Skip to content
Resources

Global CARF

DAC8 vs CARF

DAC8 is the EU crypto tax reporting directive; CARF is the OECD global standard behind automatic crypto-asset tax information exchange.

Updated

Short answer

DAC8 and CARF share the same core idea: crypto-asset service providers become tax-reporting intermediaries. They collect information about reportable users and crypto transactions, report it to tax authorities, and those authorities exchange the data.

The main difference is legal form. CARF is an OECD global standard. DAC8 is the European Union directive that implements a similar reporting logic inside EU law, in a specific legal order shaped by MiCA, EU data protection law and fundamental rights.

Key facts

TopicDAC8CARF
Full nameDirective (EU) 2023/2226Crypto-Asset Reporting Framework
InstitutionEuropean UnionOECD
Legal formEU directive transposed by Member StatesInternational standard implemented by participating jurisdictions
GeographyEuropean UnionGlobal participating jurisdictions
Core functionCrypto tax reporting and automatic exchange inside EU cooperation architectureCrypto tax reporting and automatic exchange between participating jurisdictions
Reporting actorsReporting crypto-asset service providers under EU/national rulesReporting crypto-asset service providers under CARF implementation
DependencyTransposition into national law and EU administrative cooperation infrastructureCommitment of participating jurisdictions and their national implementation
Main riskEU-wide collection and exchange of identity-linked crypto dataGlobal circulation of identity-linked crypto data

Timeline comparison

Date or periodDAC8CARF
2023Adopted as Directive (EU) 2023/2226OECD framework finalized and promoted through the Global Forum
2026EU rules start applying to reportable crypto activitySome jurisdictions prepare domestic implementation
2027First EU reporting and exchanges for 2026 dataFirst CARF exchange wave for committed jurisdictions
2028-2029Ongoing reporting and exchangeLater CARF exchange waves for additional jurisdictions

Common logic

Both frameworks rely on user identification, tax residence determination, transaction reporting and automatic exchange between tax authorities. They aim to close the blind spots of international taxation in a cross-border crypto market.

Both frameworks can create datasets that connect identity (including home address), tax residence, crypto-asset type, transaction values and transfers.

Main differences

CARF is an international OECD standard. DAC8 is a European Union directive that modifies the framework of administrative cooperation between Member States.

DAC8 is more directly operational inside the EU: Member States must transpose the directive, providers must comply with national rules, and exchanges pass through the European administrative cooperation infrastructure. CARF, by contrast, depends on the commitment of participating jurisdictions and their own national implementation.

Why DAC8 matters beyond Europe

DAC8 is often discussed as an EU directive, but it is also part of a broader global architecture. CARF creates the model. DAC8 applies a similar model in the EU. Other jurisdictions can then build their own CARF implementations and exchange information with one another.

A European user can be exposed by DAC8. A global user can be exposed by CARF when their jurisdiction or provider enters the exchange network. The logic is therefore cumulative: DAC8 is not only an EU directive, it is a regional piece of a global crypto reporting system. A European crypto user’s data can become part of a wider pattern of cross-border tax reporting, not just a domestic or EU-only file.

Why the comparison matters

DAC8 is not an isolated European accident. It is part of a global move toward automatic crypto tax reporting. The same questions of proportionality, security and incentives therefore apply to CARF globally, not just at the borders of the European Union.

Bull Bitcoin’s objection is not that tax authorities should never obtain information. The objection is that automatic mass reporting creates a different risk profile from targeted information requests. In crypto, leaked identity-linked blockchain data can expose holders and their families to physical targeting.