DAC8 (Directive on Administrative Cooperation 8) is the European Union directive that requires Reporting Crypto-Asset Service Providers (RCASPs) to collect and transmit crypto transaction data to their national tax authority for automatic exchange with other EU member states. DAC8 implements the OECD Crypto-Asset Reporting Framework (CARF) within the EU's existing tax transparency infrastructure.

When Does DAC8 Take Effect?

DAC8 was adopted by the EU Council on October 17, 2023. Member states must transpose the directive into national law by December 31, 2025. The first reporting period covers crypto transactions from January 1, 2026, with the first reports due to national tax authorities by January 31, 2027.

Which Businesses Must Comply with DAC8?

DAC8 applies to Reporting Crypto-Asset Service Providers (RCASPs) — any entity that, as a business, provides one or more of the following services: exchange of crypto-assets for fiat currency, exchange of crypto-assets for other crypto-assets, transfer of crypto-assets, and safekeeping or administration of crypto-assets. The definition covers centralized exchanges, custodians, brokers, and certain DeFi front-end operators.

What Data Must Be Reported Under DAC8?

RCASPs must report 4 categories of data per reportable user: user identification details (name, address, tax ID, date of birth), aggregate transaction values by type (crypto-to-fiat, crypto-to-crypto), number of transactions per type, and fair market value at the time of each transaction. Reports are submitted in a standardized XML schema defined by each member state's implementation.

DAC8 Crypto-Asset Reporting — EU Requirements for Businesses

DAC8 is the European Union directive that establishes mandatory crypto-asset transaction reporting for tax transparency purposes across all 27 EU member states. The directive requires Reporting Crypto-Asset Service Providers (RCASPs) to collect user identification data, calculate per-user transaction aggregates, and transmit structured reports to national tax authorities for automatic exchange — creating a comprehensive tax information network modeled on the OECD Crypto-Asset Reporting Framework (CARF). A crypto subledger provides the transaction-level data pipeline, fair market value timestamps, and automated aggregation engine that RCASPs require to generate accurate DAC8 reports at scale.

What Is DAC8 and Why Does It Matter for Crypto Businesses?

DAC8 (Directive on Administrative Cooperation, 8th amendment) is the EU directive that closes the crypto-asset tax information gap by requiring service providers to report transaction data to tax authorities. The European Commission estimated that EU member states lose approximately €2.4 billion annually in tax revenue from unreported crypto-asset transactions — a gap that DAC8 is designed to eliminate through mandatory automatic exchange of information.

The directive builds on the EU’s existing DAC framework, which already mandates automatic exchange for bank accounts (DAC2/CRS), cross-border tax rulings (DAC3), country-by-country reporting (DAC4), and beneficial ownership (DAC6). DAC8 extends this infrastructure to crypto-assets by creating a new reporting category for Reporting Crypto-Asset Service Providers (RCASPs).

DAC8 implements the Organisation for Economic Co-operation and Development (OECD) Crypto-Asset Reporting Framework (CARF) within EU law. The OECD published CARF in June 2023 as a global standard for crypto-asset tax reporting. The EU adopted DAC8 in October 2023 — 4 months after the OECD framework was finalized — making the EU one of the first jurisdictions to transpose CARF into binding legislation.

Which Organizations Qualify as Reporting Crypto-Asset Service Providers?

A Reporting Crypto-Asset Service Provider (RCASP) is any entity that, as a business, provides 1 or more of the following 4 crypto-asset services to EU-resident users:

Exchange of crypto-assets for fiat currency — Operating a platform or service that converts crypto-assets into EUR, USD, GBP, or other government-issued currencies
Exchange of crypto-assets for other crypto-assets — Facilitating trades between different crypto-asset types (BTC-to-ETH, token swaps, DEX aggregation)
Transfer of crypto-assets — Executing or facilitating the transfer of crypto-assets on behalf of users (payment processing, remittance)
Safekeeping and administration — Holding crypto-assets in custody or providing wallet administration services on behalf of users

The RCASP definition applies to centralized exchanges, institutional custodians, payment service providers, broker-dealers, and certain decentralized finance (DeFi) front-end operators with identifiable legal entities. Fully decentralized protocols without an identifiable service provider fall outside the RCASP definition — consistent with the MiCA approach to DeFi scope.

