Why was Temu fined €200 million under the Digital Services Act?

Temu was fined €200 million by the European Commission on 28 May 2026 because, in the Commission's assessment, it failed to adequately identify and mitigate the systemic risk of illegal products being sold to consumers on its platform, in breach of the systemic-risk obligations in Articles 34 and 35 of the Digital Services Act — making it the largest DSA penalty issued to date. The legal foundation is what gives the fine its character. The DSA imposes a tiered set of obligations, and the heaviest fall on Very Large Online Platforms (VLOPs) — the largest services designated by the Commission. Among those heaviest obligations are Articles 34 and 35, which require a VLOP to diligently identify, analyse and assess the systemic risks that stem from the design, functioning and use of its service, and then to put in place reasonable, proportionate and effective measures to mitigate those risks. Systemic risks expressly include the dissemination of illegal content and, for a marketplace, the offering of illegal or unsafe products. The Commission's finding against Temu was not that a particular illegal product slipped through on a particular day; it was that Temu's risk-management system itself was inadequate. The Commission specifically criticised Temu's risk assessment as lacking specificity and concrete supporting evidence — in other words, the assessment did not engage seriously enough with the real, foreseeable risk that illegal or unsafe goods would reach EU consumers given the platform's scale and design. That is a structural failure rather than a content failure, which is why the response is structural: Temu must submit a legally binding action plan by 28 August 2026 setting out how it will remedy the deficiencies, and the company has indicated it is exploring an appeal. The size of the penalty reflects both the seriousness the Commission attaches to systemic-risk obligations and the fact that DSA fines can reach up to 6% of a provider's worldwide annual turnover, giving the Commission substantial headroom. For advertisers and brands, the lesson embedded in the decision is that the DSA judges platforms on the rigor of their risk management, and that enforcement at that level can reshape the platform environment they operate in. Ground the framework with the European Union compliance guide . The organizing principle is that Temu was fined for an inadequate systemic-risk system around illegal products, not for any single listing, which is precisely what makes the decision significant.

What is the difference between the DSA's systemic-risk rules and ordinary content-removal duties?

The difference is one of level: ordinary content duties under the DSA concern how a platform handles individual illegal items — notice-and-action mechanisms, removing specific illegal content once it is flagged — while the systemic-risk rules in Articles 34 and 35 concern whether the largest platforms have honestly mapped and mitigated the structural risks their design and scale create, which is a far more demanding, system-level obligation that only Very Large Online Platforms carry. Every hosting service under the DSA has baseline obligations, such as providing a notice-and-action mechanism so users can flag illegal content and the platform can act on it, and giving statements of reasons when content is removed. Those duties operate at the level of the individual item: a specific illegal listing or post is flagged, assessed and, if illegal, removed. They are necessary but they are reactive and granular. The systemic-risk regime is different in kind. It applies only to VLOPs, and it asks a structural question: given how this service is designed, how its recommender systems work, how its scale shapes behaviour, what are the foreseeable systemic risks — the dissemination of illegal content or products, negative effects on fundamental rights, on civic discourse, on public health or on minors — and has the platform put proportionate, effective measures in place to mitigate them? Crucially, a platform can comply with its individual content duties and still fail its systemic-risk duties, because the latter is about the adequacy of the overall risk-management system rather than the handling of any one item. That is exactly the gap the Temu decision occupies: the Commission's concern was the adequacy of Temu's risk assessment and mitigation around illegal products, which it found lacked specificity and concrete evidence, not whether Temu removed a particular item when notified. The same distinction underlies the preliminary findings the Commission issued against TikTok on 6 February 2026 regarding addictive design features, which are a systemic-design concern rather than an individual-content one. For advertisers, the practical significance is that systemic-risk enforcement tends to produce structural remedies — changes to features, ranking, recommendation and design — that reshape the inventory and adjacency they buy, whereas content removal affects individual items. To understand how these obligations fit together, see the European Union compliance guide , and track enforcement on the Policy Change Tracker . The organizing principle is that content duties police individual items while systemic-risk duties police the platform's whole risk-management system, and the heaviest DSA fines so far target the latter.

How does the Temu fine fit the broader pattern of 2026 DSA enforcement?

