Blog
JANUARY 7, 2026 • 5 MIN READ
🇪🇺 EU DAC8 Crypto-Asset Reporting Requirements Explained (2026 Guide)
Fiona Jelly,
Founder & CEO of Complyfirst
What is DAC8 in Simple Terms?
First, let’s breakdown what DAC8 in its simplest definition.
DAC8 is an EU law that requires crypto companies to report customer and transaction information to tax authorities.
That information is then shared automatically between EU countries so tax authorities can see how crypto is being used and taxed across borders.
In practice, this means:
- Crypto firms report data to their local tax authority
- Tax authorities share that data with other EU Member States
- Tax authorities gain visibility into cross-border crypto activity
The goal is straightforward: improve tax transparency and reduce underreporting involving crypto-assets.
TL;DR
- What it does: Introduces mandatory, annual tax reporting for crypto-asset activity involving EU tax residents.
- When it starts: Data collection from 1 January 2026. First reports for the 2026 calendar year are due by 30 September 2027, subject to domestic transposition
- Who it affects: Crypto platforms, including non EU firms, that serve EU users
- Why it matters: EU tax authorities gain structured, automated visibility into crypto activity across borders.
What DAC8 Means for EU Crypto Firms
The EU’s Directive on Administrative Cooperation 8 (DAC8) introduces a material change to how crypto asset activity is reported for tax purposes. From 1 January 2026, DAC8 extends the EU’s automatic exchange of information framework to crypto assets, bringing crypto asset service providers into a reporting regime that previously applied primarily to traditional financial institutions.
DAC8 is aligned with the OECD’s Crypto Asset Reporting Framework (CARF) and amendments to the Common Reporting Standard (CRS). Unlike those frameworks, DAC8 is binding EU law, with defined reporting formats, exchange mechanisms, and enforcement at Member State level.
Who DAC8 Applies to Beyond Crypto Firms
DAC8 primarily applies to Crypto Asset Service Providers. However, payment institutions and electronic money institutions are often indirectly affected where they support crypto activity.
This includes PIs and EMIs that:
- Provide accounts, safeguarding, or payment rails to crypto firms
- Support onboarding or customer due diligence for crypto related customers
- Operate group structures that include crypto entities
- Rely on crypto firms for customer or transaction data
Key Definitions and How They Relate
| Term | What it is and how it fits |
|---|---|
| OECD | The international body that sets global tax transparency standards. The OECD develops frameworks such as CARF and the Common Reporting Standard, which individual jurisdictions then implement through domestic law. |
| CARF | The OECD’s crypto asset reporting framework. CARF sets the global standard for how tax authorities collect and automatically exchange information on crypto-asset transactions. |
| DAC8 | The EU law that implements CARF in the European Union. DAC8 makes crypto asset reporting mandatory for EU linked firms and defines timelines, reporting formats, and exchange mechanisms. |
| CRS | The OECD standard for tax reporting on traditional financial accounts. CRS continues to apply to banks and certain digital money products, while DAC8 covers crypto assets specifically. Some firms will be subject to both. |
| Reporting Crypto Asset Service Provider (RCASP) | A crypto firm that must report under DAC8. This includes MiCA regulated Crypto Asset Service Providers and Crypto Asset Operators that are not MiCA regulated but have EU users. |
| Reportable Users | Customers of an RCASP who are resident in an EU Member State. These users trigger DAC8 reporting obligations regardless of where the firm is based. |
| Reportable Crypto Assets | Crypto assets within scope of DAC8, including most cryptocurrencies, certain stablecoins, and specified non fungible tokens used for payment or investment. |
| Reportable Transactions | Transactions must be reported under DAC8, including crypto to fiat exchanges, crypto to crypto exchanges, transfers of crypto assets, and qualifying retail payment transactions. |
| Reportable Retail Payment Transactions | Situations where crypto is used to pay for goods or services and the payment value exceeds US$50,000 or equivalent. Payments below this threshold are not reportable. This threshold applies only to payments for goods or services and does not apply to trading, exchanges, or transfers, which remain reportable regardless of amount. |
What Changes for Firms Under DAC8
DAC8 extends the EU’s automatic exchange of information regime to crypto assets. In practice, this moves crypto activity from fragmented national approaches into a harmonised EU wide reporting framework.
