- Pick your message-set route. If you reship the same SKUs, load them into the CPSC Product Registry once and file by reference. One-off shippers can use the full message set per entry.
- Brief your broker in writing. You, as Importer of Record, are liable for the certificate and its accuracy. Your broker is the one who files it in ACE. Send the data in a structured form and do not assume the broker will chase you for missing fields.
- Do not rely on the HTS flag alone. Classify against the safety rule. A product off the flagged list can still require a filing, and a flagged product that is genuinely out of scope should get a Disclaimer Message Set rather than silence.
- Mind the FTZ date. If you admit goods into a Foreign-Trade Zone, plan your registry and broker setup ahead of 8 January 2027.
We issue none of these certificates and we file none of these entries. As a marketplace, we connect shippers with vetted carriers, forwarders, and brokers, and we help clients get the paperwork logic straight before a covered box leaves the yard. If your import mix also touches newly tariffed sectors, it is worth reading our Section 232 pharmaceutical tariff guide alongside this one, because 2026 has stacked several new entry obligations on the same shipments.
Frequently asked questions
When did CPSC eFiling become mandatory?
The mandate took effect on 8 July 2026 for regulated consumer products entered into US commerce. For goods admitted into a Foreign-Trade Zone, eFiling becomes mandatory on 8 January 2027. Both dates require the certificate data to be transmitted into CBP's ACE system at the time of entry.
What is the difference between a CPC and a GCC?
A Children's Product Certificate, the CPC, covers products designed or intended primarily for children 12 and under and must be supported by testing at a CPSC-accepted third-party laboratory. A General Certificate of Conformity, the GCC, covers other regulated consumer products and can rest on the manufacturer's own testing. Both must now be eFiled at entry.
Is there a de minimis or low-value exception?
No. The CPSC eFiling requirement has no de minimis exception and no value threshold. A low-value parcel of a covered product needs its certificate data filed exactly like a large commercial shipment. This is a frequent surprise for direct-to-consumer sellers who ship small parcels.
My HTS code is not on the flagged list. Am I exempt?
Not necessarily. The CPSC flagged around 600 HTS codes as a guide, but the list is not the legal test. If your product is subject to a CPSC safety rule, ban, or standard, it needs a certificate and the certificate needs eFiling, regardless of whether the tariff code appears on the flagged list.
Who is responsible for filing, my broker or me?
The Importer of Record is legally responsible for the certificate and its accuracy. In practice your customs broker or an integrator transmits the data through ACE, but they cannot create the certificate for you and are not liable for facts you supply incorrectly. Send them clean, complete certificate data well before entry.


