AI Growth Hub
← AI Email & CRM

WhatsApp 2026 AI Policy: A Compliance Playbook for Cross-Border Merchants

WhatsApp Compliance Conversational AI

If your cross-border brand still routes AI replies through WhatsApp Business to customers in LATAM, Southeast Asia, or the EU, the rules changed under your feet this year. Meta shipped three separate moves in the first four months of 2026, and the combined effect is that any conversational AI layer on WhatsApp now sits inside a narrower compliance box. This article breaks down what each move means for an international ops team and gives you a checklist to run this week.

The biggest misconception I keep hearing is “we use GPT-4 through our BSP, not Meta AI, so we are fine.” That is exactly the integration the January policy targets. If your bot gets classified as a general-purpose AI product rather than a tool auxiliary to your core business, Meta will suspend the WABA, and restoring it takes 15 to 30 days. For brands that book repeat orders through WhatsApp, that outage is worse than losing an ad account.

What the January 15 policy actually bans

Meta did not ban AI on WhatsApp. It banned using WhatsApp as the front door for a general-purpose AI chat product. The operative language is auxiliary to the merchant’s core business, meaning the AI has to serve your commerce use case rather than be the product itself.

The clearest prohibited pattern is a SaaS team spinning up a WhatsApp number and marketing it as “chat with our ChatGPT clone.” That class of bot is gone as of January 15. A footwear brand running a bot that handles order status lookups, size recommendations, and product questions is still fine, even when the model underneath is Claude or GPT-4, as long as the conversational scope is narrow and anchored to commerce intent.

The gray zone is off-topic drift. A skincare brand’s bot gets asked about weather in São Paulo and answers helpfully. Does that count as general chit-chat? Meta has not drawn a bright line, but the enforcement pattern suggests that occasional drift is tolerated while a bot designed for open-ended conversation is not. The safe move is to lock the system prompt to your commerce domain and route anything off-topic to a human agent.

How the March 5 EU fee reshapes your BSP math

On March 5 Meta opened a carve-out for the EU antitrust regulator: rival AI chatbots are allowed on WhatsApp for EU users, but the AI provider pays Meta a per-message fee for routing through WhatsApp infrastructure. TechCrunch reported the policy without publishing exact pricing, but industry chatter puts it in the range of a few to low-double-digit dollars per thousand messages.

For a cross-border merchant this creates two problems. First, if your BSP has not signed the fee arrangement with Meta, your EU traffic may silently fail or get rate-limited. Second, even if the BSP is compliant, nothing prevents them from passing the fee through to you under a relabeled line item. The first thing to do this week is request a written statement from your BSP account manager describing their EU routing fee status and pricing.

BSPEU fee arrangementPass-through to merchantNotes
TwilioSignedPartially bundled, enterprise tier may add costReconcile invoices
InfobipSignedPer-message upliftPass-through clause in standard MSA
360dialogSignedSeparate EU price listRequires plan upgrade
HaptikIn negotiationNot yet disclosedHold off new EU deployments

Treat the table as a directional starting point. The authoritative source is your current contract and your account manager’s written confirmation.

Rebranding the bot for LATAM and SEA markets

In EU the compliance conversation is about money. In LATAM and SEA the conversation is about branding. Meta’s enforcement teams have been sampling WABA accounts in Brazil and Indonesia for bots that present themselves as third-party AI products rather than brand-owned assistants.

Concretely, if your bot opens with “Hi, I am ChatGPT powered by OpenAI” or answers “who are you” with “I am Claude,” that is a high-risk signal. The fix is a short brand rewrite. Rewrite the system prompt to force the bot to identify as your brand’s assistant and to never name the underlying model. Update the display name and avatar so the bot wears brand colors and the word Assistant. Redesign the welcome message so the first user turn is a clear statement of what the assistant can and cannot do.

A common mistake is to confuse brand-owned with human-pretending. LATAM and SEA users are fluent with AI customer service and tolerate it well, but they react badly when a bot tries to pass as a human. The right position is confident and branded: this is the Luma AI Assistant, it is an AI, it can help you with orders and product questions, and it will hand you to a human if you need anything else.

Human handoff is not optional in these markets. WhatsApp is often the only channel a customer will try. A dead end without a human escape hatch produces one-star reviews and direct reports to Meta, and repeated reports degrade the WABA quality rating.

The compliance checklist you can run this week

Every item below came from a real miss I have either seen or made since January 15. If you can tick them all off, you will not show up in this quarter’s enforcement sweep.

CheckDoneOwnerNotes
BSP provided written EU routing fee statementProcurementAttach to contract
Bot system prompt scoped to commerce intentEngineeringOff-topic routes to human
Bot name and avatar fully brandedBrandNo model names shown
Welcome message declares AI status and scopeOpsFirst turn
Human handoff SLA under 15 minutesCXOff-hours auto-ack
WABA backup account provisionedOpsSeparate BM
Template message library re-approvedOpsAvoid quality flags
Send frequency keeps quality rating greenOpsWeekly review
Customer consent copy updated for AILegalGDPR and LGPD
Monthly invoice reconciliation for EU feeFinanceFirst week each month

One more note on the WABA backup. Many merchants assume a single backup number is enough, but post-January enforcement looks at the whole Business Manager. If the primary WABA is flagged, every WABA under the same BM is reviewed. The robust setup is a backup WABA under a different BM, ideally under a different registered entity. The overhead is small and it preserves the current month’s order flow when something goes wrong.

What to prepare before Conversations 2026 in June

Meta’s April 15 announcement pointed to Conversations 2026 in London on June 3. The preview reads like an agentic commerce roadmap: custom bots, agentic operators spanning WhatsApp, Messenger, and Instagram Direct, AI product recommendations in testing, and business voice calling already live.

For a cross-border operator there is a short-term window and a long-term shift. Short term: if you clean up your compliance now, you will be in the first cohort with access to Meta’s native agent tooling after June. Long term: agentic tooling is likely to compress the space where third-party BSPs add value, which means the strategic position of Haptik, Twilio, and similar vendors is not settled.

My recommendation is to run two workstreams in parallel. Track one is the compliance checklist above, purely defensive, completed by end of May. Track two is a Cloud API direct integration pilot that does not tie every conversation to your current BSP. Whatever Meta ships in June, direct API access gives you the option to pivot without a painful BSP migration under time pressure.

One caveat before you act on anything here: everything above is based on publicly available information through April 23, 2026. Pricing, timelines, and enforcement details shift quickly, so confirm with your own legal counsel and BSP contact before making contractual changes.

References:

阅读本文中文版: WhatsApp 2026 AI 新政下,跨境商家怎么做合规?

Related Articles