Regulatory Compliance for Ecommerce Retailers

Over the last quarter, 20+ businesses have come to us for guidance after receiving noticed for sales tax audits. This isn’t a coincidence. Sales tax audits are increasing, especially within e-commerce. States are increasing their efforts to find non-compliant businesses. It's been almost 7 years since the Wayfair decision, and states aren’t as lenient as before. Audit task forces are growing in high-population states like California, Texas, and Illinois. And since sales tax revenue funds budget items, states have a vested interest in closing the gap between the taxes owed and the taxes paid. Pre-audit questionnaires are also becoming more common. States are sending them to businesses, even if they haven't registered, requesting up to 3 years of sales data. And on top of all this, states are working together—sharing business information, making it easier to find non-compliant sellers. So if you’re non-compliant in one state, you may be caught by another. Staying compliant across every state you sell in is more important than ever. You might be subject to an audit if:  → You've failed to register and remit sales tax → You report high amounts of sales tax immediately after registering → You're connected to other vendors or customers being audited The penalties for non-compliance are high and getting stricter. In some states, penalties can be as high as 39% of taxes owed. My advice to ensure compliance: 1. Stay on top of it—once you’ve reached the nexus threshold in a state, register and file.  2. Partner with an expert or use sales tax software to help you keep track of changes. 3. If you’ve been non-compliant for some time, a Voluntary Disclosure Agreement could help reduce penalties and liability. States aren’t playing around, and they will come knocking. The cost of non-compliance far outweighs the effort of staying on top of your sales tax obligations. If you have any questions about staying compliant, shoot me a message—happy to help.

If you think compliance is simply a cost center, look no further than what’s happening with Temu and Shein. A Congressional oversight committee report called out the Chinese behemoth marketplaces in 2023 for failing “to maintain even the facade of a meaningful compliance program.” The result? Scrutiny, legal risk, and reputational damage. But let’s be clear—this isn’t just about two companies. For importers, customs brokers, and marketplaces alike, compliance isn’t optional. Compliance is not only the backbone of any company with an international supply chain, but it actually can be the difference between going big and going home. Why do compliance programs matter? 👉 For Importers: - Forced labor bans, de minimis restrictions, and tariff changes are evolving - Compliance programs allow you to implement agility quickly, and be ready to pivot alongside fast-changing changing regulations - Without a compliance program, you could be shipping goods that violate U.S. or other laws—leading to seizures, fines, and loss of supplier relationships Temu’s risk? It could be yours. If your supply chain isn’t fully traceable, how do you know your goods are compliant? The answer: prioritizing master data and proactive screening 👉 For Customs Brokers: - If your clients get hit with compliance violations, you do too (it's your license on the line after all) - You’re expected to be the expert in regulatory shifts like Uyghur Forced Labor Prevention Act (UFLPA), tariff exclusions, and de minimis eligibility changes - A strong compliance program ensures you’re not just processing entries—you’re protecting your clients and your business 👉 For Marketplaces: - Your entire platform is at risk if you don’t enforce compliance on sellers - Temu’s “we’re not the importer of record” argument is falling apart—lawmakers are making it clear that marketplaces facilitating noncompliant imports will face consequences - If you aren’t vetting suppliers and enforcing compliance rules, your marketplace could be next in the crosshairs The bottom line? Compliance can't be an afterthought. Temu and Shein have been getting their act together since this report. Their situation is a warning: If you don’t build a strong compliance program proactively, it will be forced upon you reactively. I help companies secure their transactions at origin, validate supplier compliance, and ensure smooth customs clearance—companies have launched my program as quickly as 60 days. #customscompliance #tariffs #ecommerce

Yesterday the California Privacy Protection Agency settled with a retailer for individual privacy rights violations. Here's what to know and check ⤵️ The settlement was of an enforcement action with an apparel #retail company for alleged data subject rights-related CCPA violations. It resulted in a $345k fine, and requirements to implement contracting and training protocols. Three issues were the basis of the action: ▪️Use of a cookie consent management solution for opt-outs of "sales" and "sharing" that didn't work properly for ~40 days in 2023 (it wasn't accessible, and Global Privacy Control signals were not honored during this time); ▪️Verifying identities of individuals before allowing opt-outs of "sales" and "sharing"; and ▪️Requesting more information than needed (government identification info) to verify identities for other data subject rights.   The action shows California regulators' continued focus on the detailed requirements in the CCPA regulations, and on common website practices to enable #OnlineAdvertising. To stay ahead of the issues the CPPA focused on: 1️⃣ Confirm your company's website honors Global Privacy Control signals; 2️⃣ Monitor and periodically test that cookie consent management solutions are properly configured and working; 3️⃣ Validate that your company's data subject rights processes do not require verification of requests to opt-out of "sales" and "sharing"; 4️⃣ For data subject rights where verification is permitted, confirm that the information requested aligns with the CCPA regulations. In particular, do not request unnecessary sensitive personal information or more information than necessary. Announcement: https://lnkd.in/gt3cWJME Order: https://lnkd.in/g5ZSWCR4 #privacy #privacylaw #compliance

