Meet the requirements of the EU’s Digital Services Act

Conduct a comprehensive annual independent audit of due diligence obligations set out in Chapter III (Articles 11 to 48) of the Digital Services Act (DSA)

What is the Digital Services Act?

Seeking to foster safe online environments for users in the EU, the DSA imposes cumulative obligations on intermediary services that fall under the definition of Hosting Services, Online Platforms and Very Large Online Platforms (VLOPs) and Search Engines (VLOSEs). The provisions apply differently depending on the nature of the intermediary service, with VLOPs and VLOSEs – platforms with more than 45 million Monthly Active Users in the EU – subject to requirements like annual independent audits.

The DSA came into force in November 2022, and will be applicable from 17 February 2024. Provisions for VLOPs and VLOSEs became applicable from late-August 2023.

DSA Audits with Holistic AI

Holistic AI provides comprehensive and tailored solutions to support your business with compliance obligations under the Digital Services Act.

How do we achieve this? By considering several factors, such as the complexity and novelty of conducting such audits, the need to deploy socio-technical methods to audit certain provisions, and the timeline for the application of obligations, among others.

Pursuant to the Delegated Regulation on Independent Audits under the DSA, Holistic AI provides the following services to covered entities:

Regulatory compliance

  • An independent annual audit of due diligence obligations set out in Chapter III (Articles 11 to 48) of the DSA
  • Compliance with any commitments undertaken pursuant to codes of conduct or crises protocols, where applicable

Comprehensive testing

Deploy socio-technical interventions to evaluate platform features, policies and processes for trust & safety


Deliver a Final Audit Report, in line with the guidance and template provided by the Draft Delegated Regulation at the end of the audit period, containing Audit Conclusions, Recommendations, Risks Analysis, and a Cumulative Audit Opinion.

Schedule a call

Navigate the Digital Services Act with confidence

Audit your safety and integrity systems, processes and policies

Identify risks across your platform’s trust and safety infrastructure, in line with DSA requirements

Comprehensive summary of audit results

Receive a full version (for EU authorities and internal use) and a redacted/shortened version of the Final Audit Report, as required under Articles 37 and 42(5) of the DSA

Mitigation recommendations and audit transparency

Where required, receive operational recommendations corresponding to audited obligations, along with a transparent record of the methodologies and processes used to conduct these audits

Schedule a call


Which providers does the DSA apply to?

The Digital Services Act includes rules for online intermediary services; hosting services, marketplaces, and online platforms, which millions of Europeans use every day. The obligations of different online players match their role, size and impact in the online ecosystem with specific focus on Very Large Online Platforms (VLOPs) and Very Large Online Search Engines (VLOSEs).

What are VLOPs and VLOSEs and who are they?

Very Large Online Platforms (VLOPs) and Very Large Online Search Engines (VLOSEs) are the platforms that have over 45 million average monthly users in the EU. There are 19 platforms designated as of now:

  • Alibaba
  • AliExpress
  • Amazon Store
  • Apple AppStore
  • Bing
  • Facebook
  • Google Play
  • Google Maps
  • Google Search
  • Google Shopping
  • Instagram
  • LinkedIn
  • Pinterest
  • Snapchat
  • TikTok
  • Twitter
  • Wikipedia
  • YouTube
  • Zalando

How does the enforcement work?

The EU's DSA will be enforced through National Authorities and the EU Commission – national authorities will have to designate a competent authority to supervise and enforce. For VLOPs and VLOSEs, the EU Commission will be the body of enforcement.

What are the penalties for non-compliance with the DSA?

According to Article 52, non-compliance can attract penalties of up to 6% of annual worldwide revenue. Furthermore, Article 54 states that companies and platforms will also have exposure to civil suits and liability as individuals, businesses and other users can seek compensation for any damage or loss suffered from non-compliance/infringement.

Key Resources & Insights

Prepare for the DSA

Schedule a call with our team and get started on preparing your organization for the Digital Services Act today

Schedule a call