This document is an excerpt from the EUR-Lex website
Document 32023L2226
Council Directive (EU) 2023/2226 of 17 October 2023 amending Directive 2011/16/EU on administrative cooperation in the field of taxation
Council Directive (EU) 2023/2226 of 17 October 2023 amending Directive 2011/16/EU on administrative cooperation in the field of taxation
Council Directive (EU) 2023/2226 of 17 October 2023 amending Directive 2011/16/EU on administrative cooperation in the field of taxation
ST/10215/2023/INIT
OJ L, 2023/2226, 24.10.2023, ELI: http://data.europa.eu/eli/dir/2023/2226/oj (BG, ES, CS, DA, DE, ET, EL, EN, FR, GA, HR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)
In force
Official Journal |
EN Series L |
2023/2226 |
24.10.2023 |
COUNCIL DIRECTIVE (EU) 2023/2226
of 17 October 2023
amending Directive 2011/16/EU on administrative cooperation in the field of taxation
THE COUNCIL OF THE EUROPEAN UNION,
Having regard to the Treaty on the Functioning of the European Union, and in particular Articles 113 and 115 thereof,
Having regard to the proposal from the European Commission,
After transmission of the draft legislative act to the national parliaments,
Having regard to the opinion of the European Parliament (1),
Having regard to the opinion of the European Economic and Social Committee (2),
Acting in accordance with a special legislative procedure,
Whereas:
(1) |
Tax fraud, tax evasion and tax avoidance represent a major challenge for the Union and at global level. The exchange of information is pivotal in the fight against such practices. |
(2) |
The European Parliament has stressed the political importance of fair taxation and of fighting tax fraud, tax evasion and tax avoidance, including through closer administrative cooperation and extended exchange of information between Member States. |
(3) |
On 7 December 2021, the Council approved an Ecofin report to the European Council on tax issues requesting the Commission to table in 2022 a legislative proposal containing further revisions to Council Directive 2011/16/EU (3), concerning the exchange of information on crypto-assets and tax rulings for wealthy individuals. |
(4) |
On 26 January 2021, the Court of Auditors published a report examining the legal framework and implementation of Directive 2011/16/EU. That report concludes that the overall legal framework of Directive 2011/16/EU is solid, but some provisions need to be strengthened in order to ensure that the full potential of the exchange of information is exploited and the effectiveness of the automatic exchange of information is measured. The report also concludes that the scope of Directive 2011/16/EU should be enlarged in order to cover additional categories of assets and income, such as crypto-assets. |
(5) |
The crypto-asset market has grown in importance and increased its capitalisation substantially and rapidly over the last 10 years. A crypto-asset is a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology. |
(6) |
Member States have put in place rules and guidance, which differ from Member State to Member State, to tax income derived from crypto-asset transactions. However, the decentralised nature of crypto-assets makes it difficult for Member States’ tax administrations to ensure tax compliance. |
(7) |
Regulation (EU) 2023/1114 of the European Parliament and of the Council (4) has expanded the Union regulatory framework to issues of crypto-assets that had so far not been regulated by Union financial services acts as well as to providers of services in relation to such crypto-assets (‘crypto-asset service providers’). Regulation (EU) 2023/1114 sets out definitions that are used for the purposes of this Directive. This Directive also takes into account the authorisation requirement for crypto-asset service providers under Regulation (EU) 2023/1114 in order to minimise administrative burden for the crypto-asset service providers. The inherent cross-border nature of crypto-assets requires strong international administrative cooperation to ensure effective regulation. |
(8) |
The Union’s anti-money laundering and countering the financing of terrorism framework (AML/CFT) extends the scope of obliged entities subject to AML/CFT rules to crypto-asset service providers regulated by Regulation (EU) 2023/1114. In addition, Regulation (EU) 2023/1113 of the European Parliament and of the Council (5) extends the obligation of payment service providers to accompany transfers of funds with information on the payer and the payee to crypto-asset service providers in order to ensure the traceability of transfers of crypto-assets for the purpose of fighting against money laundering and financing of terrorism. |
(9) |
At international level, the Organisation for Economic Cooperation and Development (OECD) Crypto-Asset Reporting Framework, set out in Part I of the document ‘Crypto-Asset Reporting Framework and Amendments to the Common Reporting Standard’ approved by the OECD on 26 August 2022 (the ‘OECD Crypto-Asset Reporting Framework’), is aimed at introducing greater tax transparency with regard to crypto-assets and their reporting. Union rules should take into account the framework developed by the OECD in order to increase the effectiveness of the exchange of information and to reduce administrative burden. In implementing this Directive, Member States should use the Commentaries on the Model Competent Authority Agreement, set out in the document ‘International Standards for Automatic Exchange of Information in Tax Matters: Crypto-Asset Reporting Framework and 2023 update to the Common Reporting Standard’, released by the OECD on 8 June 2023 (the ‘Commentaries on the Model Competent Authority Agreement’), and the OECD Crypto-Asset Reporting Framework as sources of illustration or interpretation and in order to ensure consistency in application across Member States. |
(10) |
Directive 2011/16/EU lays down obligations for financial institutions to report financial account information to tax administrations that are then required to exchange that information with other relevant Member States. However, most crypto-assets are not obliged to be reported under that Directive because they do not constitute money held in depository accounts nor in financial assets. In addition, crypto-asset service providers as well as crypto-asset operators are in most cases not covered by the current definition of financial institution under Directive 2011/16/EU. |
(11) |
In order to address new challenges arising from the growing use of alternative means of payment and investment, which pose new risks of tax evasion and are not yet covered by Directive 2011/16/EU, the rules on the reporting and exchange of information should cover crypto-assets and their users. |
(12) |
In order to ensure the proper functioning of the internal market, the reporting should be effective, simple and clearly defined. Detecting taxable events that occur while investing in crypto-assets is difficult. Reporting crypto-asset service providers are best placed to collect and verify the necessary information on their users. The administrative burden should be minimised for the industry so that it is able to develop its full potential within the Union. |
(13) |
