The European Commission escalated DAC8 enforcement this week. It sent formal infringement notices to 12-13 EU member states for failing to implement crypto tax reporting requirements. But here’s what matters for operations: your compliance deadline hasn’t changed.
If you’re a Crypto-Asset Service Provider (CASP), validator with international delegators, accounting firm with crypto clients, ETF issuer with EU shareholders, or treasury operation using custody platforms—you have 142 days until July 1, 2026 when full compliance systems are required.
The 60-day account blocking provision isn’t just regulatory paperwork. It’s an operational constraint that directly affects user accounts. Infrastructure readiness separates operators who are prepared from those who’ll be scrambling when enforcement escalates further.
This article covers:
- What happened: Infringement procedures explained
- Who’s affected: CASP definition and scope
- Infrastructure requirements: What DAC8 compliance actually means
- Multi-jurisdiction complexity: DAC8 + CARF + 1099-DA overlaps
- Timeline breakdown: What to do in the next 142 days
- Assessment framework: “Can you comply?” diagnostic questions
What Happened: Infringement Procedures Explained
The Enforcement Action
The European Commission sent formal notice letters to 12-13 member states that missed the January 1, 2026 deadline to implement DAC8 in their national law. This is standard EU enforcement escalation procedure:
- What happened: Formal infringement notices issued
- Why: Countries failed to implement DAC8 by Jan 1, 2026
- Timeline: Two-month response period before potential ECJ referral
- Process: If countries don’t respond or remedy by April 2026, the Commission can escalate to the European Court of Justice
Which countries are affected?
The specific list hasn’t been publicly disclosed (standard EC procedure). Based on regulatory development timelines, the affected countries are likely smaller member states with less developed crypto regulatory frameworks. Major economies like Germany, France, and the Netherlands are presumed compliant based on prior public statements.
What This Means for CASPs
Here’s the critical point: Country-level delays don’t change CASP obligations.
DAC8 applies directly to Crypto-Asset Service Providers, not exclusively through member state implementation. If you operate in the EU or serve EU residents:
- July 1, 2026 compliance systems deadline stands
- January 31, 2027 first reporting deadline unchanged
- 60-day account blocking provision becomes operational requirement
The regulatory tone has shifted:
Before (2024-2025): “DAC8 is coming, prepare to comply”
Now (February 2026): “DAC8 is active, comply or face consequences”
Infrastructure decisions delayed in 2024-2025 now create operational urgency. The time for preparation has passed. The focus is now on execution.
Who’s Affected: CASP Definition and Scope
CASP Definition Under DAC8
Crypto-Asset Service Provider includes:
- Exchanges and trading platforms
- Custodians and wallet providers
- Payment service providers using crypto
- Validators providing staking services (if delegators are present)
- DeFi protocols with identifiable service provision
Geographic scope:
- Platforms headquartered in EU: Clearly covered
- Platforms outside EU serving EU residents: Also covered
- Validators with international delegators including EU residents: Covered if providing services
Key determination: If you provide crypto services to EU residents, DAC8 likely applies.
Segment-Specific Impact
Validators
If 10% or more of your delegators are EU residents, you likely meet CASP status. (Note: There’s no bright-line threshold in the regulation; this is a practical guideline based on the “providing services to EU residents” language—when CASP status becomes operationally unavoidable.)
The requirements:
- Identify delegator residence (not just nationality)
- Report staking rewards per delegator jurisdiction
- Implement self-certification for EU delegators
- Track mid-year residence changes
Example: A Solana validator with 5,000 delegators discovers 800 are EU tax residents across 15 member states. That validator must classify rewards per jurisdiction, generate XML reports for 15 different countries, and implement self-certification processes to identify new EU delegators.
Platforms & Exchanges
Direct CASP classification applies. You must:
- Identify all EU resident users
- Track transaction activity per user
- Generate XML reports for 27 member states
- Implement account blocking for non-certified users within 60 days
Accounting Firms
Many of your clients meet the CASP definition. This creates both compliance obligation and advisory opportunity:
- Obligation: Help clients assess CASP status and infrastructure gaps
- Opportunity: Multi-client compliance using white-label infrastructure
- Complexity: Protocol-specific nuances across different client chains
Example: A firm with 20 crypto clients discovers 12 are CASPs under DAC8. Rather than building 12 separate compliance systems, the firm implements multi-client infrastructure handling validators, exchanges, and DeFi protocols simultaneously.
