Affiliate Marketing Regulation: What’s Changing and Why It Matters

ByKeith Lacy
What Has the FTC Actually Changed on Affiliate Disclosure?What Is the UK Regulatory Position on Affiliate Disclosure?How Does the EU’s Digital Services Act Affect Affiliate Marketing?What Does This Mean for Brands Running Affiliate Programmes?What Does This Mean for Publishers and Content Creators?Where Are the Biggest Compliance Gaps Right Now?How Should Affiliate Programme Managers Respond?What Is Likely to Change Next?

Get sharp marketing thinking, weekly

No fluff. Just clear, commercially grounded insights.

Affiliate marketing regulation is tightening across multiple jurisdictions, and the pace of change accelerated sharply through 2024 and into 2025. The FTC in the United States updated its endorsement guidelines, the UK’s ASA and CMA have sharpened their enforcement posture on undisclosed affiliate relationships, and the EU’s Digital Services Act is creating new compliance obligations that touch partnership marketing directly. If you run affiliate programmes or publish affiliate content at scale, the regulatory landscape you operated in three years ago no longer exists.

Key Takeaways

  • The FTC’s updated endorsement guides now require clearer, more prominent disclosure of material connections, including affiliate relationships, with less tolerance for buried or ambiguous language.
  • UK regulators have moved from guidance to enforcement, with the CMA and ASA both issuing formal actions against publishers and brands for inadequate affiliate disclosure.
  • The EU’s Digital Services Act introduces platform-level obligations that affect how affiliate content is distributed and moderated at scale.
  • Compliance is not just a legal issue: undisclosed affiliate relationships erode audience trust in ways that compound over time and are difficult to recover from.
  • Brands running affiliate programmes carry regulatory exposure from their publishers’ behaviour, not just their own, making publisher vetting and contractual compliance clauses non-negotiable.

In This Article

  1. What Has the FTC Actually Changed on Affiliate Disclosure?
  2. What Is the UK Regulatory Position on Affiliate Disclosure?
  3. How Does the EU’s Digital Services Act Affect Affiliate Marketing?
  4. What Does This Mean for Brands Running Affiliate Programmes?
  5. What Does This Mean for Publishers and Content Creators?
  6. Where Are the Biggest Compliance Gaps Right Now?
  7. How Should Affiliate Programme Managers Respond?
  8. What Is Likely to Change Next?

I want to be straightforward about what this article is and is not. It is not legal advice. If you are making compliance decisions for a large affiliate programme, you need a solicitor or attorney who specialises in advertising law. What this article does is give you a commercially grounded read on what is changing, why it matters to marketers specifically, and where the practical risks sit for brands and publishers. I have spent twenty years in agency leadership managing performance marketing at scale, and the affiliate compliance conversation has shifted from a footnote in programme terms to something that sits in board-level risk discussions. That shift is worth understanding clearly.

What Has the FTC Actually Changed on Affiliate Disclosure?

The Federal Trade Commission revised its Guides Concerning the Use of Endorsements and Testimonials in Advertising in June 2023, with the changes coming into full effect that same year. The revisions are more significant than the muted industry reaction suggested at the time.

The core obligation has not changed: if there is a material connection between an endorser and a brand, that connection must be disclosed. What has changed is the FTC’s explicit guidance on what counts as adequate disclosure and where it needs to appear. The previous version of the guides was written in an era when most affiliate content lived on desktop web pages. The updated version directly addresses social media, video content, and live streaming, which reflects where affiliate marketing actually operates now.

The FTC is now explicit that disclosures must be placed where consumers are likely to notice them. A disclosure buried in a description box below a YouTube video, or in a string of hashtags at the end of an Instagram caption, does not meet the standard. The disclosure needs to be prominent, unambiguous, and placed before the affiliate link or recommendation, not after it.

There is also a meaningful change around the treatment of programmatic and AI-generated content. The FTC has indicated that the automated nature of content production does not remove the disclosure obligation. If an AI tool generates affiliate content on your behalf, the material connection still exists and must be disclosed. This is a gap that a number of content-at-scale publishers have been quietly hoping would stay ambiguous. It is not ambiguous.

For brands running affiliate programmes, the FTC guidance creates a direct exposure point. The guides make clear that advertisers can be liable for endorsements made by their affiliates if they knew or should have known that the endorsements were deceptive. That phrase, “should have known,” is doing a lot of work. It means that having programme terms that require disclosure is not sufficient protection if you are not actively monitoring publisher compliance.