The automatic exchange of information between tax authorities is crucial to provide them with the necessary information to enable them to correctly assess the amounts of income taxes due. The reporting obligation should cover both cross-border and domestic transactions in order to ensure the effectiveness of the reporting rules, the proper functioning of the internal market, a level playing field and respect of the principle of non-discrimination. |
(14) |
This Directive applies to crypto-asset service providers regulated by and authorised under Regulation (EU) 2023/1114 and to crypto-asset operators that are not. Both are referred to as reporting crypto-asset service providers, as they are required to report under this Directive. The general understanding of what constitutes crypto-assets is very broad and includes crypto-assets that have been issued in a decentralised manner, as well as stablecoins, including e-money tokens as defined in Regulation (EU) 2023/1114 and certain non-fungible tokens (NFTs). Crypto-assets that can be used for payment or investment purposes are reportable under this Directive. Therefore, reporting crypto-asset service providers should consider on a case-by-case basis whether crypto-assets can be used for payment and investment purposes, taking into account the exemptions provided for in Regulation (EU) 2023/1114, in particular in relation to a limited network and certain utility tokens. |
(15) |
In order to enable tax administrations to analyse the information they receive and to use it in accordance with national provisions, for example for matching of information and valuation of assets and capital gains, it is appropriate to require the reporting and exchange of information that is subdivided in relation to each crypto-asset with respect to which the crypto-asset user made transactions. |
(16) |
In order to ensure uniform conditions for the implementation of the provisions on the automatic exchange of information between competent authorities, implementing powers should be conferred on the Commission to adopt the practical arrangements necessary for the implementation of the mandatory automatic exchange of information reported by reporting crypto-asset service providers, including a standard form for the exchange of information. Those powers should be exercised in accordance with Regulation (EU) No 182/2011 of the European Parliament and of the Council (6). |
(17) |
Crypto-asset service providers covered by Regulation (EU) 2023/1114 may exercise their activity in the Union through passporting once they have received their authorisation in a Member State. For those purposes, the European Securities and Markets Authority (ESMA) holds a register with authorised crypto-asset service providers. Additionally, ESMA also maintains a blacklist of operators exercising crypto-asset services that require an authorisation under Regulation (EU) 2023/1114. |
(18) |
Crypto-asset operators that do not fall under the scope of Regulation (EU) 2023/1114 but are obliged to report information on the crypto-asset users resident in the Union pursuant to this Directive should be required to register in one single Member State for the purpose of complying with their reporting obligations. |
(19) |
In order to foster administrative cooperation with non-Union jurisdictions, crypto-asset operators that meet certain conditions should be allowed to solely report information on crypto-asset users resident in the Union to the tax authorities of a non-Union jurisdiction insofar as the reported information corresponds to the information set out in this Directive and insofar as there is an effective qualifying competent authority agreement in place with such non-Union jurisdiction. The qualified non-Union jurisdiction would in turn communicate such information to the tax administrations of the Member States where the crypto-asset users are resident. Where appropriate, that mechanism should be enabled to prevent corresponding information from being reported and transmitted more than once. |
(20) |
In order to ensure uniform conditions for the implementation of this Directive, implementing powers should be conferred on the Commission to determine whether information required to be exchanged pursuant to an agreement between the competent authorities of a Member State and a non-Union jurisdiction corresponds to that specified in this Directive. Those powers should be exercised in accordance with Regulation (EU) No 182/2011. Given that the conclusion of agreements with non-Union jurisdictions on administrative cooperation in the area of direct taxation remains within the competence of Member States, the Commission’s action could also be triggered by a request from a Member State. For that purpose, it is necessary that, following the request of a Member State, the Commission also be able to determine the correspondence in advance of an envisaged conclusion of such an agreement. Where the exchange of such information is based on a multilateral competent authority agreement, the Commission should take the decision on correspondence in relation to the whole of the relevant framework covered by such a competent authority agreement. Nevertheless, it should still remain possible for the Commission to take the decision on correspondence, where appropriate, concerning a bilateral competent authority agreement. |
(21) |
Insofar as the international standard on the reporting and automatic exchange of information on crypto-assets, namely the OECD Crypto-Asset Reporting Framework, is a minimum standard or equivalent, which establishes a minimum scope and content of jurisdictions’ implementation thereof, the determination of correspondence of this Directive and the OECD Crypto-Asset Reporting Framework by the Commission, by means of an implementing act, should not be required provided that there is an effective qualifying competent authority agreement in place between the non-Union jurisdictions and all Member States. |
(22) |
Although the G20 endorsed the OECD Crypto-Asset Reporting Framework and recommended its implementation, no decision has been taken yet on whether it would be considered as a minimum standard or equivalent. Pending that decision, this Directive includes two different approaches for determining correspondence. |
(23) |
This Directive does not substitute any wider obligations arising from Regulation (EU) 2023/1114. |
(24) |
In order to foster convergence and to promote consistent supervision of this Directive and Regulation (EU) 2023/1114, competent authorities are to cooperate with other national authorities or institutions and share relevant information. |
(25) |
The exemption from the reporting obligations provided for in this Directive, which is dependent upon the determination of corresponding reporting and exchange mechanisms in relation to non-Union jurisdictions and Member States, should apply only in the area of taxation, and in particular for the purposes of this Directive, and should not be considered as a basis for recognising correspondence in other areas of Union law. |
(26) |