ETF Issuers
Fund-level reporting applies for EU shareholders:
- Shareholder residence tracking required
- Integration with transfer agent data
- Multi-jurisdiction NAV calculation complexity
- Coordination between fund administrator, custodian, and compliance provider is required to produce accurate NAV calculations and avoid reporting errors that trigger regulatory audits
Treasury Companies
If you hold crypto on custody platforms:
- Verify: Is your custodian DAC8-compliant?
- Prepare: Self-certification documentation to provide platforms
- Risk assessment: Operational impact if platform blocks non-certified accounts
The 60-day provision affects you directly. If your custody platform can’t verify your residence within 60 days, your account faces restrictions.
Common Misconceptions
Misconception 1: “We’re not in the EU, so DAC8 doesn’t apply.”
Reality: If you serve EU residents, DAC8 applies regardless of headquarters location.
Misconception 2: “Country delays mean we have more time.”
Reality: CASP obligations are independent of member state transposition timing.
Misconception 3: “Generic blockchain tools can handle DAC8 reporting.”
Reality: DAC8 requires jurisdiction-aware classification and XML format generation—not just blockchain data export.
Infrastructure Requirements: What DAC8 Compliance Actually Means
User Residence Identification
The requirement: Identify which users are EU tax residents (not nationality).
Why this is complex:
Nationality ≠ tax residence. Tax residence determines reporting obligations.
- Irish citizen living in Germany = German tax resident (report to Germany)
- French citizen living in Singapore = non-EU resident (no DAC8 reporting)
- UK citizens post-Brexit = non-EU residents (no DAC8, but may require CARF)
Implementation requirements:
- Self-certification processes at onboarding: Users declare tax residence
- Mid-year residence change tracking: Users relocate
- Periodic re-certification: Verify residence hasn’t changed
- Documentation retention: Maintain audit trail for residence determination
Operational question: Can you identify EU tax residents in your user base right now?
If the answer is no, you have a user identification gap that must be addressed before July 1.
Transaction Classification Per Jurisdiction
The requirement: Classify transactions using DAC8 categories, per user jurisdiction.
DAC8 transaction categories:
- Exchange transactions: Crypto-to-crypto, crypto-to-fiat
- Transfer transactions: Wallet-to-wallet movement
- Payment transactions: Crypto used for goods/services
- Staking/reward transactions: Validator rewards, staking income
- Lending/borrowing transactions: DeFi protocol activity
Multi-jurisdiction complexity:
The same transaction may require different classification depending on user residence.
Example: Staking reward distributed to delegator
- US delegator (IRS 1099-DA): Income at receipt
- EU delegator (DAC8): Consideration for services provided
- Other CARF country: Varies by country’s CARF implementation
Generic blockchain tools show “transaction occurred”—they don’t classify per jurisdiction-specific rules.
Protocol-aware infrastructure understands chain-specific mechanics:
- Solana: Epoch-based distribution, early slot timestamp reconstruction
- Cosmos: Continuous reward accrual, fork-based block height resets
- Ethereum: Per-block rewards, EIP-1559 fee structure, MEV separation
AND applies jurisdiction-specific classification rules on top of protocol mechanics.
Real example: In the first ~38 million Solana slots (before on-chain timestamps were implemented in early 2021), timestamps weren’t recorded on-chain. Generic tools can’t reconstruct when rewards were earned. Protocol-aware infrastructure reconstructs timing using epoch schedules and block position—critical for accurate tax reporting.
XML Reporting Format Generation
The requirement: Generate XML reports per DAC8 schema for each member state.
Complexity:
- 27 EU member states: Each requiring separate XML reports
- Jurisdiction-specific requirements: Countries may have variations in implementation
- XML schema compliance: Automated validation required
- Reporting frequency: Quarterly for large operators, annually for smaller
Infrastructure requirement: Automated XML generation, not manual spreadsheet compilation.
