
If you run an ecommerce business from outside the European Union or if you sell to European customers from anywhere in the world a regulatory development that took effect on January 1, 2024 has almost certainly created new reporting obligations for the payment service providers handling your transactions, and potentially new visibility into your revenue for EU tax authorities that did not exist before.
CESOP the Central Electronic System of Payment Information is the European Union's new framework requiring payment service providers operating in the EU to collect, report, and share detailed transaction data with tax authorities across member states. It was designed specifically to close the tax gap created by cross-border ecommerce transactions that previously fell outside the visibility of national tax enforcement and it has fundamentally changed the information landscape that EU tax authorities now have access to when assessing the tax compliance of businesses selling to European customers.
For ecommerce operators and digital entrepreneurs living or operating outside the EU who sell to European consumers, CESOP creates a compliance reality that most have not yet fully assessed: your European transaction data is now being systematically collected and shared with tax authorities across 27 EU member states, and the threshold for triggering that reporting is lower than most business owners assume.
What Is CESOP and Why Was It Introduced?
CESOP stands for Central Electronic System of Payment Information. It is a European Union regulatory framework that came into force on January 1, 2024, requiring payment service providers operating within the EU to systematically collect and report detailed data on cross-border payment transactions to a centralized EU database accessible by tax authorities across all 27 member states.
The system was introduced as a direct response to a well-documented and growing problem: the explosion of cross-border ecommerce had created a significant and widening tax gap in the EU, with substantial revenue from digital transactions flowing to sellers outside national tax jurisdictions and remaining largely invisible to the tax authorities responsible for ensuring compliance. Traditional tax enforcement mechanisms were designed for a world of physical commerce and domestic transactions. They were simply not built to track the volume, velocity, and geographic dispersion of modern ecommerce payments at scale.
CESOP changes this by placing the reporting obligation on payment service providers rather than on individual merchants. Banks, payment processors, digital wallets, and other PSPs processing transactions into and within the EU are now required to collect detailed data on payees receiving more than 25 cross-border payments per calendar quarter and report that data to their national tax authority. That data is then shared with the CESOP central database and made accessible to tax authorities across the EU through a coordinated access framework.
The practical effect is significant. Tax authorities in France, Germany, Spain, Italy, and every other EU member state now have structured, systematic access to payment data that previously required individual investigation to obtain. For ecommerce operators selling to European customers from outside the EU, this means that revenue which was previously difficult for EU tax authorities to identify and quantify is now being reported automatically by the payment infrastructure processing those sales.
The introduction of CESOP represents the EU's most significant step toward closing the ecommerce tax gap since the introduction of the One Stop Shop VAT reporting system in 2021, and its compliance implications for ecommerce expats selling into European markets are substantial and immediate.
What Does CESOP Mean for Ecommerce Expats Specifically?
For ecommerce entrepreneurs living outside the EU who sell to European customers, CESOP represents a fundamental shift in the compliance landscape that most have not yet fully assessed. The system does not create new tax obligations directly but it creates the reporting infrastructure that makes existing obligations visible and enforceable in ways they were not before 2024.
The most important thing to understand is that CESOP's reporting obligations fall on payment service providers, not on merchants directly. Your PSP, payment gateway, or digital wallet is the entity required to report your transaction data to EU tax authorities. As a merchant, you have no direct CESOP filing obligation. But the data your PSP is now required to report about your EU sales creates a paper trail that EU tax authorities can and will use to assess whether your business has met its VAT and tax obligations in the markets where your customers are located.
For ecommerce expats specifically, the practical changes CESOP introduces are significant and immediate:
- Your EU transaction data is now systematically collected by every PSP processing your European sales and reported to national tax authorities
- The 25 cross-border payment threshold per quarter is lower than most ecommerce operators assume — approximately 100 EU transactions per year triggers reporting
- Tax authorities across all 27 EU member states now have coordinated access to your payment data through the centralized CESOP database
- Historical invisibility of cross-border ecommerce revenue to EU tax authorities has been structurally eliminated for businesses using compliant PSPs
- VAT compliance gaps that previously went undetected are now directly identifiable through CESOP payment data cross-referenced against VAT registration records
- Businesses selling digital products to EU consumers face particular scrutiny as digital services VAT obligations have been enforceable since 2015 and CESOP now provides the enforcement data infrastructure
- Non-EU based sellers are not exempt from CESOP's impact the reporting obligation applies to the PSP processing EU transactions, not to the merchant's location
- Revenue thresholds that trigger VAT registration obligations in individual EU member states are now far more likely to be identified and acted upon by tax authorities with access to CESOP data
The compliance implication is straightforward: if your business sells to EU customers and has not fully assessed its VAT obligations in those markets, CESOP has significantly increased the likelihood that any gaps will be identified.
What Are the Key CESOP Reporting Thresholds?
Understanding exactly where the CESOP reporting obligation is triggered is the most practically important piece of compliance knowledge for any ecommerce expat selling to European customers. The threshold is lower than most operators assume.
The 25 Cross-Border Payments Per Quarter Trigger
The CESOP reporting obligation is activated when a payment service provider identifies a single payee receiving more than 25 cross-border payments in a single calendar quarter. This threshold applies per PSP, per quarter, per payee meaning that a business receiving 26 payments from European customers in any three-month period triggers mandatory reporting by the PSP processing those transactions.
For most active ecommerce operators, this threshold is crossed within the first weeks of any quarter. At 25 payments per quarter across four quarters, the annual equivalent is approximately 100 European transactions a volume that even modestly active Shopify or digital product stores reach easily. There is no minimum revenue threshold. A business generating 26 transactions of any value in a quarter is reportable.
What Gets Reported
When the threshold is triggered, the PSP is required to report a detailed dataset that includes the payee's full identity, their IBAN or equivalent payment account identifier, the total amounts received, the dates and countries of origin of each payment, and the number of transactions. This data is transmitted to the national tax authority of the EU member state where the PSP operates, then shared with the centralized CESOP database and made accessible to anti-fraud agents across all 27 EU member states through the Eurofisc network.
The 10-Year Look-Back Risk
A development that most ecommerce expats have not yet registered amplifies the CESOP threshold significantly. Article 61 of the French Finance Act for 2025 extended the tax audit look-back period from three to ten years when authorities contest a foreign domiciliation. The implication is direct: every quarter of CESOP-reportable transactions accumulating in the database today can potentially be used as evidence in a tax assessment arriving as late as 2035.
Why InflowPay Changes the Equation Entirely?
This is precisely where InflowPay's Merchant of Record infrastructure addresses the CESOP exposure at its structural root. When InflowPay acts as the Merchant of Record for your European sales, it is InflowPay that receives and processes the European customer payments rather than your entity. The B2C payment flows that would otherwise appear in CESOP reports under your name are replaced by a single, clean B2B payout from InflowPay to your company. One contractual line. Fully documented. Legally defensible.
The CESOP trace that would otherwise accumulate against your entity quarter after quarter simply does not exist in this structure.