Nexus Rules

DAC8 applies to RCASPs based on 3 nexus criteria. An RCASP falls within scope when the entity is tax-resident in an EU member state, incorporated or managed in an EU member state, or has a regular place of business in an EU member state. RCASPs meeting any 1 of these 3 criteria are subject to reporting obligations regardless of the location of their users.

What Transactions Are Reportable Under DAC8?

DAC8 defines 3 categories of reportable transactions. Each category is reported separately with per-user aggregate calculations:

Crypto-to-Fiat Transactions

Reportable crypto-to-fiat transactions include every exchange of a crypto-asset for a fiat currency executed through or facilitated by the RCASP. The report includes the aggregate gross amount paid in fiat, the number of transactions, and the crypto-asset types involved. Gross amount reporting means fees are not deducted — the full fiat value exchanged is reported.

Crypto-to-Crypto Transactions

Reportable crypto-to-crypto transactions include every exchange of one crypto-asset type for another. The report includes the aggregate fair market value of the crypto-assets acquired, the number of transactions, and both crypto-asset types involved in each exchange. Fair market value is determined at the timestamp of each transaction.

Reportable Transfers

Transfers of crypto-assets above a €50,000 threshold (aggregate per user, per year) are reportable when the RCASP has reason to believe the transfer represents a sale or exchange of goods, services, or other crypto-assets. Internal transfers between wallets owned by the same user are excluded when the RCASP has sufficient information to identify the self-transfer.

The 3 reportable transaction categories cover the vast majority of crypto-asset activity processed through RCASPs. NFT transactions are included when the NFT meets the directive’s definition of a crypto-asset. E-money tokens and certain regulated financial instruments are excluded.

What User Identification and Due Diligence Requirements Apply?

RCASPs are required to collect and verify 5 categories of user identification data for every reportable user:

Full legal name — First name, last name, and any middle names
Residential address — Street address, city, postal code, and member state
Tax Identification Number (TIN) — The TIN issued by the user’s member state of tax residence, along with the member state that issued the TIN
Date of birth — Required for all individual (natural person) users
Entity identifiers — For legal entity users: registered name, legal entity identifier (LEI) if available, and jurisdiction of incorporation

Self-Certification and Verification

RCASPs are required to obtain a self-certification from each reportable user confirming the user’s tax residence and TIN. The self-certification is obtained at account opening for new users. Pre-existing users (accounts opened before the DAC8 reporting start date) are subject to remediation procedures — RCASPs are required to obtain self-certifications from pre-existing users within 12 months of the directive’s application date.

TIN validity is verified against the format and check-digit algorithms published by each member state’s tax authority. The European Commission maintains a TIN validation module that RCASPs use to verify TIN format compliance.

How Are DAC8 Reports Structured and Submitted?

DAC8 reports follow a standardized structure with per-user aggregation. The reporting workflow involves 5 sequential stages:

Data Collection

Record every reportable transaction with timestamp, transaction type, crypto-asset identifier, fiat or crypto amount, and fair market value at execution time.

User Aggregation

Aggregate transactions by reportable user across all 3 transaction categories — crypto-to-fiat, crypto-to-crypto, and reportable transfers — for the full reporting period.

Due Diligence Verification

Verify user identification data against self-certifications. Validate TIN formats. Flag accounts with missing or inconsistent identification data for remediation.

XML Generation

Generate the report in the XML schema specified by the national tax authority. The schema includes header elements (RCASP identification, reporting period) and per-user data elements (identification, transaction aggregates).

Submission to NCA

Submit the completed XML report to the national competent authority (NCA) by the filing deadline. The NCA then transmits relevant user data to other EU member states through the automatic exchange of information network.

Fair Market Value Determination

DAC8 requires fair market value at the timestamp of each reportable transaction. RCASPs determine fair market value using the price at which the transaction was executed on the platform. Transactions executed at a market price (limit orders, market orders) use the execution price as fair market value. Off-market transactions and OTC trades use the prevailing market price from an active trading venue at the transaction timestamp.

