EU’s DAC8 Rule: Crypto Platforms Start Tax Reporting

Crypto exchanges and other digital asset platforms serving European Union users are now legally required to collect detailed transaction data for tax reporting under a sweeping new transparency regime that took effect on Jan. 1, 2026.

The rules are based on Council Directive (EU) 2023/2226, commonly known as DAC8, which incorporates the OECD’s Crypto-Asset Reporting Framework (CARF) and an updated version of the Common Reporting Standard (CRS 2.0) into EU law. For the digital asset industry, the shift represents a significant expansion of global tax-reporting obligations.

Under the framework, crypto service providers must begin collecting transaction data for the entire 2026 reporting year. The first exchange of that information between tax authorities is scheduled for 2027.

Broad Scope for Crypto Intermediaries

The new rules apply to entities classified as Reporting Crypto-Asset Service Providers (RCASPs), a broad category that covers most intermediaries involved in crypto transactions.

That includes crypto exchanges, digital asset brokers, custodial wallet providers, financial institutions offering crypto services, and certain platforms facilitating decentralised finance transactions on behalf of users. Unlike earlier tax transparency regimes that focused on financial institutions, the new framework specifically targets the digital asset ecosystem.

Rather than reporting account balances at the end of a tax year, as required under the traditional Common Reporting Standard, CARF requires platforms to report aggregate transaction activity across the entire reporting period, broken down by asset type. Regulators say the approach is intended to prevent users from shifting assets between wallets before reporting deadlines.

Extraterritorial Reach

One of the most significant features of DAC8 is its global scope. While CARF will initially be implemented across 52 jurisdictions, including the United Kingdom, DAC8 extends reporting obligations to any crypto platform serving EU tax residents, regardless of where the company itself is based.

That means exchanges headquartered in jurisdictions that have not adopted CARF – including the United States – may still be required to report user data if EU residents trade on their platforms.

Industry analysts say this extraterritorial reach could force many global crypto firms to adapt their compliance systems even if their home jurisdictions do not impose similar requirements.

Operational Deadline Approaching

EU-based crypto service providers must have full reporting infrastructure, due diligence procedures and internal compliance controls in place by July 1, 2026, according to regulatory guidance. The requirement to begin collecting accurate user data started on Jan. 1.

As a result of the reporting period covers the entire 2026 calendar year, any missing or incomplete records cannot be reconstructed later when data submissions begin in 2027.

Compliance Tied to Licensing

The consequences for non-compliance extend beyond financial penalties. EU authorities can impose sanctions under minimum penalty thresholds, which in some cases may be calculated as a percentage of a company’s turnover.

Regulators may also suspend or revoke a firm’s MiCA passporting rights, which allow crypto companies licensed in one EU country to operate across the bloc. As a result, tax reporting obligations are increasingly becoming part of the broader regulatory framework governing digital asset platforms in Europe.

Stricter Onboarding Requirements

The rules also introduce strict customer due diligence requirements for crypto platforms. If a user fails to provide valid tax residency information after two reminders and within a 60-day window, the platform must block the customer from carrying out further transactions until the documentation is submitted.

This effectively introduces a “no valid certification, no service” rule for crypto platforms serving EU users.

From a TaxBit panel discussion, compliance specialist Dion Seymour had this to say on what happens when platforms fail to collect user self-certifications:

“If you don’t get the information on the self-certification, you have to stop having the engagement, you have to stop being able to do the transactions.”

For exchanges operating across multiple European markets, the reporting process may require submitting data to up to 27 national tax authorities.

DeFi Remains an Open Question

The treatment of decentralised finance platforms remains an unresolved area within the framework. Current guidance suggests that a DeFi protocol could fall under the reporting rules if there is evidence of control, supervision, or influence over user transactions – a concept drawn from existing financial crime guidelines. Determining when a platform meets that threshold could become a point of legal and regulatory debate as the framework is implemented.

Industry Preparing for First Reporting Cycle

Although tax authorities will not begin exchanging crypto transaction data until 2027, the operational burden has already begun for platforms that serve EU customers.

For many crypto companies, the challenge now is determining whether their data infrastructure and compliance processes can withstand regulatory scrutiny once the first reporting cycle begins.