From the journal

Germany's Crypto Asset Tax Transparency Act Enters First Reporting Year, 2026

The Kryptowerte-Steuertransparenz-Gesetz (KStTG), implementing EU Directive 2023/2226 (DAC8), entered its first mandatory data collection year on 1 January 2026. Crypto asset operators resident in or registered in Germany must collect transaction and account data for calendar year 2026 and transmit it to the Bundeszentralamt für Steuern by 31 July 2027, using the CARF-XML schema specified by the Federal Finance Ministry on 14 January 2026.

3 min read

The Kryptowerte-Steuertransparenz-Gesetz (KStTG) entered its first mandatory data collection year on 1 January 2026, implementing Council Directive (EU) 2023/2226 (DAC8) on administrative cooperation in the field of taxation. Calendar year 2026 is the first period for which reportable crypto asset transaction and account data must be collected. Crypto asset operators must transmit the collected data to the Bundeszentralamt für Steuern by 31 July 2027. The Federal Finance Ministry published technical guidance on 14 January 2026 specifying the mandatory CARF-XML schema for transmissions.

The KStTG implements Directive (EU) 2023/2226 of 17 October 2023, which amended Directive 2011/16/EU on administrative cooperation in the field of taxation to require reporting of crypto-asset transactions. A Kryptowerte-Betreiber (crypto asset operator) is defined in § 1 (9) KStTG as any entity providing crypto asset services on behalf of customers within the meaning of the DAC8 Directive. Reportable information covers account holder identification data, the types and quantities of crypto assets transacted or held, and their monetary values, structured in accordance with the OECD Crypto-Asset Reporting Framework (CARF).

Crypto exchanges, custodial wallet providers, and crypto asset service providers (CASPs) resident in or registered in Germany, or serving German account holders through entities subject to DAC8 in other EU member states, must review their technical systems to produce CARF-XML outputs matching the schema published by the Bundeszentralamt für Steuern. Providers whose systems do not currently capture the required account holder identification and transaction fields face a compliance gap for the 2026 collection year, which closes on 31 December 2026, with a first transmission deadline of 31 July 2027.

The definition of crypto asset operator in § 1 (9) KStTG excludes entities whose services do not involve the custody or transfer of crypto assets in the relevant sense, though boundary cases require careful legal analysis. The interaction between KStTG reporting obligations and MiCA authorisation data already collected by CASPs raises questions about whether a shared data architecture can serve both regulatory and tax reporting purposes. Operators active across multiple EU member states face the additional task of coordinating between national DAC8 implementing acts, which may differ in technical specifications.

Licentium advises digital asset businesses on DAC8 and KStTG compliance in Germany and across the EU. Work we undertake includes CARF-XML technical implementation assessments, crypto asset operator scope analysis, MiCA CASP authorisation support, and cross-border DAC8 coordination for multi-jurisdiction operators.

Source: Federal Finance Ministry, Technical Guidance on KStTG CARF-XML Official Data Schema (14 January 2026)

Crypto Regulatory

More from the journal

See all
Illia Prokopiev

From Cloud Concentration to AI Dependence: The UK’s Critical Third Parties Regime

The United Kingdom now directly oversees designated technology suppliers whose service failures could threaten financial stability. The question is whether the first cloud designations show a legal expansion toward AI-model providers, and what the present regime requires. This analysis assumes the quoted statement concerns the UK financial-services Critical Third Parties regime and assesses the law through 14 July 2026.

Alberta Regulated iGaming Market Launched on 13 July 2026 with 22 Operators

Alberta's regulated private iGaming market launched on 13 July 2026, making Alberta the second Canadian province to permit private online gambling operators after Ontario. The Alberta Gaming, Liquor and Cannabis Commission serves as market regulator and the Alberta iGaming Corporation oversees commercial operations and operator contracts. Twenty-two operator sites went live on day one, including FanDuel, DraftKings, BetMGM, and BetRivers. Operators must fully launch or exit the Alberta market by 13 October 2026.

European Commission Presents Cybersecurity and AI Action Plan on 7 July 2026

On 7 July 2026, the European Commission presented an Action Plan on Cybersecurity and Artificial Intelligence. The plan directs the Commission and ENISA to evaluate advanced AI models before they reach the EU market, establish a secure testing platform for critical-sector organisations, and launch an EU Grand Challenge on AI-powered cybersecurity solutions. It operates alongside the AI Act, NIS2 Directive, DORA, Cyber Resilience Act, and Cyber Solidarity Act, and introduces no new directly binding obligations.