It is crucial to reinforce the provisions of Directive 2011/16/EU concerning the information to be reported or exchanged in order to adapt to new developments of different markets and consequently to effectively tackle identified conducts of tax fraud, tax evasion and tax avoidance. Those provisions should reflect the developments observed in the internal market and at international level, with a view to achieving effective reporting and exchange of information. Consequently, this Directive includes among others the latest amendments to the Common Reporting Standard of the OECD, including the integration of e-money and central bank digital currency provisions, set out in Part II of the Crypto-Asset Reporting Framework and Amendments to the Common Reporting Standard approved by the OECD on 26 August 2022, and the extension of the scope of the automatic exchange of information regarding advance cross-border rulings to certain rulings regarding natural persons. In implementing the latest amendments to the Common Reporting Standard, as included in this Directive, and as already mentioned in the recitals of Council Directive 2014/107/EU (7) with respect to the original version of the Common Reporting Standard, Member States should use the Commentaries on the Model Competent Authority Agreement and the Common Reporting Standard, now including the latest amendments to the Common Reporting Standard, as sources of illustration or interpretation and in order to ensure consistency in application across Member States. |
(27) |
Electronic money, as defined in Directive 2009/110/EC of the European Parliament and of the Council (8), is frequently used in the Union, and the volume of transactions and their combined value increase steadily. Electronic money is however not explicitly covered by Directive 2011/16/EU. Member States adopt diverse approaches to electronic money. As a result, related products are not always covered by the existing categories of income and capital of Directive 2011/16/EU. Rules should therefore be introduced to Directive 2011/16/EU in order to ensure that reporting obligations apply to electronic money. |
(28) |
In order to close loopholes that allow tax fraud, tax evasion and tax avoidance, Member States should be required to exchange information related to income derived from non-custodial dividends. Income derived from non-custodial dividends should therefore be included in the categories of income subject to the automatic exchange of information. |
(29) |
The taxpayer identification number (TIN) is essential for Member States to match information received with data present in national databases. It increases Member States’ capability of identifying the relevant taxpayers and correctly assessing the related taxes. Therefore, it is important that Member States include the TIN of reported individuals and entities in the reporting and communication of information in the context of exchanges related to categories of income and capital subject to the mandatory automatic exchange of information, financial accounts, advance cross-border rulings and advance pricing agreements, country-by-country reports, reportable cross-border arrangements, information on sellers on digital platforms and crypto-assets. |
(30) |
In order to increase the availability of the TIN to the competent authorities of Member States, each Member State should take the necessary measures to require that the TIN of individuals and entities issued by the Member State of residence be reported with respect to income from employment, director’s fees and pensions and with respect to advance cross-border rulings and advance pricing arrangements, country-by-country reports and reportable cross-border arrangements. Such measures can comprise, but are not limited to, the introduction, by the transposition deadline set out in this Directive, of domestic legal requirements to report the TIN. Moreover, following the entry into force of Council Directive (EU) 2022/2523 (9) and, in the light of the rules on safe harbours set out in that Directive, it is important to ensure proper matching, in the context of the mandatory automatic exchange of information on country-by-country reports pursuant to Directive 2011/16/EU. However, it is also recognised by the Member States that there can be rare situations where it is simply not possible for the reporting entity or the reporting individual to collect and report the TIN, including where, despite best efforts, the reporting entity or the reporting individual has not been able to collect the TIN or where a TIN has not been issued to the taxpayer. |
(31) |
Each Member State should include, where it has been obtained by the competent authority of the Member State, the TIN of individuals and entities issued by the Member State of residence in the exchanges related to advance cross-border rulings and advance pricing arrangements, country-by-country reports and reportable cross-border arrangements. |
(32) |
The absence of exchange of rulings concerning natural persons means that the tax administrations of the Member States concerned might not be aware of those rulings. There is therefore a risk that opportunities for tax fraud, tax evasion and tax avoidance will be created. In order to reduce that risk, and in order to reduce the administrative burden, the automatic exchange of advance cross-border rulings should extend to such rulings where the amount of the transaction or series of transactions of the advance cross-border ruling exceeds a specific threshold. |
(33) |
Advance cross-border rulings that determine whether a person is or is not a resident for tax purposes in the Member State issuing the ruling should also be exchanged automatically. However, in the interest of proportionality, and in order to reduce administrative burden, some common forms of advance cross-border rulings which can include an element of determination of whether a natural person is or is not resident for tax purposes in a Member State should not, solely on that ground, be subject to the exchange of information on advance cross-border rulings. Advance cross-border rulings on taxation at source with regard to non-residents’ income from employment, director’s fees and pensions should not be exchanged, unless the amount of the transaction or series of transactions of the advance cross-border ruling exceeds the threshold. |
(34) |
A number of Member States are expected to introduce identification services as a simplified and standardised means of identification of service providers and taxpayers. The Member States that wish to make use of that format for identification should be allowed to do so provided that it does not affect the flow and quality of information of other Member States that do not use such identification services. Therefore, the use of identification services should not affect the due diligence procedures or the requirements to collect information. Furthermore, if that approach diverges from the OECD’s corresponding standards on the automatic exchange of information in certain respects, the provisions in this Directive regarding the use of identification services should not impact the determination of whether information reported and exchanged pursuant to an agreement between the competent authorities of a Member State and a non-Union jurisdiction is equivalent to or corresponds to that specified in this Directive. |
(35) |
It is important that, as a matter of principle, the information communicated under Directive 2011/16/EU is used for the assessment, administration and enforcement of taxes which are covered by the material scope of that Directive. However, uncertainties regarding the use of information have arisen due to an unclear framework. Given the link between tax fraud, tax evasion and tax avoidance, and money laundering, also in terms of enforcement, it is appropriate to clarify that it should also be possible to use information communicated between Member States for the assessment, administration and enforcement of customs duties and for anti-money laundering and combating the financing of terrorism. |
