Ensuring compliance with the Digital Markets Act


The Regulation on contestable and fair markets in the digital sector – better known as the Digital Markets Act (“DMA”) – entered into force in November 2022 and is applicable since 2 May 2023 (for more background information see our Noerr News article).

In September 2023, the European Commission (“Commission”) designated six businesses as “gatekeepers” (Alphabet, Amazon, Apple, ByteDance, Meta and Microsoft) in relation to 22 so-called “core platform services” operated by them. These services can be considered as an important gateway between a large number of business users on the one hand and consumers on the other hand. The Commission carries out further investigations as a result of which other companies and services may be added to the list (for further details see our Noerr News article).

To ensure compliance with the obligations under the DMA, the Commission released a compliance report template and other forms that designated gatekeepers will have to complete. As of the compliance day (7 March 2024), gatekeepers will have to regularly submit reports showing their compliance with the DMA obligations. The non-confidential versions will be made available to the public by the Commission. This way the Commission will find out what third parties think and what their understanding of the market is.

Business users of the gatekeepers’ core platform services and competitors are well advised to watch this space. In addition to the possibility of asserting rights by means of private enforcement, they will have a crucial role to help the Commission monitoring compliance of the gatekeepers (see also our Noerr News article).

Template for the compliance report explained

The Compliance Report Template (“Template”) released last October has been further refined based on the contributions received during the public consultation on the draft template (further background information here).

Article 11 DMA mandates the gatekeepers to “provide the Commission with a report describing in a detailed and transparent manner the measures it has implemented to ensure compliance with the obligations laid down in Articles 5, 6 and 7”, including a non-confidential summary which will be made available on the Commission’s website.

The report must be submitted within six months after designation and updated each year thereafter. Therefore, the gatekeepers have until 7 March 2024 to submit their first report, covering all their core platform services listed in the relevant designation decision.

The following table identifies the core platform services for which the designated gatekeepers will have to demonstrate compliance:

(Click here or on the image for enlarged version)

table DMA gatekeepers

The Template specifies the minimum of information that the Commission expects the gatekeepers to provide and is divided into five different sections after a short introduction.

The important second section lists a long, non-exhaustive catalogue of requirements regarding compliance with the obligations laid down in Articles 5, 6 and 7 of the DMA. Each reply shall be provided in a separate and standalone annex for each core platform service. The list requires, among other things, information regarding:

  • the relevant situation prior to the implementation of the compliance measure,
  • the scope of the measure in terms of the products / services / devices covered,
  • the geographic scope of the measure,
  • changes made in connection with the implementation of the measure,
  • consultation with end users, business users and / or interested parties carried out in the context of the elaboration of the measure,
  • involvement of external consultants in the elaboration of the measure,
  • actions taken to inform end users and / or business users of the measure,
  • relevant data supporting the effectiveness of the measures in achieving the objectives of the DMA.

Gatekeepers shall also describe the procedure granting third parties access to data, where applicable. The Commission leaves it to gatekeepers to present the data and analysis they believe to be most appropriate to assess effectiveness and compliance with the DMA obligations.

The other sections of the Template deal with information about the reporting undertaking, its compliance function and policies, the provision of a non-confidential summary of the report and the declaration of completeness, correctness and truthfulness. Failure by a gatekeeper to provide true, correct and complete information may be directly associated with non-compliance.

The Commission expects the reports to play a fundamental role in assessing gatekeepers’ compliance with the obligations foreseen in the regulation and are keen to find out what third parties think and what their understanding of the market is. To that end, the Commission may regularly update the Template to request further information from gatekeepers and finally also decide to use its investigatory powers and open proceedings to adopt a non-compliance decision.

Other templates

The Commission has also published other relevant templates that designated gatekeepers will have to follow to ensure compliance with the DMA:

  • The Article 8(3) DMA Template (request for specification dialogue) specifies the information needed to launch a request to engage in a specification process with the Commission which determines whether the intended or implemented compliance measures are effective in achieving the objective of the relevant obligation. The gatekeeper must also provide a non-confidential version of the reasoned submission explaining the measures which may be shared with third parties.
  • The Article 9 DMA Template (suspension request) specifies the information needed to launch a request for suspension, in whole or in part, of a specific DMA obligation due to exceptional circumstances beyond the gatekeeper’s control which would endanger the economic viability of its operations in the EU.
  • The Article 10 DMA Template (exemption request) specifies the information needed to launch a request to be exempted, in whole or in part, from a specific DMA obligation based on grounds of public health or public security.
  • The Article 14 DMA Template (information on transactions) specifies the minimum information to be provided by gatekeepers to the Commission of any intended concentration within the meaning of Article 3 of the EU Merger Regulation, where the merging entities or the target of concentration provide core platform services or any other services in the digital sector or enable the collection of data.
  • The Article 15 DMA Template (consumer profiling report) specifies the information to be provided by gatekeepers to the Commission about all techniques used for profiling of consumers applied to or across the core platform services. The report must contain the assessment of an independent auditor on the completeness and accuracy of the description and a non-confidential overview of the report shall be made publicly available by the gatekeeper. Both the description and the overview must be updated each year thereafter.
  • The Commission also released a Power of Attorney Template.

The non-confidential summary of the compliance report should enable third parties to scrutinise and eventually provide the Commission with contributions regarding the gatekeepers’ compliance with the regulation and possibly also propose alternative benchmarks. Hence, the compliance reports will be a tool in particular for business users to evaluate whether the gatekeepers propose and adhere to effective compliance with the DMA obligations.

Note: The book “New Digital Markets Act – A Practitioner’s Guide” recently published by Jens Peter Schmidt and Fabian Hübener is our take on the background, implementation and compliance with the DMA. For further advice and individual solutions concerning the DMA and related competition matters, do not hesitate to contact us.