The Crypto-Asset Reporting Framework (CARF) is a global tax transparency standard developed by the OECD. Its primary goal is to ensure the automatic exchange of information (AEOI) regarding crypto-assets between tax authorities to address the "visibility gap" where crypto-assets have historically operated outside traditional banking systems.
CARF is a standalone framework but complements the Common Reporting Standard (CRS) used by banks. It creates a standardized way for countries to share data on crypto transactions automatically, reducing tax evasion and increasing global transparency.
When Will CARF Apply?
Most jurisdictions will apply CARF from2026, with reporting beginning in 2027 (covering 2026 transactions). However, some countries may implement earlier or later depending on domestic legislation.
Who Must Report? (The RCASPs)
The reporting obligation falls on Reporting Crypto-Asset Service Providers (RCASPs), not individual users.
Definition of an RCASP
An RCASP is any individual or Entity that, as a business, provides a service effectuating Exchange Transactions for or on behalf of customers. This includes:
Centralized Exchanges: Platforms like Coinbase or Binance
Brokers and Dealers: Entities acting as counterparties or intermediaries.
Crypto ATM Operators: Kiosks permitting the exchange of crypto for fiat or other crypto.
DeFi Operators: Decentralized Finance platforms are included only if there is an identifiable entity or individual exercising "control or sufficient influence" over the platform (e.g., smart contract deployers or front-end operators).
Determining Where to Report
An RCASP must report to a jurisdiction if it has a "nexus" there. The hierarchy for determining nexus is
Tax Residence: The jurisdiction where the RCASP is resident for tax purpose
Incorporation/Organization: Where the Entity is incorporated or organized.
Place of Management: Where the Entity is managed.
Regular Place of Business: Where the RCASP has a regular place of business.
What Assets are Covered?
CARF applies to "Relevant Crypto-Assets," which covers a broad range of digital assets.
Included Assets
Cryptocurrencies: Bitcoin, Ethereum, and altcoins
Stablecoins
NFTs: Non-Fungible Tokens that are traded on marketplaces or used for payment/investment purposes.
Tokenized Assets: Real-world assets (RWAs) and wrapped tokens.
Excluded Assets
Central Bank Digital Currencies (CBDCs): These are treated as fiat currency and reported under CRS
Specified Electronic Money Products: Digital representations of fiat that are already covered by CRS.
Closed-Loop Tokens: Assets that cannot be used for payment or investment purposes (e.g., certain in-game tokens non-transferable outside the game).
Due Diligence: Identifying Users
RCASPs must perform due diligence to identify their Crypto-Asset Users and determine if they are Reportable Persons.
Data Collection Requirements
RCASPs must collect valid self-certifications from users.
For Individuals:
Full legal name
Residential address
Date of birth
Jurisdiction(s) of residence for tax purpose
Tax Identification Number (TIN).
For Entities
Legal name and address.
TIN and Jurisdiction of residenc
Controlling Persons: If the entity is not an Active Entity or Excluded Person, the RCASP must "look through" the entity to identify the natural persons who exercise control (Beneficial Owners).
Verification
RCASPs must confirm the "reasonableness" of the self-certification using information obtained during account opening, such as AML/KYC documentation (passports, proof of address).
What Information is Reported?
Unlike banking standards that focus on account balances, CARF focuses on transactions.
Transactional Data Points
RCASPs must report the following on an aggregate basis (summed up by asset type)
Crypto-to-Fiat Transactions: The total amount paid and received when converting crypto to government currency (e.g., BTC to USD).
Crypto-to-Crypto Transactions: The fair market value of trades between different digital assets (e.g., ETH to SOL).
Transfers: The fair market value of transfers to external wallet addresses (including self-custody/cold wallets). Note: RCASPs must collect and retain external wallet addresses associated with transfers for five years.
Note: RCASPs must collect and retain external wallet addresses associated with transfers for five years.
Retail Payments: Transfers of crypto for goods or services exceeding USD 50,000.
Valuation
All values must be reported in a single fiat currency. If a transaction is crypto-to-crypto, the RCASP must determine the fair market value at the time of the transaction.
Implementation Timeline
While specific dates depend on domestic legislation, the general global timeline is as follows:
Year
Event
2024
Final OECD rules published.
2025
Countries introduce or finalize CARF laws.
2026
Data collection begins. CASPs perform due diligence and track transactions.
2027
First exchange occurs. Reports covering 2026 transactions are exchanged between tax authorities.
Regional Variations:
European Union: Adopted via DAC8, applying to all 27 member states.
United States: Implementing a parallel regime via Form 1099-DA, with exchanges likely starting in 2028.
Implications for Users and Providers
For Individuals (Users):
End of Privacy: Tax authorities will know what you hold, where you hold it, and your complete history of disposals and swaps.
Retroactive Audits: Authorities may use AI to match CARF data received in 2027 against tax returns filed for 2024–2026.
Account Freezing: Failure to provide valid self-certification (tax residency info) may result in account freezes.
For Service Providers (RCASPs):
New Systems: RCASPs must build an IT frameworks to track crypto-to-crypto swaps and convert values to fiat in real-time.
Compliance: RCASPs must implement strict KYC/AML procedures and collect TINs early.
Penalties: Non-compliance can lead to fines, licensing issues, or criminal penalties.