Artifact GuideEU

EU Digital Markets Act (DMA) Enforcement, Penalties & Remedies

Understand enforcement mechanics and what "effective compliance" looks like to the Commission.

Built for practitioners: triggers, timelines, evidence expectations, and how fines/remedies escalate.

Back to main artifactReview sources
Author
Sorena AI
Published
Feb 21, 2026
Updated
Feb 23, 2026
Sections
7

Structured answer sets in this page tree.

Primary sources
4

Cited legal and guidance references.

Publication metadata
Sorena AI
Published Feb 21, 2026
Updated Feb 23, 2026
Overview

DMA enforcement is not hypothetical: it is a structured process with information requests, preliminary findings, decisions, and escalating remedies. The safest compliance programs are designed backward from enforcement: what evidence can we produce, how quickly, and how do we prove our implementation is effective (not just documented)?

Section 1

Enforcement triggers: how DMA issues become cases

DMA cases can start from gatekeeper notifications and compliance reporting, Commission monitoring, stakeholder submissions, or observable product practices.

Third parties (business users, competitors, end users) can inform national competent authorities or the Commission about practices that fall within DMA scope.

  • Common trigger themes: consent/data combination (Article 5(2)), self-preferencing in ranking (Article 6(5)), app distribution and defaults (Article 6(3)-(4)), interoperability and access to OS features (Article 6(7)), and messaging interoperability (Article 7).
  • A single CPS listing can create multiple enforcement threads: one for each obligation cluster.
  • Design intake and triage: map every complaint to CPS + obligation + evidence gap.
Recommended next step

Use EU Digital Markets Act (DMA) Enforcement, Penalties & Remedies as a cited research workflow

Research Copilot can take EU Digital Markets Act (DMA) Enforcement, Penalties & Remedies from understanding exposure and enforcement with cited answers to a reusable workflow inside Sorena. Teams working on EU Digital Markets Act (DMA) can keep owners, evidence, and next steps aligned without copying this guide into separate documents.

Research workflow
Open Research Copilot for EU Digital Markets Act (DMA) Enforcement, Penalties & Remedies

Start from EU Digital Markets Act (DMA) Enforcement, Penalties & Remedies and answer scope, timing, and interpretation questions with cited outputs.

Explore next step
Talk to Sorena
Talk through EU Digital Markets Act (DMA)

Review your current process, evidence gaps, and next steps for EU Digital Markets Act (DMA) Enforcement, Penalties & Remedies.

Explore next step
Section 2

The enforcement workflow: from proceedings to non-compliance decisions

The DMA includes a formal enforcement path where the Commission can open proceedings, communicate preliminary findings, consult third parties, and adopt a non-compliance decision ordering the gatekeeper to cease and desist within a deadline.

The Commission endeavours to adopt a non-compliance decision within 12 months from the opening of proceedings.

  • Preliminary findings step: the Commission communicates preliminary findings and explains measures it is considering or expects the gatekeeper to take.
  • Non-compliance decision: can order the gatekeeper to stop the behaviour and explain how it will comply; gatekeeper must describe measures taken.
  • Commitments path: during proceedings, gatekeepers may offer commitments; the Commission may make them binding and close the case if satisfied.
Section 3

Tools before a final decision: monitoring and interim measures

DMA enforcement is supported by monitoring powers and, in urgent cases, interim measures.

These mechanisms matter because they influence what you must be able to produce quickly: documents, data, explanations, and operational controls.

  • Monitoring: the Commission can monitor implementation of obligations and decisions, including imposing document retention obligations and appointing independent experts/auditors.
  • Interim measures: in urgency (risk of serious and irreparable damage), the Commission may order interim measures via implementing act based on a prima facie finding of an infringement of Articles 5-7.
  • Inspections and information requests: be prepared for requests that require access to data, algorithms, and information about testing.
Section 4

Penalties: fines and periodic penalty payments (the money part)

DMA penalties are designed to be material at gatekeeper scale. There are fines for non-compliance and separate fines for procedural failures (e.g., misleading information or failure to notify).

Periodic penalty payments can be used to compel compliance on a daily basis.

  • Non-compliance fines: up to 10% of total worldwide turnover in the preceding financial year for failing to comply with obligations in Articles 5-7 (and related measures/remedies/interim measures/commitments).
  • Repeat infringements: up to 20% of total worldwide turnover if the same or similar infringement occurs within 8 years for the same CPS after a prior non-compliance decision.
  • Procedural fines: up to 1% of total worldwide turnover for failures such as not providing required information for designation, supplying incorrect/misleading information, or failing to notify under Article 3(3).
  • Periodic penalty payments: up to 5% of the average daily worldwide turnover per day to compel compliance with specific decisions and requests.
Section 5

Remedies: what "effective compliance" can require beyond toggles

DMA remedies aim at effective compliance and contestability. A "paper compliance" program that does not change outcomes will be fragile under scrutiny.

You should be able to explain-obligation by obligation-how your implementation achieves the DMA objective, what tradeoffs were made, and why any restrictions are necessary and proportionate.