Affiliate marketing sits within the broader partnership marketing ecosystem, and if you want to understand how these regulatory pressures interact with programme design and partner relationships more generally, the partnership marketing hub covers the strategic and structural dimensions in more depth.

What Is the UK Regulatory Position on Affiliate Disclosure?

The UK operates under a different framework from the US, but the direction of travel is similar. The Advertising Standards Authority handles complaints about advertising content, while the Competition and Markets Authority has broader powers to investigate commercial practices that may mislead consumers. Both have become more active on affiliate marketing specifically.

The ASA’s position on affiliate disclosure has been clear for some time: if content is paid for or incentivised, it must be labelled as advertising. The enforcement question was always how aggressively the ASA would pursue cases. That question has been answered. High-profile cases involving influencers with undisclosed affiliate relationships have resulted in formal rulings, naming individuals and brands, and those rulings are publicly searchable. The reputational cost of an ASA ruling is often more significant than any direct financial penalty, particularly for brands with strong consumer recognition.

The CMA’s interest sits slightly differently. Its focus has been on practices that distort consumer decision-making, including fake reviews, undisclosed incentives, and affiliate arrangements that influence editorial content without disclosure. The CMA has powers to require undertakings from businesses and to seek court orders, and it has used those powers in the digital commerce space. Affiliate marketing is explicitly within scope.

What I find interesting about the UK regulatory posture is that it has moved faster than most brands expected. I spent several years running agency relationships with major UK retailers, and the standard approach to affiliate compliance was to put disclosure requirements in the publisher agreement and assume that was sufficient. That assumption is now demonstrably wrong. The CMA’s guidance makes clear that brands are expected to take reasonable steps to ensure their affiliate publishers are complying, not simply to contractually require it.

The practical implication is that affiliate programme management needs to include active monitoring of publisher content, not just onboarding checks. That is a meaningful operational shift for programmes running hundreds or thousands of publishers.

How Does the EU’s Digital Services Act Affect Affiliate Marketing?

The Digital Services Act came into force across the EU in 2024, with obligations phased in based on platform size. Its primary focus is on very large online platforms, but its effects ripple through the affiliate ecosystem in ways that are not always immediately obvious.

The DSA requires platforms to provide users with greater transparency about how content is recommended and monetised. For affiliate marketers operating through platforms that fall under DSA scope, this creates new obligations around how affiliate content is labelled and how recommendation systems interact with monetised content. Publishers who rely on algorithmic distribution through major platforms need to understand that those platforms are now operating under stricter transparency requirements, and that some of the practices that previously drove affiliate traffic may be constrained.

The DSA also strengthens requirements around advertising transparency, including the obligation for platforms to maintain accessible records of advertising content. While this is primarily a platform obligation rather than a publisher obligation, it creates a paper trail that regulators can use when investigating undisclosed affiliate arrangements.

For brands running affiliate programmes with European publishers or targeting European consumers, the DSA adds a layer of compliance consideration that sits on top of existing national advertising standards. The interaction between the DSA and national frameworks is still being worked out in practice, but the general direction is toward more transparency and more accountability, not less.

What Does This Mean for Brands Running Affiliate Programmes?

There is a version of this conversation that treats regulatory compliance as a cost centre and a constraint. I do not find that framing useful. The more commercially grounded way to think about it is that the regulatory direction reflects something real about consumer expectations, and brands that get ahead of it will be in a stronger position than those that treat compliance as a minimum threshold to clear.

When I was running agency operations and managing large affiliate programmes for clients, the disclosure question was often treated as a publisher problem. The brand would put the requirement in the terms, the network would nominally enforce it, and the brand would consider the matter handled. What that approach missed is that consumers do not distinguish between a publisher’s failure to disclose and a brand’s failure to require disclosure. If a consumer feels misled by an affiliate recommendation, the brand takes the reputational hit, not the publisher.

The practical steps for brands are not complicated, but they do require genuine operational commitment. Publisher vetting at onboarding should include a review of existing content to assess whether the publisher has a track record of appropriate disclosure. Programme terms should be specific and unambiguous about what disclosure looks like, not just that disclosure is required. And there should be a monitoring process that samples publisher content on an ongoing basis, with a clear escalation path for non-compliance.

