On 16 May 2023, the EU Member States operating through the Economic and Financial Affairs Council ("ECOFIN") reached political agreement on new tax transparency rules for all service providers facilitating transactions in crypto-assets for customers resident in the EU. These new reporting requirements on crypto-assets, e-money and central bank digital currencies ("CBDCs") will enter into force on 1 January 2026 through the EU DAC8 Directive.
DAC8 will introduce disclosure and reporting obligations on crypto-intermediaries who facilitate transactions by EU customers.
DAC8 is part of a series of EU tax measures (known as "DACs") which have been implemented over a period of time, originally by Directive 2011/16/EU (DAC) on administrative cooperation in the field of taxation. For example the well-known EU Tax Mandatory Disclosure Directive (covered by our update) was DAC6.
DAC8 will adapt the OECD Crypto-Asset Reporting Framework ("CARF") which establishes a set of model rules on the reporting and exchange of information on crypto-transactions, the G20 group of countries has yet to decide whether CARF will be a global minimum standard.
It will also add digital financial products such as CBDCs to the scope of reporting under the existing DAC framework to reflect the updated OECD Common Reporting Standard ("CRS").
Building a Digital Single Market
DAC8 will build on the EU's objective to promote global tax transparency in the digital market as it is expected to operate in conjunction with the existing EU Regulation of Markets in Crypto-Assets ("MiCA").
MiCA implements a dedicated regulatory framework for crypto-asset service providers ("CASPs") who intend to provide their services in the EU market. A single licensing regime will operate in which CASPs may be authorised by one Member State and then passport their services to users across other Member States.
In order to obtain authorisation, they will have to comply with a number of governance, operational and prudential requirements.
This is expected to lessen the administrative burden CASPs may face with the divergent approaches taken to regulation (outside of the harmonised Virtual Asset Service Provider regime under the Fifth Money Laundering Directive) by individual Member States.
MiCA will be directly applicable in Member States without need for domestic legislative action, ensuring that providers are subject to the same rules across the EU.
The Regulation was adopted by the Council of the EU on 16 May 2023 and it is due to be published in the Official Journal. It is expected to come into force by 31 December 2024.
Who are Reporting Crypto-Asset Providers?
The Directive will apply to entities referred to as Reporting Crypto-Asset Providers ("RCASP") which include MiCA regulated entities who are EU registered and a novel second category of intermediaries known as Crypto-Asset Operators
An 'operator' means any persons or businesses providing crypto-asset service not regulated by MiCA. This will generally cover any entities located in jurisdictions outside of the EU or an already regulated entity that provides crypto-products.
It should be noted that exemptions are made for 'Excluded Persons' which consist of stock exchange listed entities and their related entities, government entities, international organisations, central banks and financial institutions other than investment entities.
How are non-EU based operators covered within DAC8?
The proposed Directive will apply to intermediaries on the basis of whether they service any 'reportable users'. These are any individuals or entities that resident in a Member State who engage service providers to carry out crypto-asset transactions.
Reporting obligations will therefore apply irrespective of size and location of the intermediary.
If any crypto-exchanges or platforms located in non-EU jurisdictions receive business from EU customers, they will be deemed a 'RCASP' for the purposes of the Directive and will be required to file reports on EU users and any relevant transactions.
Which Member State will non-EU providers file reports to?
The proposed Directive directs that any non-EU intermediary with reportable users must comply with the single registration system.
This will involve operators registering with a Member State to file reports with before the start of each fiscal year by providing the following information:
(a) name;
(b) postal address;
(c) electronic addresses (including websites);
(d) any Tax Identification Number ("TIN") issued to them; and
(e) Member States where reportable users are resident.
The single registration system ensures a level playing field for EU and non-EU service providers as EU RCASPs will already be required to register under MiCA when it comes into force.
It should be noted that single registration and DAC8 reporting can be relieved for non-EU intermediaries if it can be determined that the home jurisdiction has implemented and enforced CARF or equivalent legislation. This is expected to prevent instances of dual reporting on reportable transactions.
What crypto-assets are covered?
Transactions involving 'Reportable Crypto-Assets', adopting the broad definition of 'crypto-assets' drawn by MiCA which includes Asset Referenced Tokens (ARTs), E-money Tokens and utility tokens are covered under DAC8.
It also extends to any crypto-asset for which the RCASP has adequately determined that it cannot be used for payment or investment purposes.
Non-fungible tokens ("NFTs") not regulated by MiCA could potentially be covered under DAC8 where they generate income or revenue.
Digital financial products such as CBDCs and e-money are excluded (provided that they are not used for payment or investment purposes) from the scope of 'reportable transactions' as they will be subject to banking regulation requirements and CRS reporting. This will operate to reduce duplicate reporting for financial institutions who may be considered RCASPs under the proposed Directive.
What will RCASPs be required to do under DAC8?
There are two main obligations imposed on RCASPs under the Directive:
(a) due diligence procedures; and
(b) reporting on relevant users and transactions.
The information collected on reportable users in due diligence procedures and transaction information will need to be reported to tax authorities where the RCASP is registered either under MiCA or the single registration requirement. The object of this is stated to be to provide authorities with the necessary information to effect fair taxation on any crypto-asset derived income or revenue.
Know Your Client for Crypto-Intermediaries
RCASPs will have to carry out due diligence procedures on both new and pre-existing customers which is done through verifying self-certification.
Users will be requested to provide the following information:
a) legal name;
b) legal address;
c) date of birth (for individual users and controlling persons);
d) tax resident Member State; and
e) TIN.
Additional considerations may apply for entity users when determining exemptions and the existence of, if any, controlling persons.
If any reportable users are identified then the RCASP will have to consider their responsibilities under DAC8.
If information is not provided after two reminders after the initial request and over 60 days have lapsed, the provider must prevent the user from performing any transactions. This requirement to 'freeze' a user's account goes further than the OECD CARF standards.
What will a reportable transaction involve?
DAC8 will only require reporting on reportable transactions which are exchange transactions or transfer of a reportable crypto-asset made by reportable users.
This can be generally interpreted to encompass any transaction of crypto-assets used for payment or investment purposes made by an EU resident user. Transactions can be domestic or cross-border but if it is not made by a reportable user then it is considered outside the scope of DAC8.
These requirements will apply in addition to regulatory due diligence obligations that CASPs have under MiCA or the Fifth Money Laundering Directive as applied in each Member State.
Reports on transactions will take place on an aggregated basis and will include some of the following information:
(a) the full name of the type of crypto-asset;
(b) number of units;
(c) gross amount paid and received;
(d) fair market value; and
(e) number of transactions.
EU Central Directory
Information on RCASPs, users and transactions received by Member States will be stored in an EU-wide Central Directory. The Commission has committed to developing the system by 31 December 2026 and it will be primarily accessible by Member State authorities to expand the automatic exchange of information systems in place under DAC.
Enforcement Measures
Penalties for non-compliant conduct will vary at national implementation as they are within the national discretion of Member States but they must be effective, proportionate and dissuasive.
The Compromise Text of the Directive agreed by ECOFIN is largely expected to be the final text for adoption by the Council of the EU.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