(36) |
Considering the amount and the nature of the information collected and exchanged on the basis of Directive 2011/16/EU, that information can be useful in certain further areas. While the use of that information in other areas should as a general rule be restricted to areas approved by the Member State communicating the information in accordance with this Directive, there is a need to allow for a broader use of the information in situations presenting particular and serious characteristics and where it has been agreed at Union level to take action. Such situations would in particular be those where decisions have been taken pursuant to Article 215 of the Treaty on the Functioning of the European Union regarding restrictive measures. Information exchanged under Directive 2011/16/EU can be very relevant for the detection of violation or circumvention of restrictive measures. In return, any potential breaches of restrictive measures will be relevant for tax purposes, since avoidance of restrictive measures will in most cases also amount to tax avoidance in relation to the assets concerned. Given the likely synergies and close link between the detection of avoidance of restrictive measures and the detection of tax avoidance, the authorisation of a further use of the information is therefore appropriate. |
(37) |
It is essential that the information communicated under Directive 2011/16/EU is used by the competent authority of each Member State which receives that information. Therefore, it is appropriate to require the competent authority of each Member State to put in place an effective mechanism to ensure the use of information acquired through the reporting or the exchange of information under Directive 2011/16/EU. Such use of information can include, for instance, voluntary compliance programs, notifications to generate disclosure, awareness campaigns, prefilling tax returns, risk assessments, limited audits, general audits, tax coding, tax estimation, assimilation into domestic systems and other tax-related measures. |
(38) |
In order to enhance the efficient use of resources, facilitate the exchange of information and avoid the need for each Member State to make similar changes to their systems for storing information, a central directory should be established for information to be communicated on crypto-assets, accessible to all Member States and only for statistical purposes to the Commission, to which Member States would upload and store reported information, instead of exchanging that information by secured email. Member States should only be permitted to access data in that central directory relating to their own residents. All access and restrictions of access to the central directory should be in line with requirements under Regulation (EU) 2016/679 of the European Parliament and of the Council (10). In order to ensure uniform conditions for the implementation of this Directive, implementing powers should be conferred on the Commission to adopt the practical arrangements necessary for the establishment of such central directory. Those powers should be exercised in accordance with Regulation (EU) No 182/2011. |
(39) |
In order to ensure uniform conditions for the implementation of this Directive, implementing powers should be conferred on the Commission to develop a tool allowing an electronic and automated verification of the correctness of the TIN that has been provided by the taxpayer or the reporting entity or reporting individual. Those powers should be exercised in accordance with Regulation (EU) No 182/2011. The IT tool to be provided to Member States is intended to help increase the matching rates for tax administrations and improve the quality of the exchanged information in general. |
(40) |
The minimum retention period of records of information obtained through the exchange of information between Member States pursuant to Directive 2011/16/EU should not be longer than necessary but, in any event, not shorter than five years. Member States should not retain information longer than necessary to achieve the purposes of this Directive. |
(41) |
Reporting financial institutions, intermediaries, reporting platform operators, reporting crypto-asset service providers or competent authorities of Member States are data controllers within the meaning of Regulation (EU) 2016/679. Where two or more of those controllers jointly determine the purposes and means of processing of personal data, they are considered to be joint controllers. For example, competent authorities of Member States are considered to be joint controllers of the central directory, having jointly agreed on the personal data to be processed and the manner of processing. |
(42) |
In order to ensure proper enforcement of the rules under this Directive, Member States should lay down rules on penalties applicable to infringements of national provisions adopted pursuant to provisions of this Directive on the mandatory automatic exchange of information reported by reporting crypto-asset service providers, and should take all measures necessary to ensure that they are implemented. While the choice of penalties remains within the discretion of Member States, the penalties provided for should be effective, proportionate and dissuasive. |
(43) |
For the sake of harmonising the timing between the evaluation of the application of Directive 2011/16/EU and the biennial evaluation of the relevance of hallmarks in Annex IV of this Directive, the timing of those evaluation processes should be aligned. |
(44) |
Taking into account the judgment of the Court of Justice of 8 December 2022 in Case C-694/20, Orde van Vlaamse Balies and Others (11), Directive 2011/16/EU should be amended in such a manner that its provisions do not have the effect of requiring lawyers acting as intermediaries, where they are exempt from the reporting obligation on account of the legal professional privilege by which they are bound, to notify any other intermediary that is not their client of that intermediary’s reporting obligations. However, any intermediaries that are exempt from the reporting obligation because of the legal professional privilege by which they are bound should remain required to notify without delay their client of that client’s reporting obligations. |
(45) |
The European Data Protection Supervisor was consulted in accordance with Article 42(1) of Regulation (EU) 2018/1725 of the European Parliament and of the Council (12) and delivered an opinion on 3 April 2023 (13). |
(46) |
This Directive respects the fundamental rights and observes the principles recognised by the Charter of Fundamental Rights of the European Union (the ‘Charter’). In particular, this Directive ensures full respect for the right of protection of personal data enshrined in Article 8 of the Charter. In that regard, it is important to recall that Regulations (EU) 2016/679 and (EU) 2018/1725 apply to the processing of personal data under Directive 2011/16/EU. Furthermore, this Directive seeks to ensure full respect for the freedom to conduct business. |