Tools like those covered in SEMrush’s affiliate marketing tools overview can help with monitoring publisher content at scale, though they are not a substitute for human review of the publishers that matter most to your programme. The 80/20 principle applies here: a relatively small number of publishers will generate the majority of your revenue and the majority of your compliance exposure.

Contractual compliance clauses also need to be enforceable in practice, not just on paper. That means having clear termination rights for non-compliance and actually using them. A programme that never terminates a publisher for disclosure failures sends a clear signal about how seriously the requirement is taken.

What Does This Mean for Publishers and Content Creators?

For publishers, the regulatory environment is creating a more level playing field in one important respect: publishers who have always disclosed their affiliate relationships properly are no longer competing on equal terms with those who have not. Enforcement creates consequences for the latter group, which benefits the former.

The practical disclosure requirements are not onerous if you build them into your content production process from the start. The difficulty arises when publishers have large archives of content that predate current disclosure standards. Retroactively auditing and updating that content is a real operational task, but it is one that regulators expect to see evidence of effort on.

There is also a trust dimension that I think gets underweighted in purely compliance-focused discussions. Audiences are more sophisticated than they were a decade ago. They understand that publishers make money through affiliate relationships, and most are not troubled by that if the content is genuinely useful and the relationship is disclosed. What erodes trust is the sense of being manipulated, of recommendations that are shaped by financial incentives that were not disclosed. Transparent disclosure, done well, does not undermine credibility. It can actually reinforce it.

Platforms like Later have written about how affiliate marketing works for content creators, and the Later affiliate marketing resource gives a useful practical perspective on how disclosure fits into content strategy rather than working against it. Similarly, Moz’s approach to their own affiliate programme illustrates how a software brand thinks about publisher relationships and the expectations they set.

For publishers operating across multiple jurisdictions, the compliance picture is genuinely complex. The FTC rules apply to US-based publishers and to content targeting US consumers regardless of where the publisher is based. UK rules apply to content targeting UK consumers. The DSA applies to platforms operating in the EU. A publisher with a global audience is, in practice, subject to the most stringent applicable standard across all of those frameworks.

Where Are the Biggest Compliance Gaps Right Now?

Based on what regulators have been focusing enforcement activity on, there are a few areas where the gap between what is required and what is happening in practice is most pronounced.

Video content is one. The volume of affiliate marketing that now happens through YouTube, TikTok, and Instagram Reels has outpaced the compliance infrastructure that publishers have in place. Verbal disclosures in video content need to be clear and prominent, not a quick mention at the end of a twenty-minute review. On-screen text disclosures need to be legible and sustained, not a brief flash that appears while the presenter is talking about something else.

AI-generated content is another. The economics of content production have shifted significantly with the availability of AI writing tools, and a number of publishers are operating at content volumes that would have been impossible two years ago. The regulatory position is clear: the automated nature of production does not remove the disclosure obligation. But the operational reality is that many publishers running AI content pipelines have not built disclosure into those pipelines consistently.

Comparison and review sites represent a third area. These sites often have affiliate relationships with multiple brands in the same category and present themselves as objective comparison resources. The disclosure requirements here are particularly important because the entire value proposition of the site rests on the perception of objectivity. Regulators in both the US and UK have been paying close attention to this category.

The CrazyEgg guide to affiliate marketing covers the structural basics of how affiliate businesses are set up, and it is worth reading alongside the compliance considerations because the two need to be designed together, not treated as separate workstreams.

Forrester’s research on channel partner relationships, including their analysis of how partner programmes are perceived, is relevant context here because it highlights how differently brands and partners often view the same relationship. That perception gap is exactly where compliance failures tend to occur: brands assume publishers understand the requirements, publishers assume brands are not monitoring closely.

How Should Affiliate Programme Managers Respond?

The practical response to a more active regulatory environment is not to panic and not to do nothing. It is to build compliance into programme operations in a way that is proportionate to the scale and risk profile of the programme.

For large programmes with hundreds of publishers, that means investing in monitoring infrastructure, whether that is through network-level tools, third-party compliance services, or internal resource. It means updating programme terms to reflect current regulatory requirements specifically, not just generically. And it means having a documented process for handling non-compliance, so that if a regulator ever asks what steps you took, you can show them.

For smaller programmes, the proportionate response is simpler but still requires genuine attention. Know your publishers. Review their content periodically. Make sure your terms are clear. And when you find a publisher who is not disclosing properly, treat it as a genuine compliance issue rather than an administrative inconvenience.