Manual processes don’t scale when you’re generating reports for 27 different member states across thousands of users and millions of transactions. You’ll miss deadlines, generate incorrect reports, and face non-compliance penalties.
Account Blocking Capability
The 60-day provision: Users who fail to provide valid self-certification within 60 days must have accounts blocked or restricted.
Operational implications:
This isn’t just compliance cost—it’s operational impact on users.
- User communication requirements: Explain self-certification clearly
- Account restriction procedures: Temporary block, not permanent closure
- Re-activation processes: User provides documentation, account restored
- Support burden: Handling user questions and documentation review
Why this matters: Creates operational urgency beyond regulatory compliance. User accounts are at risk if infrastructure isn’t ready.
If July 1 arrives and you can’t implement 60-day blocking, you’re non-compliant from day one—and users will notice immediately when accounts start getting restricted.
Multi-Framework Overlap
The compliance matrix: CASPs serving international users face overlapping frameworks.
Framework overlap example:
- IRS 1099-DA: US users
- DAC8: 27 EU member states
- CARF: 48 countries with varying implementations
Infrastructure challenge: Same transaction data, different classification and reporting per jurisdiction.
A validator with delegators in the US, Germany, France, UK, and Australia must:
- Parse the same on-chain staking reward transaction
- Classify it differently for each jurisdiction (IRS rules ≠ DAC8 rules ≠ CARF rules)
- Generate reports in different formats (IRS 1099-DA XML ≠ DAC8 XML ≠ CARF XML)
- Track residence of each delegator across all jurisdictions
- Handle mid-year relocations (US delegator moves to Germany mid-year → split reporting)
This is why we emphasize multi-jurisdiction-aware infrastructure at NODE40. We’ve spent years processing multi-framework compliance across IRS 1099-DA, DAC8, and CARF—handling more than 500,000 accounts across billions of transactions. We built for overlapping requirements, not single-framework point solutions.
Generic blockchain tools weren’t designed for this. They show transactions. Protocol-aware + jurisdiction-aware infrastructure classifies transactions correctly per user residence and generates compliant reports for 27+ member states.
Timeline Breakdown: 142 Days Until July 1
What happens between now and July 1, 2026:
Phase 1: Assessment (Weeks 1-2, Now through Late February)
Key questions:
- Are we a CASP under DAC8 definition?
- How many users are EU tax residents?
- Can we identify user residence right now?
- What’s our infrastructure gap?
Deliverable: CASP determination and gap analysis report
If you haven’t started this assessment yet, you’re already 8 weeks into the timeline.
Phase 2: Gap Identification (Weeks 3-4, March)
Key activities:
- Document current capabilities vs DAC8 requirements
- Identify infrastructure gaps (residence tracking, classification, XML generation, blocking)
- Build vs buy decision (develop internally vs integrate purpose-built solution)
- Budget and resource allocation
Deliverable: Infrastructure implementation plan with timeline and budget
Critical decision point: Building from scratch in 12-14 weeks creates high execution risk.
Consider:
- Do you have protocol-specific expertise (Solana epoch mechanics, Cosmos continuous accrual, Ethereum fee structures)?
- Do you have experience with multi-jurisdiction compliance (IRS + DAC8 + CARF)?
- Do you have years of edge case handling experience (early Solana slots, SPL rent, fork-based resets)?
If the answer to any of these is no, building from scratch is high risk.
Phase 3: Implementation or Integration (Weeks 5-18, March through Mid-June)
Key activities:
If building:
- Development, testing, iteration
- High risk if starting from scratch
- Protocol-specific edge cases take time to discover
If buying/integrating:
- Integration with existing systems
- Data migration and configuration
- User communication campaign (explain self-certification requirements)
- Staff training (operations team on new processes)
Deliverable: Functional compliance infrastructure in pre-production testing
Phase 4: Testing and Validation (Weeks 18-20, Late June)
Key activities:
- User acceptance testing (UAT)
- Self-certification process testing
- XML generation and validation testing
- Account blocking procedure testing
- Parallel run with existing systems (if applicable)
Deliverable: Production-ready infrastructure by July 1
Reality check: If you haven’t started assessment (Phase 1), implementation timeline is compressed. Building from scratch in 12-14 weeks creates high execution risk. Protocol-aware infrastructure takes years to build—you can’t replicate that experience in 90 days.