(47) |
Since the objective of Directive 2011/16/EU, namely the efficient administrative cooperation between Member States under conditions compatible with the proper functioning of the internal market, cannot be sufficiently achieved by the Member States but can rather, by reason of the uniformity and effectiveness required, be better achieved at Union level, the Union may adopt measures, in accordance with the principle of subsidiarity as set out in Article 5 of the Treaty on European Union. In accordance with the principle of proportionality as set out in that Article, this Directive does not go beyond what is necessary in order to achieve that objective. |
(48) |
Directive 2011/16/EU should therefore be amended accordingly, |
HAS ADOPTED THIS DIRECTIVE:
Article 1
Directive 2011/16/EU is amended as follows:
(1) |
Article 3 is amended as follows:
|
(2) |
Article 8 is amended as follows:
|
(3) |
Article 8a is amended as follows:
|
(4) |
Article 8ab is amended as follows:
|
(5) |
in Article 8ac(2), first subparagraph, the following point is added:
|
(6) |
the following Article is inserted: ‘Article 8ad Scope and conditions of mandatory automatic exchange of information reported by Reporting Crypto-Asset Service Providers 1. Each Member State shall take the necessary measures to require Reporting Crypto-Asset Service Providers to fulfil the reporting requirements and carry out the due diligence procedures laid down in Sections II and III of Annex VI, respectively. Each Member State shall also ensure the effective implementation of, and compliance with, such measures in accordance with Section V of Annex VI. 2. Pursuant to the applicable reporting requirements and due diligence procedures contained in Sections II and III of Annex VI, respectively, the competent authority of a Member State where the reporting referred to in paragraph 1 of this Article takes place shall, by means of automatic exchange, and within the time limit laid down in paragraph 6 of this Article, communicate the information specified in paragraph 3 of this Article to the competent authorities of the Member States concerned in accordance with the practical arrangements adopted pursuant to Article 21. 3. The competent authority of a Member State shall communicate the following information regarding each Reportable Person:
For the purposes of point (c)(ii) and (iii), the amount paid or received shall be communicated in the Fiat Currency in which it was paid or received. In case the amounts were paid or received in multiple Fiat Currencies, the amounts shall be communicated in a single Fiat Currency, converted at the time of each Reportable Transaction in a manner that is consistently applied by the Reporting Crypto-Asset Service Provider. For the purposes of point (c)(iv) to (ix), the fair market value shall be determined and communicated in a single Fiat Currency, valued at the time of each Reportable Transaction in a manner that is consistently applied by the Reporting Crypto-Asset Service Provider. The information communicated shall specify the Fiat Currency in which each amount is reported. 4. To facilitate the exchange of information referred to in paragraph 3 of this Article, the Commission shall, by means of implementing acts, adopt the necessary practical arrangements, including measures to standardise the communication of the information set out in that paragraph, as part of the procedure for establishing the standard computerised form provided for in Article 20(5). Those implementing acts shall be adopted in accordance with the procedure referred to in Article 26(2). 5. The Commission shall not have access to information referred to in paragraph 3, points (a) and (b). 6. The communication pursuant to paragraph 3 of this Article shall take place using the standard computerised form referred to in Article 20(5) within nine months following the end of the calendar year to which the reporting requirements applicable to Reporting Crypto-Asset Service Providers relate. The first information shall be communicated for the relevant calendar year or other appropriate reporting period as from 1 January 2026. 7. For the purpose of complying with the reporting requirements referred to in paragraph 1, each Member State shall lay down the necessary rules to require a Crypto-Asset Operator to register within the Union. The competent authority of the Member State of registration shall allocate an individual identification number to such Crypto-Asset Operator. Member States shall lay down rules pursuant to which a Crypto-Asset Operator shall register with the competent authority of a single Member State in accordance with the rules laid down in Section V, paragraph F, of Annex VI. Member States shall take the necessary measures to require that a Crypto-Asset Operator whose registration has been revoked in accordance with Section V, subparagraph F(7), of Annex VI can be permitted to register again only if it provides to the authorities of a Member State concerned appropriate assurance as regards its commitment to comply with the reporting requirements within the Union, including any outstanding unfulfilled reporting requirements. 8. Paragraph 7 of this Article shall not apply to Crypto-Asset Service Providers within the meaning of Section IV, subparagraph B(1), of Annex VI. 9. The Commission shall, by means of implementing acts, lay down the practical and technical arrangements necessary for the registration and identification of Crypto-Asset Operators. Those implementing acts shall be adopted in accordance with the procedure referred to in Article 26(2). 10. The Commission shall, by 31 December 2025, establish a Crypto-Asset Operator register where information to be communicated in accordance with Section V, subparagraph F(2), of Annex VI shall be recorded. That Crypto-Asset Operator register shall be available to the competent authorities of all Member States. 11. The Commission shall, by means of implementing acts, following a reasoned request by any Member State or on its own initiative, determine whether the information that is required to be automatically exchanged pursuant to an agreement between competent authorities of the Member State concerned and a non-Union jurisdiction corresponds to that specified in Section II, paragraph B, of Annex VI, within the meaning of Section IV, subparagraph F(5), of Annex VI. Those implementing acts shall be adopted in accordance with the procedure referred to in Article 26(2). A Member State requesting the measure referred to in the first subparagraph shall send a reasoned request to the Commission. If the Commission considers that it does not have all the information necessary for the appraisal of the request, it shall contact the Member State concerned within two months of receipt of the request and specify what additional information is required. Once the Commission has all the information it considers necessary, it shall, within one month, notify the requesting Member State and it shall submit the relevant information to the Committee referred to in Article 26(1). When acting on its own initiative, the Commission shall adopt an implementing act as referred to in the first subparagraph only in respect of a competent authority agreement with a non-Union jurisdiction that requires the automatic exchange of information on an individual or Entity that is a customer of a Reporting Crypto-Asset Service Provider for the purpose of carrying out Reportable Transactions, concluded by a Member State. When determining whether information is corresponding information within the meaning of the first subparagraph in relation to Reportable Transactions, the Commission shall take into due account the extent to which the regime on which such information is based corresponds to that set out in Annex VI, in particular with regard to:
The procedure set out in this paragraph shall also apply for determining that the information is no longer corresponding within the meaning of Section IV, subparagraph F(5), of Annex VI. 12. Notwithstanding paragraph 11, where an international standard on the reporting and automatic exchange of information on crypto-assets is determined to be a minimum standard or equivalent, any determination by the Commission, by means of implementing acts, on whether the information that is required to be automatically exchanged pursuant to the implementation of that standard and the competent authority agreement between the Member State(s) concerned and a non-Union jurisdiction is corresponding information shall no longer be required. That information shall be deemed to correspond to the information that is required under this Directive, provided that there is a competent authority agreement in place between the competent authorities of all Member States concerned and the non-Union jurisdiction that requires the automatic exchange of information on an individual or Entity that is a customer of a Reporting Crypto-Asset Service Provider for the purpose of carrying out Reportable Transactions. The corresponding provisions in this Article and in Annex VI shall no longer apply for such purposes.’ |
(7) |
Article 16 is amended as follows:
|
(8) |
in Article 18, the following paragraph is added: ‘4. The competent authority of each Member State shall put in place an effective mechanism to ensure the use of information acquired through the reporting or the exchange of information under Articles 8 to 8ad.’ |
(9) |
in Article 20, paragraph 5 is replaced by the following: ‘5. The Commission shall adopt implementing acts laying down standard computerised forms, including the linguistic arrangements, in the following cases:
Those standard computerised forms shall not exceed the components for the exchange of information listed in Articles 8a(6), 8ab(14) and 8ad(3), and such other related fields which are linked to those components which are necessary to achieve the objectives of Articles 8a, 8ab and 8ad, respectively. The linguistic arrangements referred to in the first subparagraph of this paragraph shall not preclude Member States from communicating the information referred to in Articles 8a and 8ab in any of the official languages of the Union. However, those linguistic arrangements may provide that the key elements of such information shall also be sent in another official language of the Union. The implementing acts referred to in this paragraph shall be adopted in accordance with the procedure referred to in Article 26(2).’ |
(10) |
Article 21 is amended as follows:
|
(11) |
in Article 22, the following paragraphs are added: ‘3. Member States shall retain the records of the information received through the automatic exchange of information pursuant to Articles 8 to 8ad for no longer than necessary but in any event not less than five years from its date of receipt to achieve the purposes of this Directive. 4. Member States shall endeavour to ensure that a reporting entity is allowed to obtain confirmation by electronic means of the validity of the information on the TIN of any taxpayer subject to the exchange of information under Articles 8 to 8ad. The confirmation of the information on the TIN may be requested only for the purposes of validation of the correctness of data referred to in Articles 8(1), 8(3a), 8a(6), 8aa(3), 8ab(14), 8ac(2) and 8ad(3).’ |
(12) |
in Article 23, paragraph 3 is replaced by the following: ‘3. Each Member State shall monitor and assess, in relation to itself, the effectiveness of administrative cooperation in accordance with this Directive, including in combating tax evasion and tax avoidance, and shall communicate the results of its assessment to the Commission once a year. The Commission shall, by means of implementing acts, adopt the form and the conditions of communication for that yearly assessment. Those implementing acts shall be adopted in accordance with the procedure referred to in Article 26(2).’ |
(13) |
Article 25 is amended as follows:
|
(14) |
Article 25a is replaced by the following: ‘Article 25a Penalties Member States shall lay down the rules on penalties applicable to infringements of national provisions adopted pursuant to this Directive and concerning Articles 8aa to 8ad, and shall take all measures necessary to ensure that they are implemented. The penalties provided for shall be effective, proportionate and dissuasive.’ |
(15) |
in Article 27, paragraph 2 is deleted; |
(16) |
the following Article is inserted: ‘Article 27c Reporting and communication of the TIN 1. Each Member State shall take the necessary measures to require that the TIN of reported individuals or entities issued by the Member State of residence be reported by the reporting entity or reporting individual and be communicated by each Member State when explicitly required by, and pursuant to, the Articles and Annexes of this Directive. 2. For taxable periods starting on or after 1 January 2030, each Member State shall take the necessary measures to require that the TIN of residents issued by the Member State of residence be reported, where possible, with respect to the information referred to in Article 8(1), first subparagraph, points (a), (b) and (d), to the extent that those are categories of income and capital on which information would have been communicated even if the TIN was not available. 3. For taxable periods starting on or after 1 January 2028, each Member State shall take the necessary measures to require that the TIN of individuals and entities issued by the Member State of residence be reported, where possible, with respect to the information referred to in Article 8a(6), points (a) and (k), as well as of reported individuals and entities with respect to the information referred to in Article 8aa(3), point (b), and in Article 8ab(14), point (h). 4. For taxable periods starting on or after 1 January 2028, each Member State shall include, where it has been obtained by the competent authority of the Member State, the TIN of individuals and entities issued by the Member State of residence in the communication of the information referred to in Article 8a(6), points (a) and (k), as well as of reported individuals and entities in the communication of the information referred to in Article 8aa(3), point (b), and in Article 8ab(14), point (h).’ |
(17) |
Annex I is amended in accordance with Annex I to this Directive; |
(18) |
Annex V is amended in accordance with Annex II to this Directive; |
(19) |
The text set out in Annex III to this Directive is added as Annex VI. |
Article 2
1. Member States shall adopt and publish, by 31 December 2025, the laws, regulations and administrative provisions necessary to comply with this Directive. They shall immediately inform the Commission thereof.