  • Product remedies: redesign choice screens, ranking and recommendation policies, data-sharing controls, app distribution flows, and interoperability interfaces.
  • Commercial remedies: adjust terms, fees, access conditions, and dispute mechanisms for business users on app stores/search/social networks.
  • Operational remedies: improve monitoring, incident-style response for compliance regressions, and evidence capture aligned to the Article 11 report template.
Section 6

Systematic non-compliance: when DMA cases escalate into market investigation remedies

Article 18 is the DMA escalation path for repeated failure. It is not just about another fine; it allows the Commission to investigate whether repeated infringements have maintained, strengthened, or extended gatekeeper power.

This matters because a gatekeeper can move from obligation-level remediation into behavioral or structural remedies if the Commission sees a pattern rather than an isolated miss.

  • A gatekeeper is deemed to have engaged in systematic non-compliance where the Commission has issued at least 3 non-compliance decisions within 8 years in relation to any of its CPS.
  • The Commission aims to conclude that market investigation within 12 months, subject to limited extensions on objective grounds.
  • Possible remedies include behavioral measures and structural measures that are proportionate and necessary to ensure effective compliance.
  • The remedy toolkit can also include a temporary ban on certain concentrations in affected digital services where that is needed to restore fairness and contestability.
Section 7

How to prepare: enforcement-ready compliance evidence checklist

The best defense is an evidence library that makes your compliance explainable, reproducible, and testable.

Align your evidence to the Commission's Article 11 compliance report template: it anticipates the kinds of questions enforcement teams will ask.

  • Per CPS and per obligation: prior state, implementation date, scope, engineering changes, UX changes, and the business/user impact.
  • Proof of effectiveness: metrics and testing results (e.g., default setting changes actually take effect; portability APIs work; ranking neutrality tests pass).
  • Decision log: integrity/security restrictions with proportionality justification and alternatives considered.
Primary sources

References and citations

Related guides

Explore more topics

DMA Applicability Test (Gatekeeper Scoping) | EU Digital Markets Act
A practical DMA applicability test for teams scoping EU Digital Markets Act exposure: core platform service (CPS) mapping, gatekeeper presumption thresholds.
DMA Compliance Checklist (Execution-Ready) | EU Digital Markets Act
An execution-ready EU DMA checklist: CPS scoping, gatekeeper thresholds, designation readiness, Article 5-7 obligation mapping, product/engineering controls.
DMA Compliance Program & Monitoring (Compliance Function + Evidence)
How to build an EU DMA compliance program that survives scrutiny: Article 28 compliance function design, monitoring readiness.
DMA Deadlines & Compliance Calendar (Key Dates) | EU Digital Markets Act
A calendar-ready DMA deadlines guide: application date, gatekeeper notification (2 months), designation (45 working days), 6-month compliance deadline.
DMA Do's and Don'ts for Product Teams | EU Digital Markets Act
Practical DMA do's and don'ts for product and engineering teams: how to avoid self-preferencing, implement choice screens and default changes.
DMA Fines & Penalties (10% / 20% / 1% + 5% per day) | EU Digital Markets Act
A practitioner guide to DMA penalties: non-compliance fines up to 10% worldwide turnover, repeat infringement fines up to 20%, procedural fines up to 1%.
DMA Obligations List (Articles 5, 6, 7) - By Obligation | EU Digital Markets Act
A detailed, obligation-by-obligation breakdown of the EU Digital Markets Act (DMA): Article 5 restrictions, Article 6 obligations (choice screens, app stores.
DMA Self-Preferencing Compliance Examples (Article 6(5)) | EU Digital Markets Act
Practical self-preferencing compliance guidance for DMA Article 6(5): what counts as self-preferencing in ranking/indexing/crawling, what "transparent, fair.
DMA vs DSA: What's the Difference? (EU Platform Laws)
A practical comparison of the EU Digital Markets Act (DMA) vs the Digital Services Act (DSA): what each law regulates, who is in scope, core obligations.
EU Digital Markets Act (DMA) Requirements (Articles 5-7)
A deep, execution-ready overview of EU DMA requirements for gatekeepers: Article 5 restrictions, Article 6 obligations (choice screens, app distribution.
EU DMA Compliance Guide (How to Comply) | Digital Markets Act (DMA)
A practical guide to EU Digital Markets Act (DMA) compliance: how to scope CPS, start the 6-month clock after designation, implement Articles 5-7 obligations.
EU DMA FAQ (Gatekeepers, Obligations, Deadlines) | Digital Markets Act
EU Digital Markets Act (DMA) FAQ: what is a gatekeeper, what counts as a core platform service (CPS), what are the key obligations (Articles 5-7).
EU DMA Timeline & Key Milestones | Digital Markets Act (2022/1925)
A grounded EU Digital Markets Act (DMA) timeline: application date, gatekeeper designations, compliance clocks, Article 7 staged interoperability milestones.
Gatekeeper Compliance Checklist (DMA Articles 5-7 + Article 11)
A gatekeeper-focused DMA compliance checklist: what to implement within 6 months per listed CPS, how to structure the Article 11 compliance report.
Gatekeeper Designation Guide (DMA Article 3) | EU Digital Markets Act
A practical guide to DMA gatekeeper designation: core platform service mapping, Article 3 thresholds (45M / 10,000 / EUR 7.5B / EUR 75B).