The Temu fine fits a clear 2026 enforcement pattern in which the European Commission has pursued two priorities — systemic-risk rigor under Articles 34 and 35, and transparency obligations including advertising transparency — with escalating financial consequences, and the €200 million Temu penalty is the largest data point in that pattern to date. To see the pattern, it helps to line up the decisions chronologically. On 5 December 2025 the Commission issued its first DSA non-compliance fine: €120 million against X, on the basis of Articles 25, 39 and 40, citing a deceptive design around its verified-account 'blue checkmark', failures in the transparency of its advertising repository, and insufficient access for researchers to public data. That decision established two things at once — that the Commission would issue substantial fines, and that transparency, including advertising transparency, was a live enforcement front. On 6 February 2026 the Commission issued preliminary findings against TikTok under Articles 34 and 35, focused on addictive design features such as infinite scroll, autoplay, notifications and the personalised recommender system; preliminary findings are not a final decision, but they signalled that systemic-risk enforcement was advancing against design choices, not just content. Then on 28 May 2026 came the Temu fine of €200 million, again under Articles 34 and 35, this time over the systemic risk of illegal products on a marketplace. Read together, the three actions map the Commission's priorities: Articles 34 and 35 systemic risk (TikTok design, Temu illegal products) and transparency (X advertising repository and verified accounts). The financial trajectory is also notable — from €120 million to a €200 million high-water mark — against a statutory ceiling of up to 6% of worldwide annual turnover, which means the Commission still has considerable room to escalate. For advertisers and brands, the pattern is the point: enforcement is active, it is financially material, and it spans the platforms where they advertise, publish and sell. Because preliminary findings can evolve and decisions can be appealed, confirm the current status of any specific proceeding against official EU sources. For the advertising-transparency strand specifically, see the DMA ad transparency guide , and monitor developments on the Policy Change Tracker . The organizing principle is that Temu is the largest expression of a two-track enforcement pattern — systemic risk and transparency — that advertisers should treat as a standing feature of the EU platform environment.

Does a fine against a platform like Temu actually affect advertisers and brands?

Yes — a systemic-risk fine against a platform affects advertisers and brands through several transmission channels, because enforcement forces platforms to change the features, ranking and recommendation surfaces that advertisers buy, alters the brand-safety profile of the platform as an adjacency, and reaches brands that sell through affected marketplaces, even though the fine itself is levied on the platform. The instinct to treat a platform fine as the platform's problem alone underestimates how tightly advertiser outcomes are coupled to platform design. Consider the first channel: design and mitigation changes. When the Commission compels a platform to mitigate a systemic risk under Articles 34 and 35, the platform typically alters product features, recommender behaviour, ranking or the visibility of certain surfaces. Those are the very surfaces on which ads are served and organic brand content is distributed, so a mitigation measure can change reach, frequency, placement and audience composition — sometimes quickly. An advertiser who treated the platform as a static environment can find its delivery and performance shifting because of a regulatory remedy. The second channel is brand-safety adjacency. A platform under enforcement for illegal products or harmful design is, by that fact, a more sensitive environment for a brand's paid and organic presence, and prudent media-quality decisions should fold enforcement findings in alongside traditional signals like viewability and fraud. The third channel is marketplace exposure. Brands that sell through a marketplace inherit the consequences of the marketplace's risk-management failings: heightened listing scrutiny, trader-traceability obligations, and product-safety expectations that can sweep in legitimate sellers when a marketplace tightens controls under regulatory pressure. The fourth channel is transparency obligations on advertising itself: the same DSA regime that fined X over its advertising repository requires platforms to label ads, disclose who paid and why a recipient is seeing them, and store ad information publicly — obligations that govern how an advertiser's own campaigns are presented and recorded. Taken together, these channels mean enforcement is an input to media planning, not a spectator event. The defensive posture is to monitor enforcement as a media-quality signal, keep your own disclosures and targeting compliant, and review marketplace obligations if you sell through affected platforms. Map your exposure with the Legal Compliance Scan , and ground marketplace duties with the e-commerce and DTC compliance guide . The organizing principle is that platform design and advertiser outcomes are coupled, so when enforcement changes the platform, it changes the advertiser's environment too.

What advertising transparency obligations does the DSA impose, and how should advertisers prepare?