Responsibility moves from user self disclosure to firm led reporting, supported by formal due diligence, standardised XML submissions, and automatic information exchange between tax authorities.
| Before DAC8 | After DAC8 |
|---|---|
| No EU wide tax reporting obligation for crypto assets | Mandatory EU wide crypto asset tax reporting |
| Fragmented national approaches | Harmonised rules with automatic exchange between Member States |
| Limited tax data collection at onboarding | Formal due diligence including tax residence and TINs |
| Reporting driven largely by user self disclosure | Reporting driven by data supplied by firms |
| Inconsistent or manual reporting formats | Annual reporting using a standardised EU XML schema |
Who Must Comply with the EU’s DAC8
The EU’s DAC8 applies to firms that facilitate crypto asset transactions for users, including:
- Crypto exchanges (centralised or broker-based)
- Crypto brokers and dealers
- Custodial wallet providers
- Platforms facilitating transfers or exchanges of crypto-assets
DAC8 applies to both EU-based and non-EU firms.
A firm must comply if it:
- Is resident, authorised, or registered in an EU Member State, or
- Provides crypto services to EU tax residents users
In short, if a crypto firm has EU users, DAC8 is likely relevant.
Who is Not in Scope?
DAC8 generally does not apply to:
- Individuals transacting on their own behalf
- Businesses that do not facilitate crypto transactions for users
- Purely decentralised protocols with no service provider
What Information Must be Reported Under the DAC8 Directive?
Under DAC8 Directive, Reporting Crypto-Asset Service Providers must collect, report, and exchange the following information annually:
| Required Information | Details |
|---|---|
| Information about the firm | Legal name; Country of residence, authorisation, or registration; Licence or registration details |
| Information about users | Name and address; Date of birth; Tax Identification Number (TIN); Jurisdiction(s) of tax residence |
| Transaction information | Type of crypto-asset; Type of transaction (e.g. buy, sell, exchange, transfer); Transaction value |
Reports are submitted to the tax authority of the Member State where the firm is resident, authorised, or registered. Non-EU firms with EU tax resident users must register in one EU Member State for DAC8 purposes and submit their reports there.
How DAC8 Reporting Works in Practice
DAC8 EU reporting is deliberately centralised. Firms submit a single annual report to one tax authority. The EU manages the exchange of information between Member States. Firms do not file separate reports in multiple jurisdictions.
At a high level, the process is straightforward: collect the data, prepare it in the required XML format, submit it once, and respond to any follow up.
Step 1: Data collection
- Identify reportable users and transactions
- Collect required customer, tax residence, and transaction data in line with DAC8 definitions as part of customer onboarding and ongoing refresh
Step 2: Data validation and preparation
- Validate data for completeness and consistency
- Resolve missing or conflicting tax residence information
- Map internal data fields to DAC8 requirements
- Confirm data can be structured for XML reporting
Step 3: XML report creation
- Generate the report using the EU defined DAC8 XML schema • Apply required formatting and validation rules
Step 4: Submission to the local tax authority
- Submit a single report to the competent authority
- File in the Member State where the firm is resident, authorised, or registered
Step 5: Automatic exchange
- Local tax authority validates the submission
- Information is exchanged with other EU tax authorities
- Each authority receives data relevant to its own tax residents
Step 6: Follow up and corrections
- Respond to rejected or incomplete files
- Address questions from tax authorities
- Submit corrections where required
Where Firms Typically Underestimate DAC8
Firms most often struggle where:
- DAC8 requirements are not embedded into onboarding and refresh processes
- Tax residence and TIN data is inconsistent across systems
- XML generation cycles are underestimated
- Non EU firms assume they are out of scope because they are not MiCA authorised
Complyfirst Supports DAC8 XML Reporting
Complyfirst supports firms in turning DAC8 requirements into a automated, repeatable reporting process aligned with EU standards.
What We Deliver
- Data mapping from internal systems to DAC8 reporting fields
- XML-ready reporting workflows, aligned with EU schema requirements
- Built-in data validation and consistency checks to reduce reporting errors
- Clear review, sign-off, and version control processes
- Practical, 1:1 support to help teams prepare for DAC8 submissions
FAQ
Conclusion
DAC8 brings crypto-assets fully into the EU tax reporting framework. While the rules themselves are relatively clear, compliance in practice depends on data quality, reporting processes, and technical readiness, particularly around XML reporting.
For Crypto-Asset Service Providers, the key takeaway is timing. Early preparation makes it easier to avoid gaps, errors, and last-minute system changes.