European Union: European Board for Digital Services and European Commission released First report pursuant to Article 35(2) of the Digital Services Act on the most prominent and recurrent systemic risks as well as mitigation measures

On 18 November 2025, the European Board for Digital Services, in cooperation with the European Commission, released the first report pursuant to Article 35(2) of the Digital Services Act (DSA), identifying the most prominent and recurrent systemic risks in the Union and the Member States and outlining mitigation practices. The report explains that the DSA risk management framework in Articles 34 and 35 applies to providers of Very Large Online Platforms (VLOPs) and Very Large Online Search Engines (VLOSEs) with at least 45 million monthly active recipients in the Union, requiring them to diligently identify, analyse and assess systemic risks, including those related to illegal content, fundamental rights, civic discourse, electoral processes, public security, gender-based violence, public health, protection of minors, and physical and mental well-being. The report states that it was prepared using published risk assessment reports under Article 34, audit reports under Article 37, transparency outputs including Article 17 statements of reasons via the DSA Transparency Database, studies by Digital Services Coordinators and independent experts, and civil society submissions. It covers the reporting period from 17 February 2024 to 16 February 2025 and notes that nothing in the report constitutes compliance guidance or an assessment of providers’ adherence to the DSA.