The DSA requires that advertising on covered platforms be clearly identifiable as advertising in real time, that each ad disclose who is presenting it and who paid for it along with the main targeting parameters, that Very Large Online Platforms maintain a public repository of the ads they serve, and that platforms not run profiling-based advertising on special-category personal data or target it at users known to be minors — and advertisers should prepare by auditing their own creative, disclosures, targeting and repository entries against these requirements. Each obligation has a practical edge for advertisers. The clear-identification requirement means a recipient must be able to tell, clearly and in real time, that content is an advertisement, typically through prominent markings; native or ambiguous formats that blur the ad/organic line are exposed. The who-paid-and-why disclosure means platforms must surface, for each ad, the person on whose behalf it is shown and who funded it, plus meaningful information about the main parameters used to target the recipient — so an advertiser's targeting logic becomes partially visible, and any mismatch between stated and actual practice is a risk. The ad-repository obligation on VLOPs means the ads you run are retained in a publicly accessible archive for a defined period; this is the obligation whose failure contributed to the €120 million X fine under Article 39, and it means your campaigns leave a public, inspectable record. The targeting prohibitions are the sharpest: the DSA bars advertising based on profiling that uses special categories of personal data — such as data revealing health, sexual orientation, religious belief or political opinion — and bars profiling-based advertising directed at recipients the platform knows to be minors. These are flat prohibitions, not grey zones with grace periods, so any campaign that depends on such targeting is exposed regardless of how compliant the platform is. To prepare, advertisers should run a structured audit: confirm creative is unambiguously labelled, verify that paid-for and targeting disclosures are accurate, review public ad-repository entries for consistency with stated practices, and eliminate any profiling on special-category data or any profiling-based targeting that could reach minors. Document the review so diligence can be demonstrated if a campaign is later questioned. Pressure-test campaign language and targeting with the AI Compliance Audit , check restricted terms with the Keyword Risk Checker , and ground the framework with the European Union compliance guide . The organizing principle is that DSA advertising transparency makes your labelling, disclosures, targeting and ad-repository footprint inspectable, so the advertiser's task is to keep all four demonstrably compliant rather than relying on the platform's posture.

Temu €200M DSA Fine 2026: Advertiser & Brand Impact

Quick Answer

On 28 May 2026 the European Commission imposed a €200 million fine on the online marketplace Temu under the EU Digital Services Act (DSA), the largest DSA penalty issued to date. The decision was grounded in Articles 34 and 35 DSA — the systemic-risk assessment and mitigation obligations that apply to Very Large Online Platforms (VLOPs) — and found that Temu had failed to adequately identify and mitigate the systemic risk of illegal products being sold on its platform, with the Commission noting that Temu's risk assessment lacked specificity and concrete supporting evidence. Temu must submit a legally binding action plan by 28 August 2026 and has signalled it is exploring an appeal. The fine sits inside a wider 2026 enforcement wave: the Commission's first DSA non-compliance fine, €120 million against X, was issued on 5 December 2025 under Articles 25, 39 and 40 for a deceptive verified-account design, advertising-repository transparency failures and insufficient researcher data access, and on 6 February 2026 the Commission issued preliminary findings against TikTok under Articles 34 and 35 over addictive design features. DSA penalties can reach up to 6% of a provider's worldwide annual turnover, and the Commission holds exclusive enforcement authority over VLOPs. For advertisers and brands, the signal is that systemic-risk and transparency enforcement is now active and financially material across the platforms where they spend, sell and publish. Ground the framework with the European Union compliance guide, audit exposure with the AI Compliance Audit, and track enforcement on the Policy Change Tracker.

Temu's €200M DSA Fine in 2026: What Europe's Largest Platform Penalty Signals for Advertisers and Marketplaces

Europe's Largest DSA Fine to Date

On 28 May 2026 the European Commission fined the online marketplace Temu €200 million under the Digital Services Act, the largest penalty issued under the regulation since it took effect. The decision did not turn on a single piece of illegal content but on something more structural: the Commission concluded that Temu had failed to adequately assess and mitigate the systemic risk of illegal products being offered to consumers across its platform.

That framing matters for everyone who advertises on, sells through, or publishes alongside large platforms. The DSA's heaviest obligations are not about removing individual posts — they are about whether a platform has honestly mapped the systemic risks its design and scale create, and whether it has put proportionate measures in place. The Temu fine shows the Commission is willing to attach nine-figure penalties to failures at that systemic level.

"The DSA's systemic-risk regime does not ask whether a platform removed a given listing. It asks whether the platform understood the risks its own scale and design produce, and acted on them. Temu's fine is the first time that question has carried a €200 million answer.
— AuditSocials analysis of the Digital Services Act"

This guide explains what the Temu decision found, how it fits the broader 2026 enforcement wave, and — most importantly for marketers — why systemic-risk and transparency enforcement reaches advertisers and brands even when the fine lands on the platform. Ground the EU framework with the European Union compliance guide, and define terms in the compliance glossary.

