OECD CARF (Crypto-Asset Reporting Framework)

The Crypto-Asset Reporting Framework (CARF) is an international tax transparency standard developed by the Organisation for Economic Co-operation and Development (OECD) to address the tax compliance gap created by the growth of crypto asset markets that operated largely outside existing automatic information exchange frameworks. Endorsed by the G20 in October 2022 and adopted alongside targeted amendments to the Common Reporting Standard (CRS), CARF establishes standardized reporting obligations for crypto asset service providers and a mechanism for automatic exchange of that information among participating tax jurisdictions.

Background and Development

The OECD developed CARF in response to a 2021 G20 mandate recognizing that the widespread adoption of crypto assets created significant risks for tax compliance and fiscal integrity. The existing CRS — adopted in 2014 and now implemented by over 100 jurisdictions — required automatic exchange of financial account information between countries, dramatically increasing tax authorities’ visibility into offshore financial accounts. However, CRS was designed before the proliferation of crypto assets and did not clearly cover crypto asset holdings, creating an asymmetry: a tax evader’s bank account in a foreign jurisdiction was visible to their home tax authority through CRS, but the same person’s crypto holdings on a foreign exchange were not.

CARF was developed through an inclusive process involving the OECD/G20 Inclusive Framework on Base Erosion and Profit Shifting (BEPS), which includes over 140 jurisdictions, as well as consultations with industry participants. The final CARF rules were published in October 2022 alongside simultaneous amendments to the CRS that brought certain crypto-adjacent instruments — central bank digital currencies and certain e-money products — within the CRS framework to prevent regulatory gaps.

What CARF Requires

CARF imposes reporting obligations on Reporting Crypto-Asset Service Providers (RCASPs) — entities that perform exchange services between crypto assets and fiat currencies or other crypto assets, or that effect transfers of crypto assets at the direction of customers. The definition of covered crypto assets is broad, covering any crypto-asset that can be used for payment or investment purposes and that is not already captured by CRS.

For each customer, RCASPs must collect identifying information — name, address, date of birth, tax identification number, and jurisdiction of tax residence — through a due diligence procedure analogous to CRS. For each reportable year, they must report to their domestic tax authority: the full name, address, TIN, and residence of the account holder; the type and amount of crypto assets held; the total amount of gross proceeds from sales; the total amount paid or received in crypto-to-crypto exchanges; and the total amounts transferred to and from external wallets.

This information is then exchanged automatically with the tax authority in the customer’s jurisdiction of residence, giving that authority visibility into both crypto asset holdings and transaction activity — including the consideration received on disposal, which is necessary for computing capital gains.

Committed Jurisdictions and Implementation Timeline

Over 75 jurisdictions have committed to implementing CARF, representing all major crypto market jurisdictions except notably the United States and India. The US exclusion reflects the US’s existing FATCA framework and domestic political constraints on new international reporting obligations; the US has been engaged in discussions with OECD about a potential FATCA-CARF equivalence arrangement rather than direct CARF adoption. India’s non-participation creates a gap given the size of India’s domestic crypto market.

Of the committed jurisdictions, 48 committed to begin collecting data from January 1, 2026, with the first automatic exchange of data scheduled for June 30, 2027. A second group of jurisdictions committed to a one-year later timeline (data collection from 2027, exchange from 2028). This staggered implementation reduces the cliff-edge compliance burden while maintaining momentum toward the full global network.

DeFi Coverage Gap

CARF’s coverage of decentralized finance remains a significant gap in its design. Because CARF focuses on reporting by centralized service providers who collect customer identifying information, it cannot straightforwardly address transactions conducted through DeFi protocols where there is no intermediary. The OECD has acknowledged this gap and is working on guidance for how CARF reporting obligations might apply to DeFi-adjacent entities — wallet providers, front-end interface operators, and certain protocol governance participants — but as of 2026 DeFi transactions conducted through non-custodial wallets without intermediary involvement largely fall outside CARF’s scope.

Practical Compliance Implications

For crypto exchanges and custody service providers operating across multiple jurisdictions, CARF compliance requires implementation of robust customer due diligence procedures to collect tax residency and TIN information from all customers, not merely the KYC identification required for AML purposes. The OECD has published technical XML schemas and data format specifications to standardize the reporting data exchanged among jurisdictions, reducing the technical complexity of building the exchange infrastructure. Many jurisdictions are integrating CARF reporting into existing financial institution reporting obligations, with tax authorities adapting CRS processing infrastructure to receive and use CARF data.