This is why NODE40’s multi-jurisdiction infrastructure matters: years of R&D handling CARF, DAC8, and 1099-DA simultaneously across more than 500,000 accounts. We’ve already discovered the edge cases. We’ve already built the protocol-specific parsers. We’ve already generated compliant XML for multiple frameworks.
You can integrate with that experience—or start from scratch with 90 days on the clock.
Assessment Framework: “Can You Comply?” Diagnostic Questions
Run this diagnostic to assess your DAC8 readiness:
Category 1: User Identification
☐ Can you identify which users are EU tax residents (not just nationality)?
☐ Do you have self-certification processes implemented?
☐ Can you track mid-year residence changes (user relocates)?
☐ Do you maintain documentation for residence determination?
If you answered “no” to any: User identification gap. Implementation required.
Category 2: Transaction Classification
☐ Can you classify transactions per DAC8 categories?
☐ Can you apply jurisdiction-specific classification rules per user?
☐ Do you handle protocol-specific mechanics (Solana ≠ Ethereum ≠ Cosmos)?
☐ Can you separate validator revenue from delegator amounts (if applicable)?
If you answered “no” to any: Classification infrastructure gap. Protocol-aware + jurisdiction-aware classification required.
Category 3: Reporting Infrastructure
☐ Can you generate XML reports per DAC8 schema?
☐ Can you produce reports for 27 different member states?
☐ Is reporting automated (not manual spreadsheet compilation)?
☐ Can you handle quarterly reporting frequency for large operations?
If you answered “no” to any: Reporting infrastructure gap. Automated XML generation required.
Category 4: Operational Procedures
☐ Have you communicated self-certification requirements to users?
☐ Do you have account blocking procedures for non-certified users?
☐ Can you implement 60-day blocking provision?
☐ Do you have account re-activation processes (user provides documentation)?
If you answered “no” to any: Operational readiness gap. User communication and blocking procedures required.
Category 5: Multi-Framework Coordination
☐ Do you serve users in multiple jurisdictions (US, EU, other CARF countries)?
☐ Can you handle overlapping reporting requirements (1099-DA + DAC8 + CARF)?
☐ Is your infrastructure jurisdiction-aware (not single-framework)?
☐ Can you classify same transaction differently per user residence?
If you answered “no” to any: Multi-jurisdiction infrastructure gap. Purpose-built compliance infrastructure recommended.
Scoring
- All “yes”: Ready for July 1 (verify through testing)
- 1-3 “no”: Gaps identified, focused implementation needed
- 4-10 “no”: Significant gaps, comprehensive infrastructure implementation required
- 10+ “no”: High risk of non-compliance, immediate action required (build vs buy decision critical)
Conclusion
The European Commission’s infringement procedures signal a shift from advisory to enforcement in crypto compliance. While country-level delays make headlines, operational deadlines haven’t changed:
July 1, 2026: 142 days to full compliance infrastructure.
For CASPs, validators, accounting firms serving crypto clients, ETF issuers with international shareholders, and treasury operations using custody platforms—infrastructure readiness is the competitive advantage.
The compliance matrix (IRS 1099-DA + DAC8 for 27 EU members + CARF for 48 countries) requires multi-jurisdiction-aware infrastructure built for overlapping frameworks. Generic blockchain tools show transactions—they don’t classify them per jurisdiction or generate compliant reports for 27 member states.
As crypto compliance infrastructure consolidates, market leadership belongs to operators who invested early in purpose-built solutions. The time to assess infrastructure gaps and make build-vs-buy decisions is now—not in June when you’re 3 weeks from deadline.
Infrastructure decisions made this month determine whether you’re prepared or scrambling when July 1 arrives.