What the Temu Decision Found

The Commission's decision was grounded in the DSA's systemic-risk provisions, which apply to the largest platforms designated as Very Large Online Platforms (VLOPs). Understanding the legal basis is the key to understanding why the fine was so large.

The Decision at a Glance

Element	Detail
Penalty	€200 million — largest DSA fine to date
Date	28 May 2026
Enforcing body	European Commission (exclusive VLOP authority)
Legal basis	Articles 34 and 35 DSA (systemic-risk assessment and mitigation)
Core finding	Inadequate assessment and mitigation of the systemic risk of illegal products
Commission critique	Risk assessment lacked specificity and concrete supporting evidence
Next step	Binding action plan due 28 August 2026; appeal under consideration

Articles 34 and 35 require a VLOP to identify, analyse and assess the systemic risks stemming from the design and use of its service — including the dissemination of illegal content or the sale of illegal products — and then to put in place reasonable, proportionate and effective mitigation measures. The Commission's position was that Temu's assessment was too thin: it did not engage with sufficient specificity or evidence with the real risk that illegal or unsafe products would reach EU consumers. Because the obligation is about the rigor of the risk-management system, the remedy is systemic too — a binding action plan, not the takedown of one listing. Track how this and similar decisions evolve on the Policy Change Tracker.

The 2026 DSA Enforcement Pattern

The Temu fine is not an isolated event. It is the most expensive data point in an enforcement pattern that took clear shape across late 2025 and the first half of 2026, and the pattern tells advertisers where the Commission is focused.

The Enforcement Wave So Far

Target	Date	Basis	Issue
X	5 Dec 2025	Articles 25, 39, 40	Deceptive verified-account design; ad-repository transparency; researcher data access
TikTok	6 Feb 2026 (preliminary)	Articles 34, 35	Addictive design features (infinite scroll, autoplay, notifications, recommender)
Temu	28 May 2026	Articles 34, 35	Systemic risk of illegal products

Two enforcement priorities emerge. The first is systemic-risk rigor under Articles 34 and 35 — the basis for both the TikTok proceedings and the Temu fine. The second is transparency, including the advertising-repository and verified-account failures cited in the €120 million X decision, which was the Commission's first DSA non-compliance fine. The financial stakes are real: DSA penalties can reach up to 6% of a provider's worldwide annual turnover. For the advertising-transparency dimension specifically, see the related DMA ad transparency guide, and confirm the current status of any proceeding against official EU sources, since preliminary findings are not final decisions.

Why This Reaches Advertisers and Brands

It is tempting for an advertiser to read a platform fine as the platform's problem. That is a mistake. Systemic-risk enforcement changes the environment advertisers operate in, and several of those changes land directly on brand budgets and brand safety.

The Transmission Channels

Design changes that reshape inventory: When the Commission forces a platform to mitigate systemic risk, the platform alters features, ranking and recommendation surfaces — the same surfaces advertisers buy. Mitigation that limits a feature can change reach, frequency and placement overnight.
Brand-safety adjacency: A marketplace or platform under fire for illegal products or harmful design is, by definition, a riskier adjacency for a brand's paid placements and organic presence. Enforcement findings are a signal advertisers should fold into media-quality decisions.
Seller and marketplace exposure: Brands that sell through marketplaces inherit the consequences of the marketplace's risk-management failures, from trader-traceability obligations to listing scrutiny that can sweep in legitimate sellers.
Transparency obligations on ads: The same regime that fined X over its ad repository requires platforms to label ads and disclose targeting parameters — obligations that shape how advertisers' own campaigns are presented and stored publicly.

The throughline is that enforcement is not a spectator sport for advertisers. When a platform is compelled to change how it manages risk, the advertiser's reach, adjacency and disclosure obligations move with it. Map your own exposure across platforms with the Legal Compliance Scan, and ground marketplace-specific duties with the e-commerce and DTC compliance guide.

Ad Transparency Obligations Under the DSA

Because the X fine put advertising transparency at the center of DSA enforcement, advertisers should understand the specific obligations that govern how their ads appear and are recorded on large platforms.