They shall apply those provisions from 1 January 2026.
When Member States adopt those provisions, they shall contain a reference to this Directive or shall be accompanied by such reference on the occasion of their official publication. The methods of making such reference shall be laid down by Member States.
2. By way of derogation from paragraph 1 of this Article, Member States shall adopt and publish, by 31 December 2027, the laws, regulations and administrative provisions necessary to comply with Article 1, point 11, of this Directive and with Article 1, point 16, of this Directive as regards Article 27c(3) and (4) of Directive 2011/16/EU. They shall immediately inform the Commission thereof.
They shall apply those provisions from 1 January 2028.
When Member States adopt those provisions, they shall contain a reference to this Directive or shall be accompanied by such reference on the occasion of their official publication. The methods of making such reference shall be laid down by Member States.
3. By way of derogation from paragraph 1 of this Article, Member States shall adopt and publish, by 31 December 2029, the laws, regulations and administrative provisions necessary to comply with Article 1, point 16, of this Directive as regards Article 27c(2) of Directive 2011/16/EU. They shall immediately inform the Commission thereof.
They shall apply those provisions from 1 January 2030.
When Member States adopt those provisions, they shall contain a reference to this Directive or shall be accompanied by such reference on the occasion of their official publication. The methods of making such reference shall be laid down by Member States.
4. Member States shall communicate to the Commission the text of the main provisions of national law which they adopt in the field covered by this Directive.
Article 3
This Directive shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.
Article 4
This Directive is addressed to the Member States.
Done at Luxembourg, 17 October 2023.
For the Council
The President
N. CALVIÑO SANTAMARÍA
(1) Opinion of 13 September 2023 (not yet published in the Official Journal).
(2) Opinion of 23 March 2023 (OJ C 184, 25.5.2023, p. 55).
(3) Council Directive 2011/16/EU of 15 February 2011 on administrative cooperation in the field of taxation and repealing Directive 77/799/EEC (OJ L 64, 11.3.2011, p. 1).
(4) Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023 on markets in crypto-assets, and amending Regulations (EU) No 1093/2010 and (EU) No 1095/2010 and Directives 2013/36/EU and (EU) 2019/1937 (OJ L 150, 9.6.2023, p. 40).
(5) Regulation (EU) 2023/1113 of the European Parliament and of the Council of 31 May 2023 on information accompanying transfers of funds and certain crypto-assets and amending Directive (EU) 2015/849 (OJ L 150, 9.6.2023, p. 1).
(6) Regulation (EU) No 182/2011 of the European Parliament and of the Council of 16 February 2011 laying down the rules and general principles concerning mechanisms for control by the Member States of the Commission’s exercise of implementing powers (OJ L 55, 28.2.2011, p. 13).
(7) Council Directive 2014/107/EU of 9 December 2014 amending Directive 2011/16/EU as regards mandatory automatic exchange of information in the field of taxation (OJ L 359, 16.12.2014, p. 1).
(8) Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC (OJ L 267, 10.10.2009, p. 7).
(9) Council Directive (EU) 2022/2523 of 15 December 2022 on ensuring a global minimum level of taxation for multinational enterprise groups and large-scale domestic groups in the Union (OJ L 328, 22.12.2022, p. 1).
(10) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).
(11) Judgment of the Court of Justice of 8 December 2022, Orde van Vlaamse Balies and Others, C-694/20, ECLI:EU:C:2022:963.
(12) Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39).
