Regulatory & Compliance News

Crypto-Asset Reporting Framework (CARF) – More than meets the eye

ContributorName(contributor, true)
insight featured image
The question of the extent to which cryptocurrencies and other virtual assets are reportable within the framework of the automatic exchange of information (AEOI) has preoccupied financial institutions for several years. At the end of 2022, the OECD adopted a draft for a system for reporting crypto assets, the so-called Crypto-Asset Reporting Framework, or CARF for short. What does the CARF contain and what are the reporting obligations?

Classification of the innovations1


1This is a highly simplified presentation, which should enable a quick initial classification of the topic. Each institution should determine the relevance and the concrete need for action individually.


Many financial intermediaries may have thought that the CARF would «merely» expand the definitions of affected institutions and reportable assets under the AEOI regime. However, the new crypto-asset reporting regime goes much further – it establishes a separate set of rules for the cross-border exchange of information on virtual assets, detached from the AEOI. While the rules and obligations are very similar, the duplication creates a significant additional burden for banks and other financial institutions subject to the AEOI.



The CARF defines rules on the following topics:

  • Affected virtual assets
  • Companies and persons subject to reporting requirements
  • Reportable transactions and report content
  • Due diligence obligations to identify affected clients and their controlling persons

In addition, the provisions of the AEOI are to be adapted in certain respects for coordination purposes as part of the introduction of CARF.


Affected virtual assets

Not only cryptocurrencies are affected by CARF, but any kind of virtual assets. These «crypto-assets» are defined as a «digital representation of value that relies on a cryptographically secured distributed ledger or a similar technology to validate and secure transactions». Exceptions exist for digital fiat currencies issued by central banks (Central Bank Digital Currencies) and other digital depictions of fiat currencies (Specified Electronic Money Products), which are to be newly covered by the AEOI, as well as for virtual assets that cannot be used for payment or investment purposes.


Companies and persons subject to reporting requirements

It is not the formal supervisory status that is relevant to whether a company or person is affected by CARF, but rather the question of whether it commercially carries out exchange transactions between virtual assets and fiat currencies or between different virtual assets on behalf of clients. Against this background, crypto exchanges, among others, come into the scope of application, which currently often classify themselves as (non-reportable) Active Non-Financial Entities under the AEOI. For banks, the applicability of CARF is determined by whether they offer crypto services to their clients in any form. This is likely to be the case for more and more institutions in the future.


Reportable transactions and report content

Reports must be submitted annually for each customer domiciled in a foreign partner jurisdiction who carries out exchange transactions, deposits/withdrawals or payments with virtual assets (crypto-asset user). In addition to basic personal data such as name, address and tax identification number (TIN), aggregated data on all relevant transactions – broken down by individual types of virtual assets – must be reported.


Due diligence obligations to identify affected clients and their controlling persons

The system for identifying affected clients is based on the requirements of the AEOI regime: with a focus on self-declarations by clients and recourse to beneficial owners or other controlling persons in the case of passive entities.


Assessment and outlook

The overarching goal of CARF to also subject virtual assets to a system for the cross-border exchange of information is, in principle, consistent and purposeful against the backdrop of the AEOI. However, the creation of a regime detached from the AEOI appears unnecessarily costly and disproportionate, since an integration of virtual assets into the AEOI system – by adjusting the categories of institutions and assets concerned – would have been entirely possible.

The OECD is now working on an implementation package for the consistent national and international application of CARF. This should include bilateral or multilateral agreements, IT solutions for the exchange of information as well as more detailed specifications for the respective national implementation work. It remains to be seen whether further coordination and use of synergies with the established AEOI regime can be achieved in the course of this work. If this does not succeed, the financial institutions concerned will once again be faced with extensive and technically complex project work until the currently planned introduction date of January 2026.