What Is the DAC8 Implementation Timeline?

June 2023

OECD CARF Published

The OECD published the Crypto-Asset Reporting Framework (CARF) as the global standard for crypto-asset tax transparency.

October 17, 2023

DAC8 Adopted

The EU Council adopted DAC8, transposing the OECD CARF into EU law as an amendment to the Directive on Administrative Cooperation.

December 31, 2025

Transposition Deadline

EU member states were required to transpose DAC8 into national law by this date, establishing national reporting schemas and submission procedures.

January 1, 2026

First Reporting Period Begins

RCASPs began collecting reportable transaction data and user identification details for the first DAC8 reporting period.

January 31, 2027

First Report Due

RCASPs must submit the first DAC8 report covering the January 1 – December 31, 2026 reporting period to their national tax authority.

September 30, 2027

First Automatic Exchange

National tax authorities exchange the reported information with other EU member states through the automatic exchange of information network.

Member state implementation varies. Certain member states adopted accelerated timelines, while others applied the maximum transposition period. RCASPs operating across multiple EU jurisdictions track member-state-specific requirements for submission format, filing portal, and penalty frameworks.

How Does DAC8 Relate to MiCA and the OECD CARF?

DAC8 and MiCA are complementary EU regulations that address different aspects of crypto-asset oversight. MiCA governs operational licensing — authorization, capital requirements, custody, and consumer protection for crypto-asset service providers. DAC8 governs tax transparency — transaction reporting, user identification, and automatic information exchange.

The regulatory connection between MiCA and DAC8 is direct. Organizations authorized as CASPs under MiCA are automatically classified as RCASPs under DAC8. The MiCA authorization process collects the organizational data (legal entity identification, management body, registered address) that DAC8 reporting requires. MiCA-authorized CASPs do not need a separate DAC8 registration — the CASP authorization creates the DAC8 reporting obligation by operation of law.

Global CARF Adoption Beyond the EU

The OECD CARF provides the template for crypto-asset tax reporting worldwide. Jurisdictions outside the EU are adopting CARF on independent timelines. The United Kingdom announced CARF implementation beginning in 2026. Switzerland is aligning national reporting requirements with CARF specifications. Canada, Singapore, and Australia have committed to CARF adoption through the OECD Inclusive Framework.

Organizations operating across the EU and non-EU jurisdictions face overlapping but not identical reporting requirements. DAC8 applies the CARF framework with EU-specific modifications — including the €50,000 transfer threshold, the TIN validation requirement, and the mandatory automatic exchange through the EU’s existing DAC infrastructure.

What Data Infrastructure Does DAC8 Compliance Require?

DAC8 compliance depends on 4 data infrastructure capabilities that span the full transaction lifecycle:

Transaction-level recording — Every reportable transaction requires a timestamp, transaction type classification, crypto-asset identifier, counterparty amount, and fair market value at execution. The data granularity required exceeds standard exchange trade logs — RCASPs need accounting-grade transaction records that include FMV determination methodology and user attribution.
User-level aggregation engine — Per-user aggregation across 3 transaction categories (crypto-to-fiat, crypto-to-crypto, transfers) requires linking every transaction to a verified user identity. The aggregation engine processes millions of transactions into per-user annual summaries while maintaining the underlying transaction detail for audit and remediation purposes.
XML report generation — The national tax authority XML schema defines the exact structure, data types, and validation rules for DAC8 reports. Report generation transforms the aggregated data into compliant XML documents, validates against the schema, and produces submission-ready files.
Reconciliation and audit trail — Reconciliation between reported aggregates and underlying transaction records provides the evidence trail that tax authorities and auditors require. Discrepancies between the DAC8 report and the organization’s financial records create compliance risk and audit findings.

Organizations that rely on manual data extraction, spreadsheet-based aggregation, or disconnected reporting systems face elevated compliance risk as transaction volumes scale. The DAC8 reporting infrastructure is designed for continuous operation — collecting and validating data throughout the reporting period rather than reconstructing transaction history at year-end.