Global Ecommerce Compliance Guidelines | Digital River

Take the Complexity out of Global Compliance

It’s no surprise that few companies tackle compliance obligations on their own. From data privacy laws and export rules to tax compliance, no two countries have the same regulations. And of course, the rules are constantly changing. Compliance requirements are some of the most complex obstacles you can face. We’re here to make sure you don’t have to do it alone.

Speak to a Compliance Expert
Global Seller Services Payments Tax Fraud Compliance

of revenue is what companies are expected to spend on compliance by 2022.

Compliance Certainty

Shield your business from risk and leverage Digital River’s 25+ years of global ecommerce experience and team of compliance experts around the world. Through our extensive local presence, we help you make sense of ever-changing local rules and regulatory requirements, wherever your business takes you.

Learn how to navigate compliance

Secure, Compliant Transactions

As the merchant of record, we strictly adhere to compliance requirements and regulations such as PSD2, GDPR and CCPA. We undergo rigorous external audits for PCI DSS, and SOC 1 & 2 compliance regulations ensuring our security, technology, and processes meet industry and legal requirements. We also track restricted products in your target markets and screen against government blocks and denied party lists. We’re here to keep you secure and compliant at all times.

Get up to speed with global regulations
PCI DSS

The Payment Card Industry (PCI) Data Security Standards (DSS) are compliance requirements set by the PCI Security Standards Council to protect cardholder data and reduce fraud. Digital River complies to the highest standards as a Level 1 Service Provider and Merchant.

The Payment Card Industry (PCI) Data Security Standards (DSS) are compliance requirements set by the PCI Security Standards Council to protect cardholder data and reduce fraud. Digital River complies to the highest standards as a Level 1 Service Provider and Merchant.

Attestation of Compliance
Digital River undergoes exhaustive third-party PCI Qualified Security Assessor (QSA) audits on an annual basis. These reviews are designed to thoroughly assess both our systems, and our processes, ensuring secure and compliant transaction processing. We welcome requests from customers and prospects alike for copies of the QSA Attestation of Compliance (AoC).

PCI DSS fines range from $5,000 to $100,00 per month and can also result in an ongoing increase in transaction fees.

Read More
SOC 1 & 2

Digital River ensures the security of sensitive customer data and their personally identifiable information through our alignment of the American Institute of Certified Public Accountants (AICPA) Service Organization Control (SOC) requirements. Our SOC 1 & 2 type 2 reports provide transparency and detail the stringent processes and controls we have in place protecting our clients.
PSD2

Payment Services Directive 2 (PSD2) regulates online payment services and providers in the European Economic Area (EEA). PSD2 aims to ensure consumer protection and promote a more open, competitive payments landscape. Digital River’s system is PSD2 compliant and leverages 3D Secure 2.0 to screen transactions and support each issuing bank’s strong customer authentication (SCA) prompts.
Read how PSD2 potentially impacts your ecommerce business
GDPR

The General Data Protection Regulation (GDPR) regulates the use of personal data, granting EU residents the right to exercise control over their information. At Digital River, we are committed to maintaining GDPR compliance on behalf of our clients.

Noncompliance can be costly, resulting in fines as a percentage of sales, or flat fines as high as $10 million.

CCPA

The California Consumer Privacy Act (CCPA) of 2018 is the most comprehensive data privacy law in the United States. This regulation empowers California consumers to choose how their data can and cannot be leveraged. Digital River undergoes comprehensive analysis documenting data flows and third-party transfers of data to ensure all processes are fully compliant.

Failure to comply with the CCPA can result in fines of $7,500 per violation and $750 per affected user.

PrivacyMark

PrivacyMark is a system governed by the Japan Institute for Promotion of Digital Economy and Community. It assesses private enterprises to ensure that they take appropriate measures to protect personal information. The system aims to increase awareness, protection, and trust for both consumers and business partners. Digital River has been certified by PrivacyMark for over ten years.
Digital River Privacy Policy

We are committed to earning and keeping your customers’ trust. We understand the importance of giving them control and ensuring they can exercise their rights over their own personal data. Our commitment to privacy, including processing and protecting personal data, is demonstrated in our privacy policy.

Ready for the ultimate ecommerce solution for global growth?

TALK TO SALES