How crypto companies in Europe can meet tax reporting requirements in 2026: a complete guide

European regulators have introduced major changes to tax reporting requirements for companies working with digital assets. GetBlock AML Research takes an in-depth look at the new rules and what crypto businesses need to do to remain compliant.

Key Takeaways

• As of January 1, 2026, the European Union officially implemented DAC8 reporting requirements, while the first international data exchanges under the OECD’s CARF framework are expected to begin between 2027 and 2028.
• Both frameworks require far more information than traditional customer onboarding and KYC procedures provide. Companies must now collect wallet-level transaction data, identify senders and recipients, and track asset movements across different blockchains.
• For Virtual Asset Service Providers (VASPs) operating in large, high-volume markets, compliance is particularly challenging. Peer-to-peer transactions and multi-chain activity create significant data gaps that must be addressed.
• To comply with the new standards, organizations will need a dedicated data infrastructure built around four core elements: wallet ownership identification, cross-chain transaction tracking, counterparty identification, and regulator-ready reporting.
• Compliance with DAC8 and CARF is now a legal requirement for crypto platforms operating in the EU or serving customers in OECD member countries. Reporting deadlines are approaching much faster than many compliance teams anticipated.

Collecting customer documents during onboarding is no longer enough. Platforms must now maintain comprehensive wallet-level transaction records, identify participants in cross-chain transfers, and provide structured data suitable for automated processing by tax authorities. Today, most platforms do not yet have this infrastructure in place.

What Changes for Crypto Platforms in 2026

DAC8 is the EU Directive 2023/2226 on administrative cooperation in taxation. It came into force on January 1, 2026, extending mandatory tax reporting obligations to Crypto-Asset Service Providers (CASPs) registered within the European Union.

Under the new rules, these companies must collect transaction data from their customers and submit annual reports to national tax authorities. The information is then automatically exchanged between participating jurisdictions through the OECD framework. CARF serves as the international foundation for this data-sharing process.

UK sanctions on HTX and A7: a step-by-step OFSI compliance guide

The A7 network, which British authorities say took in around $838 million after the shutdown of Garantex, has become one of the main targets of the new sanctions package. We look at why these restrictions could affect not only crypto exchanges, but also traditional financial institutions around the world.

Читать дальше

In 2026, the OECD began rolling out bilateral CARF agreements among participating countries. Most early adopters plan to begin exchanging data as soon as 2027.

By 2028, the reporting network is expected to cover the majority of OECD and G20 countries. Importantly, the scope of these requirements is broader than many market participants realize.

DAC8 and CARF apply to platforms that facilitate fiat-to-crypto exchanges, crypto-to-crypto trading, and digital asset transfers. Even transfers to users’ self-hosted wallets may fall within reporting obligations if they exceed specified thresholds.

For any company serving EU customers or operating in a CARF-participating jurisdiction, the reporting period officially began on January 1, 2026.

DAC8 vs. CARF: What’s Required and How They Differ

Both frameworks require nearly identical reporting datasets, but they differ in legal structure, geographic scope, and implementation timelines.

In practice, this means that a company registered in the EU while also operating in a CARF jurisdiction must maintain a unified reporting framework capable of satisfying both regimes simultaneously.

Reports must include details for every individual transaction, link those transactions to specific cryptocurrency wallets, and identify the counterparty involved.

How to handle suspicious transactions: A complete guide for crypto companies

FinCEN requires crypto companies to provide authorities with detailed information about suspicious activity — from wallet addresses to users’ IP data. Regulators are increasingly focusing not on the number of reports filed, but on the quality and investigative value of those reports.

Читать дальше

Where Most Platforms Run Into Problems

At first glance, the requirements may appear straightforward. The challenge becomes clear when companies assess the actual volume and complexity of data they must provide.

Most service providers can verify a customer’s identity during onboarding. Far fewer can deliver a complete transaction history for specific wallets, connect those transactions to counterparties across multiple blockchains, convert values into a common reporting currency, and automatically map everything back to individual users.

This challenge is especially evident in rapidly growing crypto markets.

For example, a 2026 study of Vietnam’s crypto market found that peer-to-peer USDT sales reached approximately $290 million. The activity involved 870 different sellers, while 92.5% of total volume flowed through a single major crypto exchange.

Vietnam is home to roughly 17 million cryptocurrency holders, and regulators are actively developing a national framework for digital asset oversight.

For platforms serving users in markets like these, counterparty data in P2P transactions is often incomplete, while tracking cross-chain transfers requires specialized analytics tools. These conditions create significant reporting gaps under both DAC8 and CARF.

