The EU’s Directive on Administrative Cooperation (DAC8) and the OECD's Crypto-Asset Reporting Framework (CARF) form a coordinated, global response to ensure tax transparency, traceability and effective compliance in crypto-asset activities.
From 1 January 2026, Reporting Crypto-Asset Service Providers (RCASPs) will be required to conduct due diligence procedures on customers and collect information to be shared with tax authorities in their jurisdiction. The tax authorities will then exchange this information with tax authorities in other jurisdictions where the users are tax resident.
RCASPs with connections to EU jurisdictions are subject to reporting obligations under DAC8. For RCASPs connected only to non-EU jurisdictions, reporting obligations apply if the relevant jurisdiction has adopted CARF. EU rules intentionally align with CARF to minimise burden and maximise consistency.
Danish Implementation of DAC8 and CARF
Denmark is taking an ambitious approach by implementing both DAC8 and CARF. Both are expected to enter into force on 1 January 2026. Denmark has set a national reporting deadline of 31 January following the calendar year, with first reports due 31 January 2027 for 2026 activity. From a Danish perspective, it is not expected that many RCASPs will have a reporting obligation in Denmark. This is primarily because RCASPs, for regulatory and tax reasons, tend to establish themselves in other jurisdictions. From a tax advisors´ perspective, the focus should instead be on the users of RCASP platforms, as these users will have detailed information about their crypto-asset transactions shared with the tax authorities in the jurisdiction(s) where they are tax resident.
Who is subject to registration and reporting obligations?
In the EU, RCASPs include both MiCA-authorised crypto-asset service providers and crypto-asset operators that are not authorised under MiCA, if they effectuate exchange transactions for or on behalf of reportable users. RCASPs are subject to DAC8 obligations in an EU Member State if they are MiCA-authorised or notified there, or (if not MiCA-authorised) where they are tax resident, incorporated or organised and have legal personality or a tax filing obligation, are managed from, or have a regular place of business. They are also in scope in a Member State for transactions conducted through a branch located there. Where an RCASP has nexus to multiple jurisdictions, DAC8 provides relief from duplicate reporting through a hierarchical framework. Importantly, if an RCASP reports equivalent information in a qualifying non-EU jurisdiction under an effective competent authority agreement, it need not report again to the EU Member State. CARF similarly designates RCASPs and sets nexus criteria to ensure alignment between EU and global reporting frameworks.
What obligations do RCASPs have?
RCASPs face two primary obligations: due diligence and reporting.
- Due diligence: RCASPs must obtain self-certifications at onboarding (and by 1 January 2027 for pre-existing users) to determine tax residence and confirm reasonableness against customer due diligence and anti-money laundering data. Self-certifications must include name, address, tax residence(s), tax identification number(s), and for individuals date of birth. For entity users, RCASPs must identify controlling persons, relying on AML data where consistent with Anti-Money Laundering Directive rules. If a user fails to provide required information after two reminders and at least 60 days, the RCASP must block the user from performing reportable transactions.
- Reporting: RCASPs must annually report identification data for each reportable user: name, address, Member State(s) of residence, TIN(s), and for individuals date and place of birth. For entities with reportable controlling persons, the entity's details and each controlling person's identification must be reported.
Transaction data must be reported on an aggregated basis per type of reportable crypto-asset across categories: acquisitions and disposals versus fiat currency; acquisitions and disposals versus other crypto-assets; reportable retail payment transactions (exceeding USD 50,000); other transfers; and transfers to external addresses not known to be associated with virtual asset service providers or financial institutions. Fiat amounts are reported in the currency paid or received, and fair market value is reported in a single fiat currency with consistent valuation. First reports cover 2026 activity.
Sanctions for non-compliance: Penalties may apply where RCASPs fail to comply with due diligence and reporting obligations. RCASPs operating across multiple jurisdictions should be particularly aware that they may face sanctions in each territory where they fail to meet local implementation requirements.
However, it is important to note that some crypto platforms are so decentralized that there may ultimately be no physical person or legal entity to sanction. In such cases, the practical enforceability of DAC8 and CARF requirements become significantly limited, regardless of the severity of the prescribed penalties.
What should taxpayers be aware of regarding tax authorities' control of received data?
Taxpayers and their advisers should be aware of both the timing of information exchange under DAC8 and CARF, and the format in which data is shared. Under both DAC8 and the CARF Multilateral Competent Authority Agreement, tax authorities exchange information within nine months after year-end (i.e., by 30 September 2027 for 2026 data). Since the taxpayer's reporting deadline for taxable transactions for the previous income year will typically be before this exchange date determined by DAC8, DAC8 and CARF will primarily serve as control of the taxpayer, rather than an aid to report the correct taxable income. Tax treatment of crypto-assets varies by jurisdiction. In Denmark, crypto-assets are generally taxed according to a realization principle, though inventory taxation applies to stablecoins. RCASPs are obligated to share information in a specific data format. This aggregated reporting structure creates significant practical limitations for determining taxable income under the realization principle, as the data shared with tax authorities does not include individual transaction information. Therefore, in practice, the information exchanged under DAC8 and CARF serves primarily as a control mechanism to verify that taxpayers have reported crypto-asset activity, rather than as a tool that enables tax authorities to directly calculate the correct taxable income under the realization principle.
Tax calculation methodology from a Danish perspective and third-party platforms
In Denmark, taxable gains are calculated based on an assessment of each individual transaction, specifically gain calculations of the difference between the acquisition cost and the disposal amount. While the disposal amount is relatively straightforward to determine, it is typically the acquisition cost that presents challenges. Since most crypto-assets are fungible and individually unidentifiable, and actual acquisition costs cannot be determined unless holdings are segregated across separate wallets, Denmark applies the FIFO principle (first-in, first-out), whereby the earliest acquired crypto-asset of a given type is deemed disposed of first.
This methodology significantly complicates tax calculations, requiring extensive and sophisticated analyses in excel that are impractical to perform manually. Consequently, we typically utilize specialized third-party platforms such as Koinly.com, which can compute tax gains through CSV file uploads or direct API data extraction from trading platforms. These platforms automate the complex FIFO calculations and provide detailed transaction histories necessary for proper tax compliance. However, the Danish Tax Agency does not automatically accept reports from these platforms; therefore, such calculations should be regarded solely as supporting evidence to substantiate the correctness of a given tax calculation.