🚨 𝐇𝐨𝐰 𝐝𝐨𝐞𝐬 "𝐌𝐞𝐫𝐜𝐡𝐚𝐧𝐭 𝐨𝐟 𝐑𝐞𝐜𝐨𝐫𝐝" (𝐌𝐨𝐑) 𝐰𝐨𝐫𝐤 𝐢𝐧 𝐏𝐚𝐲𝐦𝐞𝐧𝐭𝐬 — by Solidgate 👇 The Merchant of Record (MoR) model plays a crucial role in simplifying global commerce. For businesses operating across multiple markets, MoR acts as the legal and financial intermediary that takes on the responsibility of selling to end customers. Instead of every seller navigating compliance, tax, and payment complexity independently, an MoR assumes these responsibilities — making expansion faster, leaner, and compliant. — 𝐖𝐡𝐚𝐭 𝐢𝐬 𝐭𝐡𝐞 𝐌𝐨𝐑 𝐌𝐨𝐝𝐞𝐥? ► The MoR is the entity legally responsible for processing transactions and delivering goods/services to end customers. ► It manages payment acceptance, compliance, taxes, and chargebacks — so sellers can focus on scaling rather than building regulatory and financial infrastructure. — 𝐇𝐨𝐰 𝐃𝐨𝐞𝐬 𝐌𝐨𝐑 𝐖𝐨𝐫𝐤? 1️⃣ The seller sells products/services to the MoR. 2️⃣ The MoR processes customer payments, ensuring tax, compliance, and local regulations are covered. 3️⃣ End customers purchase from the MoR — not directly from the seller. 4️⃣ The MoR pays out the net amount to the seller after deducting taxes, fees, and associated costs. — 𝐊𝐞𝐲 𝐑𝐞𝐬𝐩𝐨𝐧𝐬𝐢𝐛𝐢𝐥𝐢𝐭𝐢𝐞𝐬 𝐨𝐟 𝐚 𝐌𝐨𝐑 𝐏𝐫𝐨𝐯𝐢𝐝𝐞𝐫: → 𝐏𝐚𝐲𝐦𝐞𝐧𝐭 𝐏𝐫𝐨𝐜𝐞𝐬𝐬𝐢𝐧𝐠 – Accepts, settles, and reconciles transactions globally. → 𝐓𝐚𝐱 𝐂𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞 – Calculates, collects, and remits local sales/VAT taxes. → 𝐑𝐢𝐬𝐤 & 𝐂𝐡𝐚𝐫𝐠𝐞𝐛𝐚𝐜𝐤 𝐌𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭 – Absorbs liability for fraud, disputes, and regulatory breaches. → 𝐏𝐫𝐨𝐝𝐮𝐜𝐭 𝐃𝐞𝐥𝐢𝐯𝐞𝐫𝐲 – Ensures fulfillment obligations are tied to the MoR entity. → 𝐑𝐞𝐜𝐨𝐧𝐜𝐢𝐥𝐢𝐚𝐭𝐢𝐨𝐧 – Consolidates fees, FX, and payouts into a simplified structure for the seller. — 𝐓𝐲𝐩𝐞𝐬 𝐨𝐟 𝐌𝐨𝐑 𝐏𝐫𝐨𝐯𝐢𝐝𝐞𝐫𝐬: 𝐅𝐮𝐥𝐥-𝐒𝐞𝐫𝐯𝐢𝐜𝐞 𝐏𝐚𝐲𝐦𝐞𝐧𝐭 𝐏𝐫𝐨𝐯𝐢𝐝𝐞𝐫𝐬 – Solidgate, Paddle, Stripe Atlas 𝐌𝐚𝐫𝐤𝐞𝐭𝐩𝐥𝐚𝐜𝐞 & 𝐏𝐥𝐚𝐭𝐟𝐨𝐫𝐦 𝐌𝐨𝐝𝐞𝐥𝐬 – App stores (Apple App Store, Google Play) or eCommerce Platforms (Amazon, Shopify, Apple). — 𝐃𝐨𝐰𝐧𝐬𝐢𝐝𝐞𝐬 𝐨𝐟 𝐌𝐨𝐑: ⚠️ Reduced control over direct customer relationships. ⚠️ Dependency on the MoR for revenue collection and reconciliation. ⚠️ Potentially higher fees due to bundled compliance, risk, and tax services. — 𝐖𝐡𝐞𝐧 𝐢𝐬 𝐌𝐨𝐑 𝐍𝐞𝐞𝐝𝐞𝐝? → Digital platforms entering new geographies with strict tax & compliance requirements. → SaaS companies selling subscriptions globally without establishing local entities. → Marketplaces or gig platforms processing payments on behalf of thousands of sellers. As global commerce accelerates, Merchant of Record models are becoming essential enablers for cross-border scale, handling quietly the heavy lift of payments, compliance, and risk. — Source: Solidgate ► Subscribe to 𝐓𝐡𝐞 𝐏𝐚𝐲𝐦𝐞𝐧𝐭𝐬 𝐁𝐫𝐞𝐰𝐬 ☕: https://lnkd.in/g5cDhnjC ► Connecting the dots in payments... | Marcel van Oost