Flagged for “serious compliance violations” – possible TAUX0 / third-party data mix-up?

Hello everyone,

I’m posting here to see if anyone has experienced something similar or has any guidance.

My company has been operating since 2006 as an IT/consulting firm. All members / staff are fully vetted, currently hold active government-level clearances with an impeccable record and we go through rigorous verification and clearance checks.

Recently, our Microsoft partner / CSP access was deactivated. The only explanation I receive from support is the standard message:

“Microsoft runs on trust… As a part of this commitment, we perform regular due diligence and vetting on all members of our partner network. In this case, our vetting revealed serious compliance violations attributable to your organization or with persons in a position of influence within your organization. We are unable to share further details.”

When I asked for a meeting, support created a ticket and sent me a link to schedule an appointment. I scheduled it, but the ticket was closed almost immediately. At the same time, I received the same boilerplate “serious compliance violations” message again, and no one joined the scheduled meeting. I was then told explicitly that the decision cannot be changed by opening a new support case.

From the outside, it looks like an internal “flag” has been set and front-line support can only paste that one response. I strongly suspect there may be a mistaken identity or bad third-party data involved. I see that the verification process uses AU10TIX and, from what I can tell, AU10TIX in turn relies on a data source called TAUX0 (or similar). When doing simple searches on my name/company, I see multiple entries for different entities that share similar names, some of those unrelated entities do have legal records. My concern is that these mixed records in TAUX0 (or related sources) have been combined and attributed to me/my company, even though we have no such history. I did contact AU10TIX, they said they will refer this to their R&D but "nothing they can do", I will have to contact Microsoft. 

My questions to the community:

1. Has anyone else had their partner/CSP access deactivated with the same “serious compliance violations” boilerplate and no details?
2. Was anyone able to get clarification or a remediation path, or is this truly final once the internal flag is set?
3. Does this type of enforcement affect only partner/CSP status, or can it also impact our ability to use Microsoft services as a customer?

I’m not looking to argue or threaten legal actions, so please no such suggestions. I simply want to understand the practical impact and whether there is any constructive way to correct an apparent misunderstanding caused by third-party data. We are a small business and heavily impacted by this, as we cannot renew our Partner benefit packages.  My hope is that, out of cases like this, Microsoft and AU10TIX can find a way to provide some guidance and a remediation path for small businesses, instead of leaving them in the dark with a generic “serious compliance violations” label and no explanation.

Thanks in advance for any insights or similar experiences you can share.