The Temu €200 Million DSA Fine: what every cross-border marketplace seller needs to know.

Two days ago, on 28 May 2026, the European Commission issued a €200 million fine to Temu under the Digital Services Act. It is the largest DSA fine on record, beating the €120 million penalty against X at the end of 2025. The headline matters. The substance matters more. The implications for sellers who haven’t built defensible compliance infrastructure matter most.

What the Commission actually found.

The fine isn’t about a single bad product or one off incident. It is about Temu’s risk assessment under Article 34 of the DSA, the obligation that every Very Large Online Platform (VLOP) has to "diligently identify, analyse, and assess any systemic risks" stemming from its service.

The Commission concluded that Temu’s 2024 risk assessment was inaccurate, relied on general industry information rather than platform-specific evidence, and "seriously underestimated" the likelihood of consumers encountering illegal products. EVP Henna Virkkunen put it more bluntly in her press statement: the assessment "underestimates concrete risks, lacks specificity, is not grounded in solid evidence, and is not comprehensive."

The evidence the Commission drew on is the part that should interest sellers. The investigation built its case from:

• Temu’s 2024 and interim 2025 risk assessments
• Temu’s formal responses to information requests
• Third-party data submitted by consumer organisations
• Customs findings from EU member-state authorities
• Independent product testing, including a mystery shopping exercise that found a high percentage of chargers failed basic electrical safety tests, and that baby toys posed risks ranging from chemical exposure to loose-part choking hazards

The complaint trail was substantial. The pan-European consumer organisation BEUC and 17 of its member organisations filed complaints starting in 2024. Formal proceedings opened in October 2024. Preliminary findings landed in July 2025. The decision was finalised this week.

Why this matters even if you don’t sell on Temu.

Three reasons, in order of how soon they affect your business.

The DSA has now been enforced at commercial scale.

Pre-2025, the DSA was theoretically a 6%-of-global-turnover penalty regime. As of May 2026 it is an actual €200 million bill paid by an actual company. Boards that previously rated DSA exposure as low-probability are now updating that calculation. The compliance budgets that come out of those reassessments will tighten what marketplaces demand from sellers.

The precedent treats marketplaces as the responsible parties.

The Temu fine doesn’t go to the third-party sellers whose unsafe chargers and toys were the actual problem. It goes to the marketplace operator for failing to assess and mitigate the systemic risk of those sellers being on the platform. Marketplaces will, predictably, push the compliance burden downstream. Sellers should expect more aggressive listing audits, tighter technical documentation requirements, and contractual indemnity demands from Amazon, eBay, Shopify, TikTok Shop, Cdiscount, Bol.com, Allegro, Otto and Zalando between now and the end of Q3 2026.

The customs findings line in the evidence list deserves attention.

Italian, German and French customs authorities are sharing data with consumer regulators about products entering the EU. A non-EU seller whose products are flagged at the Italian or Belgian port becomes a data point that contributes to the next platform’s risk assessment failure. Compliance no longer stops at the platform interface; it propagates back to whether your products should be entering the EU at all.

The five compliance moves to make right now.

1. Verify your GPSR Responsible Person is properly appointed. Under EU Regulation 2023/988, every non-EU seller of physical consumer goods into the EU must have an EU-established Responsible Person on file before products can legally enter the market. Marketplaces are now actively verifying this against internal databases. An expired or improperly documented Responsible Person is the most likely listing-removal trigger in the post-Temu enforcement environment.
2. Audit your product technical documentation against actual EU standards. The mystery shopping evidence found that a "very high percentage" of chargers failed basic electrical safety tests. The standards aren’t abstract: LVD 2014/35/EU for electrical safety, EMC 2014/30/EU for electromagnetic compatibility, RoHS 2011/65/EU for restricted substances. Test certificates from accredited laboratories that match these directives are the documents marketplaces will demand on the next audit cycle.
3. Reconcile your IOSS and VAT registrations. The Commission’s evidence drew on customs findings, which means your customs and tax footprint is being cross-referenced with your product-safety footprint. Sellers with clean VAT and IOSS registrations get the benefit of regulatory doubt; sellers with provisional, missing, or mismatched tax registrations end up in the next risk-assessment dataset.
4. Take Article 14a marketplace facilitator interaction seriously. Article 14a of the EU VAT Implementing Regulation makes marketplaces the deemed supplier for many transactions. The DSA now makes them the responsible party for product safety. Your contractual position with the marketplace, your data feed accuracy, and your invoicing trail will all be examined more aggressively in the next compliance cycle.
5. Build a defensible audit trail. "Documentation Temu didn’t have" is the language the Commission used. Documentation that you do have, calibrated to current EU directives, signed by a qualified Responsible Person, and cross-checked with your customs declarations and VAT filings, is the asset that survives a future enforcement action.

The Italian angle.

Italy is a particularly active enforcement jurisdiction for product safety, with the Agenzia delle Dogane (customs authority) and the consumer protection function of the Ministero delle Imprese e del Made in Italy coordinating on cross-border product flows. Italian customs is one of the EU’s top three by volume for goods entering from non-EU origin, and the AIDA risk register is already integrated with the EU Safety Gate database that produced the Temu evidence.

For non-EU sellers entering the Italian market, that means three overlapping compliance touchpoints sit in the same office: Italian fiscal representation under Article 17 DPR 633/72, GPSR Responsible Person under Regulation 2023/988, and customs declarations through AIDA. Getting one right while neglecting another is a structural vulnerability the Temu case has made expensive to ignore.

The full text of the Commission’s decision will follow in the coming weeks; the formal proceedings under the DSA framework remain ongoing and additional penalties are possible.