EU Tests Limits of Platform ‘Risk Assessments’ with €200 Million Temu Fine

The European Commission on Thursday fined Temu €200 million for breaching the Digital Services Act (DSA), finding that the Chinese e-commerce platform failed to properly assess the systemic risks posed by illegal and unsafe products being sold to consumers across the European Union.

The fine is the largest imposed so far under the DSA — the EU's landmark platforms regulation — surpassing the €120 million penalty levied against Elon Musk's X in December 2025 over transparency failures.

The Commission said Thursday that Temu failed to properly evaluate the risks of illegal and unsafe products on its platform, including risks tied to its recommendation systems and influencer affiliate program.

That focus reflects a broader shift in Brussels. The enforcement approach echoes other ongoing EU proceedings against major platforms, including Meta, where regulators have also focused on how platforms construct and justify their own internal risk assessments, rather than only on downstream harms.

"Risk assessments are not box-ticking exercises — they are the backbone of the DSA," said Henna Virkkunen, the European Commission's Executive Vice President for Tech Sovereignty, Security and Democracy. "Temu's risk assessment underestimates concrete risks, lacks specificity, is not grounded in solid evidence, and is not comprehensive."

The company said it is reviewing the decision and considering its options.

“Temu respects the objectives of the Digital Services Act and the need for clear, consistent rules across the digital economy,” a Temu spokesperson said in an email to Tech Policy Press. “However, we disagree with the European Commission’s decision and consider the fine to be disproportionate. The decision relates to our first DSA assessment in 2024 and does not reflect the current state of our systems. Temu engaged constructively with the Commission throughout the process and has since taken further steps to strengthen risk assessment, platform governance, and user protection.”

What the Commission found

The Commission's findings were grounded in a mystery shopping exercise conducted by an independent testing organization on its behalf. A very high percentage of phone chargers selected for testing failed basic electrical safety standards. A high percentage of baby toys posed safety risks of medium to high severity — containing chemicals exceeding legal safety limits or featuring detachable parts that present suffocation hazards.

The Commission also drew on data from EU customs and market surveillance authorities, which recorded high rates of non-compliance among products in the categories tested.

Those findings echoed independent testing published in February 2025 by BEUC, the European consumer organization representing 45 consumer groups across 31 countries, which found phthalates — chemicals linked to reproductive harm — at up to 240 times the legal limit in toys sold on the platform. BEUC filed formal complaints against Temu in May 2024, helping trigger the Commission’s investigation.

“Evidence from consumer groups has shown the presence of unsafe and illegal products on the platform in various categories, including chargers and children’s toys,” Alexandre Biard, Manager of Enforcement at BEUC, told Tech Policy Press. “But our research also found risks to consumers due to the use of harmful substances or low-quality materials among jewelry, shoes, clothes, food contact materials, cosmetics and more.”

“For any products that a consumer can buy on Temu, the company has a responsibility to ensure they are safe and compliant with EU law,” he said. “Temu is also targeted by consumer protection authorities for suspected breaches of EU consumer rules," Biard added. "We hope that all these actions together will trigger behavioral changes."

The fine lands alongside a parallel EU squeeze on Chinese e-commerce. From July 1, a new €3 customs fee applies to all parcels under €150 entering the EU from China. AliExpress and Shein face their own DSA scrutiny, though at different stages. AliExpress reached binding commitments with the Commission in June 2025 over risk management failures, advertising transparency, and its affiliate program, avoiding a fine, but remaining under a monitoring trustee. A separate strand, however, on the dissemination of illegal products is still active.

Shein, designated a very large online platform in April 2024, faces formal proceedings opened in February covering illegal product sales, compulsive use of features including points and rewards systems, and recommender system transparency.

Influencers pulled into the compliance frame

A notable feature of the Temu decision is the Commission’s assessment of its influencer affiliate program, which pays commissions to creators driving sales. Regulators said the company failed to assess how the model could amplify exposure to unsafe or illegal products.

"This is the first time the Commission acknowledges that influencer marketing can be a risk factor in the meaning of Article 34(1)(a)," said Catalina Goanta, an associate professor at Utrecht University who has researched affiliate marketing and DSA compliance. "Albeit not for hidden advertising, but for the problem of product safety."

The implications extend beyond Temu. Goanta argues there are two distinct compliance obligations for platforms with affiliate programs: assessing and reducing illegal product listings on their own platform, and imposing standardized disclosure requirements on affiliates — the micro- and nano-influencers who enroll in these programs and promote products across social media.

"A compliant risk assessment needs to show that the marketplace is aware and in control of the consequences of its online operations, regardless of whether they take place on its own platform or extend to other systems," she said.

On remediation, Goanta pointed to Temu's action plan as an opportunity to address the affiliate programs directly. Platforms could require affiliates to certify compliance through self-regulatory bodies — such as the European Advertising Standards Alliance (ASA) AdEthics program — which trains influencers in legal disclosure obligations and provides a monitoring framework. Whether the Commission will push for commitments at that level of specificity remains to be seen.

What happens next?

Thursday's decision closes only one of four investigation strands the Commission opened against Temu in October 2024. Proceedings covering addictive design features, recommender system transparency, and researcher data access remain ongoing. If the Commission acts on the addictive design strand — Temu's gamification mechanics, countdown timers, and spin-the-wheel reward systems — it would be the first DSA enforcement action targeting dark patterns in an e-commerce context.

Temu has until August 28 to submit an action plan to the Commission under Article 75 of the DSA, setting out how it will remedy its risk assessment failures. The European Board for Digital Services then has one month to issue an opinion and the Commission has a further month to adopt a final decision and set an implementation timeline.

This piece was updated shortly after publication to include a statement from a Temu spokesperson.