Implementation of the OECD's Crypto-Asset Reporting Framework (CARF) in Switzerland
From 1 January 2026, individuals and legal entities offering crypto-asset services will be subject to the Crypto-Asset Reporting Framework (CARF) developed by the Organization for Economic Co-operation and Development (OECD). Switzerland has committed to implementing this international standard – with far-reaching consequences for providers.
The CARF is an international standard developed by the OECD. Its main objective is to increase transparency in the area of crypto-assets and to close existing gaps in tax frameworks, especially in comparison to the Common Reporting Standard (CRS), which focuses on traditional financial assets. CARF is part of a global effort to increase tax transparency.
According to the OECD's current list of March 13, 2025, 50 jurisdictions have signed the multilateral agreement on the automatic exchange of information regarding crypto-assets. These include the EU member states as well as major financial centers such as the United Kingdom, Singapore, the United Arab Emirates and the Cayman Islands. However, the United States of America has not signed the agreement and has announced its own national regulatory approaches.
Switzerland has committed to implementing the CARF - unfortunately without any in-depth political debate on the meaning and purpose of the regulation. The legal provisions are scheduled to enter into force on January 1, 2026. The first automatic exchange of information is planned for 2027 and will affect relevant transactions with crypto-assets from January 1, 2026.
The basis for Switzerland’s participation in the international exchange is, among other things, the dispatch adopted by the Federal Council on June 6, 2025, concerning the approval of data exchange with selected partner states. The planned exchange involves a total of 74 countries that, from Switzerland’s perspective, are considered particularly relevant in the area of crypto-asset transactions — including all EU member states, the United Kingdom, and the majority of G20 countries (with the exception of the United States, China, and Saudi Arabia). However, effective data exchange will only take place with jurisdictions that have implemented the CARF standard and meet the requirements for bilateral cooperation.
The reporting obligation under CARF applies to so-called Reporting Crypto-Asset Service Providers (RCASP). This includes individuals or legal entities that commercially offer services facilitating exchange transactions involving relevant crypto-assets (see section 4 below) for or on behalf of customers. A reporting obligation arises when the service is provided pursuant to a legal obligation, or when the provider exercises control over the execution of the exchange transaction, either directly or through sufficient influence - for example via a trading platform or a smart contract.
The following providers, among others, are deemed to be RCASPs if they offer commercial services for the execution of exchange transactions with relevant crypto-assets for or on behalf of customers (not an exhaustive list):
Providers with purely technical functions that are unrelated to the execution of exchange transactions do not qualify as RCASPs. This includes, for example, the mere transfer, custody, or management of crypto-assets as well as the provision of software or infrastructure that does not enable the independent execution of, or influence over, exchange transactions.
Parties that provide financial services in connection with the offer or sale of crypto-assets by an issuer are also not considered RCASPs.
The reporting obligation under CARF applies to so-called relevant crypto-assets. These are broadly defined in the standard as digital representations of a value that relies on a cryptographically secured distributed ledger technology (DLT) or similar technology to validate and secure transactions.
A crypto-asset is considered "relevant" if it can be used for payment or investment purposes. The decisive factor here is not the regulatory classification under financial market law, but the actual economic purpose of use.
The relevant crypto-assets include in particular:
However, personal or non-tradable NFTs, such as digital collectibles without market value, or internal utility tokens that serve solely to access platform functionalities are not subject to the reporting obligation. Likewise, electronic means of payment (e-money), including prepaid cards and e-money accounts, as well as central bank digital currencies (CBDCs), are expressly excluded from the reporting scope.
Exchange transactions involving only non-relevant crypto-assets do not give rise to a reporting obligation under CARF. By contrast, if a relevant crypto-asset is exchanged for a non-relevant crypto-asset, the transaction must be reported to the extent that it involves the relevant crypto-asset. The decisive criterion is whether a relevant crypto-asset is part of the exchange transaction.
The reporting obligation under CARF applies not only to traditional trading in crypto-assets, but also to a range of other transaction types in which relevant crypto-assets are transferred or exchanged. The aim is to provide the tax authorities with a complete picture of the economically relevant activities in connection with crypto-assets.
The following must be reported:
Other transactions such as staking income, mining rewards or airdrops may also be reportable - depending on whether they represent an economically relevant increase in assets and whether they are carried out as part of a reportable service (e.g., via a platform or wallet with controlled access).
An RCASP is required to submit structured information on all reportable transactions to the Federal Tax Administration (FTA) on an annual basis. According to the OECD’s User Guide for Tax Administrations, such reporting must be carried out using a standardized set of predefined transaction codes. The submission must include core identifying information, detailed transaction data, and aggregated amounts. Given the international nature of the reporting obligation, it is expected that RCASPs will be required to report in accordance with the OECD's prescribed format and technical specifications.
RCASPs are obliged to comply with a number of statutory due diligence, reporting and record-keeping obligations. These obligations include the identification of users subject to reporting, the accurate classification of transactions and the timely and complete submission of data to the FTA.
Willful breaches of these obligations may result in fines of up to CHF 250,000, while negligent violations may be sanctioned with fines of up to CHF 100,000. Furthermore, failure to comply with the obligation to provide information to the FTA may lead to additional penalties—up to CHF 100,000 in cases of intent and up to CHF 50,000 in cases of negligence. Individuals who deliberately provide false or incomplete information to the FTA may be fined up to CHF 10,000.
In addition to the RCASP in question, individual members of governing bodies (e.g., boards of directors, foundation boards) may also be held personally liable if a breach of duty results in harm and can be attributed to a failure in their organizational or supervisory responsibilities.
If there are indications—or if it is already known—that your company falls within the scope of CARF regulation, the following steps and measures are essential to ensure compliance:
The new requirements give rise to many practical questions, especially for VASPs, DeFi providers or established financial intermediaries with crypto exposure.
We are happy to support you in assessing your business activities in light of a potential classification as an RCASP, determining the scope of reportable information, and preparing the annual declaration of the relevant crypto-assets to the FTA.
We look forward to hearing from you!