What the DSA Requires for Advertising

Clear ad identification: Recipients must be able to identify, in a clear and unambiguous way and in real time, that the content is an advertisement, including through prominent markings.
Who paid and why you see it: Platforms must disclose, for each ad, the natural or legal person on whose behalf the ad is presented and who paid for it, along with meaningful information about the main parameters used to target the recipient.
Ad repositories on VLOPs: Very Large Online Platforms must maintain a publicly accessible repository of the advertisements they present, retained for a defined period — the obligation whose failure contributed to the X fine under Article 39.
No targeting on sensitive data or to minors: The DSA prohibits advertising based on profiling using special categories of personal data, and prohibits profiling-based advertising targeted at recipients the platform knows to be minors.

For advertisers, these obligations are not abstract. They determine how your creative is labelled, how your targeting is disclosed in a public repository, and which audiences you may lawfully profile. A campaign that relies on sensitive-data targeting or that reaches minors through profiling is exposed regardless of the platform's own compliance posture. Pressure-test your campaign language and targeting with the AI Compliance Audit, and check restricted terms with the Keyword Risk Checker.

What Advertisers Should Do Now

The Temu decision is a prompt to treat platform regulatory health as an input to media planning, not a footnote. The following steps translate the enforcement signal into operational practice.

Concrete Steps

Monitor enforcement as a media-quality signal: Fold DSA decisions and preliminary findings into how you assess platform brand safety, the same way you would viewability or fraud metrics.
Audit your own ad disclosures: Confirm your ads are clearly identifiable, that the paid-for and targeting disclosures are accurate, and that nothing in a public ad repository contradicts your stated practices.
Eliminate prohibited targeting: Remove any profiling that relies on special-category data or that could reach minors, since these are flat prohibitions, not grey areas.
Stress-test marketplace exposure: If you sell through marketplaces, review trader-traceability, product-safety and listing-accuracy obligations, because marketplace enforcement can reach legitimate sellers.
Document your diligence: Keep a record of the platform-risk reviews and disclosure checks you run, so you can demonstrate diligence if a placement or campaign is later questioned.

None of this requires predicting which platform the Commission fines next. It requires treating enforcement as a standing input and keeping your own house — disclosures, targeting and marketplace listings — demonstrably in order. Build the monitoring habit with the Policy Change Tracker, and ground the broader obligations with the European Union compliance guide.

DSA Exposure Checklist

[ ] Identified which platforms you use are designated VLOPs under the DSA
[ ] DSA enforcement decisions and preliminary findings tracked as a brand-safety signal
[ ] Ads confirmed clearly identifiable as advertising in real time
[ ] Paid-for and targeting-parameter disclosures verified as accurate
[ ] Public ad-repository entries reviewed for consistency with stated practices
[ ] Profiling on special-category data eliminated
[ ] Profiling-based advertising to known minors eliminated
[ ] Marketplace trader-traceability and product-safety obligations reviewed
[ ] Platform-risk diligence documented for audit
[ ] Current proceeding status confirmed against official EU sources

Don't miss the next policy change.

Create a free account — track every policy change across 8 platforms, get instant alerts, and access every free compliance tool. Or try our Keyword Risk Checker first.

Create Free Account

Report Keywords — Run AI Compliance Audit

#DSA#Digital Services Act#Temu#Systemic Risk#Brand Safety#Marketplace Compliance#Ad Transparency#EU Regulation#Advertisers#E-commerce#2026 Policy#Compliance Guide 2026

Share This Report

Tweet Share

UK Online Safety Act Age-Assurance Enforcement 2026: How Ofcom's Ad-Network Business Disruption Lever Reaches Advertisers

Ofcom's Online Safety Act enforcement can reach beyond platforms to the advertising networks that fund them. With a July 2026 age-assurance effectiveness report due, here is how the business-disruption lever changes brand-safety calculus.

EU DSA Article 26 — Political Advertising Transparency: First-Year Implementation Data Across 27 Member States

EU DSA Article 26 governs political ad transparency across the EU — first-year data shows uneven member-state activity, Ireland enforcement concentration, and a tiered penalty structure.

FTC AI Endorsement Rules 2026 — 16 CFR Part 255 Application to Synthetic Content & State Equivalents

The FTC's 16 CFR Part 255 framework now applies to synthetic endorsements with per-violation penalties up to $53,088, stacking with California, Colorado, and New York laws into compound liability.

Temu's €200M DSA Fine in 2026: What Europe's Largest Platform Penalty Signals for Advertisers and Marketplaces