EU Crypto Platforms Must Report User Transactions Under DAC8 From 2026

Tax authorities will receive transaction data for all EU-resident users. First information exchange in September 2027.

The eighth amendment to the EU Directive on Administrative Cooperation, known as DAC8, requires crypto-asset service providers to collect and report detailed transaction information for EU-resident users starting January 1, 2026. The first automatic exchange of this information between EU tax authorities is scheduled for September 2027.

What platforms must report

Under DAC8, reporting crypto-asset service providers must submit annual reports containing:

• User identification data (name, address, tax ID, date of birth)
• Aggregated transaction values by crypto-asset type
• Number of transactions per asset
• Total value of acquisitions and disposals
• Any transfers to non-custodial wallets

The reporting covers all crypto-assets as defined under MiCA, plus e-money tokens and certain NFTs that function as financial instruments. Stablecoins, utility tokens, and traditional cryptocurrencies are all in scope.

Platforms must report for any user who is tax resident in an EU member state, regardless of where the platform itself is located. A Cayman Islands exchange with German customers has reporting obligations to German tax authorities.

The timeline that matters

DAC8 entered into force in January 2024, but gave member states until December 31, 2025 to transpose it into national law. The reporting obligations apply to transactions occurring from January 1, 2026 onwards.

Platforms have until September 30, 2027 to submit their first reports covering 2026 activity. Tax authorities then exchange this information automatically, similar to how they already share banking data under the Common Reporting Standard.

For crypto users, this means 2026 is the first year where their EU exchange activity will definitely reach their home tax authority. Whatever reporting gaps existed before are closing.

Who qualifies as a reporting provider

The rules apply broadly. Any entity that provides crypto-asset services to EU residents must report, including:

• Centralized exchanges
• Custody providers
• Crypto payment processors
• Decentralized exchanges with EU-based operators
• NFT marketplaces (for reportable NFTs)

Non-EU platforms serving EU customers face the same obligations. DAC8 requires these platforms to either register in an EU member state for reporting purposes or cease serving EU residents.

DeFi protocols without identifiable operators fall outside the reporting framework, at least for now. But users moving assets from reporting exchanges to DeFi must expect those transfer events to be flagged.

What this means for users

Crypto investors who haven't been reporting gains should assume their tax authority will know about their 2026 activity. The information exchange creates an audit trail that didn't exist before.

Several EU countries have announced amnesty programs for voluntary disclosure of past crypto holdings. Germany's Finance Ministry has indicated it will pursue back taxes aggressively once DAC8 data flows begin.

For compliant taxpayers, DAC8 changes little. For everyone else, 2026 marks the end of crypto's gray zone in Europe.

Tax authorities in Italy, Spain, and France have already hired crypto-specialist auditors in anticipation of the data exchange.