The DAC8law, designed to amend the EU Directive on Administrative Cooperation (DAC), mandates crypto-asset service providers to report transactions involving EU clients to the bloc’s tax authorities.
535 members voted in favor of the bill, with only 57 votes against and 60 abstentions.
EU member states now have until December 31, 2025, to implement the rules, which are set to officially take effect on January 1, 2026.
"The proposed directive identifies two types of entities that would be obliged to report information to the local authorities:
1. Crypto-asset providers: any legal person or undertaking whose professional activity is the provision of one or more crypto-asset services to third parties. The definition as used in DAC8 is the same asthat of MiCA. 2. Crypto-asset operators: a provider of crypto-asset services other than a crypto-asset service provider. These operators do not fall within the scope of MiCA."
"These entities, categorized as reportable crypto-asset service providers (RCASPs), must comply with DAC's reporting requirements if they have users within the EU, regardless of their size or location."
"Unlike the OECD's CARF, the proposed EU directive also requires RCASPs to act in cases where a crypto-asset user does not provide the data required to the RCASP after two reminders, but not before 60 days have passed. In such a case, the RCASP would have to prevent the user from exchanging transactions."
"An amendment is proposed to Article 16(2) to clarify that the information exchanged under DAC can be used for purposes other than tax, including any measures covered under Article 215 TFEU, which deals with the imposition of economic sanctions by the EU on third countries."
The new surveillance law does not seem to affect self-custody solutions, their users and developers.