One thing I have observed across years of managing agency relationships with brands is that the companies that handle regulatory change best are the ones that do not wait for enforcement to motivate action. When the FTC issued its original endorsement guides, the brands that took them seriously early were in a much stronger position when enforcement activity increased. The same pattern is likely to play out with the current round of regulatory updates.

The Wistia partner programme is an interesting case study in how software companies are thinking about partner relationships with more structure and accountability built in from the start. Their agency partner programme documentation reflects a more considered approach to what partners are expected to do and how the relationship is governed. That kind of structural thinking is increasingly what regulators expect to see from brands running affiliate programmes at scale.

The regulatory changes in affiliate marketing are part of a broader set of shifts in how partnership marketing is being structured and governed. If you are thinking about how affiliate sits within a wider partner strategy, the partnership marketing hub covers the strategic framework for how different partnership types relate to each other and to broader commercial objectives.

What Is Likely to Change Next?

Predicting regulatory direction with precision is not something I would claim to do reliably. But the general trajectory is legible. Regulators in all major markets are moving toward greater transparency requirements, stronger platform accountability, and more active enforcement rather than guidance-only approaches. The affiliate marketing industry is not going to become less regulated. The question is how quickly the next set of changes arrives and what form they take.

AI-generated affiliate content is the area I watch most closely. The volume of content that can now be produced using AI tools means that the scale of potential disclosure failures has increased dramatically. Regulators are aware of this. The FTC has already signalled its position. It is reasonable to expect more specific guidance on AI-generated affiliate content in the next regulatory cycle.

There is also increasing regulatory interest in the data practices of affiliate networks and tracking technologies. As cookie-based tracking continues to be constrained by browser policy changes and privacy regulation, the technical infrastructure of affiliate marketing is changing. Some of those changes have compliance implications that sit alongside the disclosure obligations, particularly for programmes operating in the EU under GDPR.

The BCG analysis of value chain deconstruction in partnership contexts, including their work on alliance and joint venture structures, offers a useful strategic lens on how distribution relationships are being restructured more broadly. The affiliate model is one expression of a wider pattern of distributed commercial relationships, and the regulatory pressures on it reflect a broader societal expectation that commercial relationships should be transparent and accountable.

My honest assessment is that the affiliate marketing industry has benefited for a long time from regulatory attention that lagged behind commercial practice. That lag is closing. The programmes and publishers that have built compliance into their operations properly will find the new environment manageable. Those that have treated disclosure as optional or aspirational will face increasing pressure.

About the Author

Keith Lacy is a marketing strategist and former agency CEO with 20+ years of experience across agency leadership, performance marketing, and commercial strategy. He writes The Marketing Juice to cut through the noise and share what works.

Frequently Asked Questions

Do affiliate marketers need to disclose their relationships on every piece of content?
Yes, in all major regulatory frameworks, disclosure is required on each piece of content that contains affiliate links or affiliate-influenced recommendations. A general disclosure on an about page or in a site footer does not satisfy the requirement. The FTC, ASA, and EU regulators all require that the disclosure be clear and proximate to the content it relates to.
Can brands be held responsible for their affiliate publishers’ disclosure failures?
Yes. The FTC’s endorsement guides explicitly state that advertisers can be liable for endorsements made by their affiliates if they knew or should have known that the endorsements were deceptive or inadequately disclosed. Having disclosure requirements in programme terms is necessary but not sufficient. Brands are expected to take reasonable steps to monitor publisher compliance.
Does the FTC’s updated guidance apply to affiliate content on social media?
Yes. The 2023 updates to the FTC’s endorsement guides specifically address social media, video content, and live streaming. Disclosures must be placed where consumers are likely to notice them, which means before the affiliate link or recommendation, not buried in hashtags or description boxes below the fold.
How does the EU’s Digital Services Act affect affiliate marketing?
The DSA primarily creates obligations for very large online platforms, but it affects affiliate marketers indirectly through increased transparency requirements on how content is recommended and monetised. Publishers relying on algorithmic distribution through DSA-regulated platforms need to understand that those platforms are operating under stricter transparency requirements, which may affect how affiliate content is distributed and labelled.
Does AI-generated affiliate content still require disclosure?
Yes. The FTC has been explicit that the automated nature of content production does not remove the disclosure obligation. If an affiliate relationship exists and content promotes or recommends a product or service as a result of that relationship, disclosure is required regardless of whether the content was written by a human or generated by an AI tool.

Similar Posts