The biggest U.S. crypto market reform. How the CLARITY Act will reshape compliance

For the first time, the new law makes blockchain analytics an officially mandatory tool of financial oversight in the United States. Authorities will also gain the power to restrict transactions with foreign crypto services tied to money-laundering risks.

Читать дальше

The three most common compliance challenges are:

1. Linking users to their wallets. Standard KYC data does not automatically reveal every wallet address controlled by a customer.
2. Tracking activity across multiple blockchains. If a user operates on Ethereum, Tron, and Bitcoin, transaction data must be collected and synchronized across all three networks.
3. Identifying transaction counterparties. Companies must determine whether a destination address belongs to another regulated platform or to an individual self-hosted wallet. This requires real-time wallet attribution and address intelligence systems.

Four Core Components of a Reporting Framework

To avoid additional scrutiny from regulators, reporting systems must meet several key requirements.

Verified Wallet Ownership Identification

Every cryptocurrency wallet linked to a customer must be associated with a specific individual or legal entity. This applies not only to the customer’s own wallets but also to wallets belonging to counterparties. At scale, this requires a continuously updated database covering exchanges, custodians, privacy-enhancing services, and other categories of market participants.

Crypto task force: how T3 FCU works and why it matters

International task force T3 FCU says it has frozen more than $450 million tied to crypto-related crime. Its investigations have involved kidnappings, terrorism financing, exchange hacks, and organized criminal networks.

Читать дальше

Cross-Chain Transaction History

The system must collect transaction data from every blockchain used by the customer. All values should be converted into a standardized USD equivalent and include timestamps, transaction IDs, and other details required for regulatory reporting.

Counterparty Identification

For every outgoing transfer, companies must determine whether the destination address belongs to a licensed service provider or a self-hosted wallet. This classification affects the amount and type of information that must be included in reports.

Reporting Must Be Fully Integrated

All data should be exportable in formats compatible with tax authority systems and internal risk-management tools. Automated integration between analytics platforms and reporting systems helps eliminate manual processing and reduces the risk of errors.

Five Steps to Prepare for DAC8 and CARF

Step 1: Determine which regulatory requirements apply to your business and identify all jurisdictions where reporting obligations exist.

Step 2: Assess what percentage of customers have cryptocurrency wallets linked to their KYC records. Any gap in wallet attribution becomes a reporting gap.

Step 3: Evaluate blockchain coverage. Make sure your monitoring systems support every network your customers use.

Step 4: Integrate counterparty identification into transaction monitoring workflows. Every transfer should be automatically classified as a licensed platform, a self-hosted wallet, or an unknown address.

Step 5: Test reporting processes before official filing deadlines arrive. Early testing helps identify data-quality issues and operational weaknesses in advance.

Frequently Asked Questions

How Can Crypto Service Providers Comply With DAC8 and CARF?

The first priority is building a robust data infrastructure. This should include wallet-level transaction histories, KYC-linked wallet attribution, coverage across all relevant blockchains, counterparty identification capabilities, and the ability to generate tax-compliant reports.

How cryptocurrency transactions are tracked in 2026: a real investigation case

A cryptocurrency transaction became the key lead in an investigation that resulted in the arrest of a daycare worker. Here’s how law enforcement agencies are working with digital assets in 2026.

Читать дальше

What Is the Difference Between DAC8 and CARF?

DAC8 is a European Union directive requiring registered companies to report cryptocurrency transaction data to national tax authorities.

CARF, by contrast, is an OECD-developed international framework that governs how this information is exchanged between countries. In practice, both systems rely on largely the same underlying dataset.

Who Must Report Under DAC8?

The rules apply to all EU-registered service providers that facilitate fiat-to-crypto exchanges, crypto-to-crypto trading, or digital asset transfers, including transfers to self-hosted wallets above specified reporting thresholds. The determining factor is where the company is registered, not the nationality of its customers.

What Information Must Be Reported to Tax Authorities?

Reports must include customer identification details such as name, address, tax identification number, and date of birth. Companies must also provide information about associated cryptocurrency wallets, transaction types, annual aggregate transaction values, and transfer counterparties. All amounts must be reported in USD-equivalent terms.

When Is the First DAC8 Report Due?

DAC8 applies to data covering the entire 2026 calendar year. Most EU member states are expected to begin accepting the first reports in mid-2027, although exact deadlines will vary by jurisdiction.

For that reason, 2026 should be treated as the first full reporting period, and compliance preparation should already be underway. The first international CARF data exchanges among early-adopting countries are expected to begin during 2027–2028.