It is reported that customs procedures differ significantly between ports and that there is no unified national customs authority. While the federal government has made some progress in modernising customs administration, many border crossings and regional ports continue to operate under localised systems, resulting in procedural delays and elevated transaction costs.

All businesses operating in Somalia must be registered either with the Federal Ministry of Commerce and Industry or with the competent authority of the relevant Federal Member State. Under Art. 7 of Law No. 001/2021 on the Regulation of Company Law, the Registrar of Companies issues each incorporated private or public company with a unique business licence number, which functions as a general business licence aligned with the licensed activity. Art. 9 further provides that companies engaged in activities subject to prior approval under other Somali laws may not commence operations until they obtain the necessary sectoral authorisations in addition to this general licence.
According to the online Company Registrar/eBusiness portal, this framework is implemented through specific licence categories, including a "Standard Goods Export" license (Dhoofinta Badeecadaha Caadiga ah) and a "Combined Import and Export" license (Soo-dejinta iyo Dhoofinta)

It is reported that electronic and electrical products, referred to collectively as radio and telecommunications terminal equipment (RTTE), require local testing to check the quality of standards before exporting to Somalia. The certification regulation outlines the procedures that manufacturers and importers must follow to ensure that their products are certified as safe for use or consumption in Somalia. The steps for this verification include physical inspection and testing.

Art. 29 of the Data Protection Act mandates that a data controller of significant importance must conduct a DPIA before commencing any processing activities that are likely to pose a high risk to the rights and freedoms of data subjects due to the nature, scope, context, or purposes of the processing. Additionally, the data controller is required to submit a data impact assessment report to the relevant authority prior to initiating the processing activities.

Art. 34 of the Data Protection Act stipulates that a data controller of significant importance must appoint a DPO who possesses expert knowledge of data protection laws and practices. The DPO is responsible for advising the data controller on its obligations under the Act, monitoring compliance with the Act and the data controller's related policies, and serving as the liaison with the Authority on matters concerning personal data processing. The DPO may either be an employee of the data controller or engaged through a service contract.

A basic legal framework on intermediary liability for copyright infringement is absent in Somalia's law and jurisprudence.

A basic legal framework on intermediary liability beyond copyright infringement is absent in Somalia's law and jurisprudence.

According to Art. 67 of the National Telecommunications Law of 2017, communication companies must register all existing and new SIM cards and telephone line holders to secure customers' ownership and personal rights. To fulfil this requirement, customers must present valid personal identification documents to contract mobile services.

The government of Somalia has reportedly enacted several restrictions on web content and digital platforms in recent years. In 2019, authorities temporarily blocked access to major social media platforms, including Facebook, Twitter, WhatsApp, and YouTube, for a period of five days during national high school examinations, with the stated aim of preventing cheating and the unauthorised circulation of exam materials. More recently, in August 2023, the Ministry of Communications and Technology instructed internet service providers to block access to a range of platforms and websites, including TikTok, Telegram, and the online gambling site 1xBet. As of 2024, these platforms remain inaccessible within the country. Furthermore, in February 2024, the National Intelligence and Security Agency (NISA) announced the shutdown of 14 websites allegedly operated by the extremist group al-Shabab, as part of broader counterterrorism measures.

The indicator "7.2.4 - Government Internet shut down in practice" of the V-Dem Dataset, which measures whether the government has the technical capacity to actively make internet service cease, thus interrupting domestic access to the internet or whether the government has decided to do so, has a score of 3 in Somalia for the year 2024. This corresponds to "Rarely but there have been a few occasions throughout the year when the government shut down domestic access to Internet."

According to Art. 4.3 of the Media Law, media activities may not be carried out without prior authorisation and registration from the Ministry of Information. Art. 1 defines “media” as the system through which information, knowledge, speeches, data and ideas are disseminated to society using visual, auditory or printed means, including websites.
Moreover, pursuant to Art. 7, all media entities – including internet companies, telecommunications operators and media organisations, whether already existing or newly established – must register with the Ministry of Information. Privately owned local and foreign media agencies are also required to pay an annual registration fee. Law No. 001/2021 - The Regulation of Company Law states that the fee for a specific license for "Internet and ICT services" and for "Website Newspaper" costs USD 300.

Art. 3.2 of the Unified Licensing Framework establishes the Applications and Services Provider (ASP) Licence for non-infrastructure-based service providers that offer services and applications to end users over the networks of Communications Infrastructure Providers. The services covered may include, inter alia, voice services, internet access, data services, mobile money services, IPTV and other value-added services.
The “Application and Service Provider (ASP) Licence” issued by the National Communications Authority of the Federal Republic of Somalia further clarifies the scope of this authorisation and sets out the requirements applicable to licensees, among other matters.

Somalia does not mandate accounting separation for operators with significant market power (SMP) in the telecom market. However, it is reported that operators are subject to an obligation of functional separation.

It is reported that there is a legal limit on the number of licenses, a minimum capital requirement to obtain a license and other licensing criteria. However, these restrictions are not found in the law. The licensing regime is regulated by the National Telecommunications Law of 2017 and the Unified Licensing Framework.

Somalia has not appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.