ANNEX I
Annex I to Directive 2011/16/EU is amended as follows:
(1) |
Section I is amended as follows:
|
(2) |
in Section VI, paragraph 2, point (b) is replaced by the following:
|
(3) |
in Section VII, the following paragraph is inserted:
|
(4) |
Section VIII is amended as follows:
|
(5) |
in Section IX, the following paragraph is added: ‘In order to achieve the purposes of this Directive, records referred to in the first paragraph, point (2), shall remain available not longer than necessary but in any event not less than five years.’; |
(6) |
the following section is added: ‘SECTION XI TRANSITIONAL MEASURES Notwithstanding Section I, subparagraph A(1), point (b), and subparagraph A(6a), with respect to each Reportable Account that is maintained by a Reporting Financial Institution as of 31 December 2025 and for reporting periods ending by the second calendar year following such date, information with respect to the role(s) by virtue of which each Reportable Person is a Controlling Person or Equity Interest holder of the Entity is only required to be reported if such information is available in the electronically searchable data maintained by the Reporting Financial Institution.’. |
(*1) Council Directive (EU) 2023/2226 of 17 October 2023 amending Directive 2011/16/EU on administrative cooperation in the field of taxation (OJ L, 2023/2226, 24.10.2023, ELI: http://data.europa.eu/eli/dir/2023/2226/oj).’;’
ANNEX II
Annex V to Directive 2011/16/EU is amended as follows:
(1) |
in Section I, paragraph C, the following subparagraph is added:
|
(2) |
in Section II, subparagraph B(3) is deleted; |
(3) |
in Section III, paragraph B, the following subparagraph is added:
|
(4) |
in Section IV, subparagraph F(5), the introductory wording is replaced by the following:
|
ANNEX III
‘ANNEX VI
REPORTING REQUIREMENTS, DUE DILIGENCE PROCEDURES AND OTHER RULES APPLICABLE TO REPORTING CRYPTO-ASSET SERVICE PROVIDERS
This Annex lays down the reporting requirements, due diligence procedures and other rules to be applied by the Reporting Crypto-Asset Service Providers in order to enable Member States to communicate, by automatic exchange, the information referred to in Article 8ad.
This Annex also lays down the rules and administrative procedures that Member States are to have in place in order to ensure the effective implementation of, and compliance with, the reporting requirements and the due diligence procedures set out herein.
SECTION I
OBLIGATIONS OF REPORTING CRYPTO-ASSET SERVICE PROVIDERS
A. |
A Reporting Crypto-Asset Service Provider as defined in Section IV, subparagraph B(3), is subject to the reporting and due diligence requirements set out in Sections II and III, respectively, in a Member State, if it is:
|
B. |
A Reporting Crypto-Asset Service Provider is subject to the reporting and due diligence requirements set out in Sections II and III, respectively, in a Member State with respect to Reportable Transactions effectuated through a Branch based in a Member State. |
C. |
A Reporting Crypto-Asset Service Provider that is an Entity is not required to complete the reporting and due diligence requirements set out in Sections II and III, respectively, in a Member State it is subject to pursuant to subparagraph A(2), point (b), (c) or (d), if those requirements are completed by such Reporting Crypto-Asset Service Provider in any other Member State or in a Qualified Non-Union Jurisdiction by virtue of it being resident for tax purposes in such Member State or Qualified Non-Union Jurisdiction. |
D. |
A Reporting Crypto-Asset Service Provider that is an Entity is not required to complete the reporting and due diligence requirements set out in Sections II and III, respectively, in a Member State it is subject to pursuant to subparagraph A(2), point (c) or (d), if those requirements are completed by such Reporting Crypto-Asset Service Provider in any other Member State or in a Qualified Non-Union Jurisdiction by virtue of it being an Entity that (a) is incorporated or organised under the laws of such Member State or Qualified Non-Union Jurisdiction and (b) either has legal personality in the other Member State or Qualified Non-Union Jurisdiction or has an obligation to file tax returns or tax information returns to the tax authorities in the other Member State or Qualified Non-Union Jurisdiction with respect to the income of the Entity. |
E. |
A Reporting Crypto-Asset Service Provider that is an Entity is not required to complete the reporting and due diligence requirements set out in Sections II and III, respectively, in a Member State it is subject to pursuant to subparagraph A(2), point (d), if those requirements are completed by such Reporting Crypto-Asset Service Provider in any other Member State or in a Qualified Non-Union Jurisdiction by virtue of it being managed from such Member State or Qualified Non-Union Jurisdiction. |
F. |
A Reporting Crypto-Asset Service Provider that is an individual is not required to complete the reporting and due diligence requirements set out in Sections II and III, respectively, in a Member State it is subject to pursuant to subparagraph A(2), point (d), if those requirements are completed by such Reporting Crypto-Asset Service Provider in any other Member State or in a Qualified Non-Union Jurisdiction by virtue of it being resident for tax purposes in such Member State or Qualified Non-Union Jurisdiction. |
G. |
A Reporting Crypto-Asset Service Provider is not required to complete the reporting and due diligence requirements set out in Sections II and III, respectively, in a Member State it is subject to pursuant to subparagraph A(2), point (a), (b), (c) or (d), if it has lodged a notification with a Member State in a format specified by such Member State confirming that those requirements are completed by such Reporting Crypto-Asset Service Provider under the rules of any other Member State or Qualified Non-Union Jurisdiction pursuant to criteria that are substantially similar to subparagraph A(2), point (a), (b), (c) or (d), respectively. |
H. |
A Reporting Crypto-Asset Service Provider is not required to complete the reporting and due diligence requirements set out in Sections II and III, respectively, in a Member State with respect to Reportable Transactions it effectuates through a Branch in any other Member State or Qualified Non-Union Jurisdiction, if those requirements are completed by that Branch in such other Member State or Qualified Non-Union Jurisdiction. |
SECTION II
REPORTING REQUIREMENTS
A. |
A Reporting Crypto-Asset Service Provider within the meaning of Section I, paragraphs A and B, shall report the information set out in paragraph B of this Section to the competent authority of the Member State where it is subject to reporting requirements in accordance with Section I. |
B. |
For each relevant calendar year or other appropriate reporting period, and subject to the obligations of Reporting Crypto-Asset Service Providers set out in Section I and the due diligence procedures set out in Section III, a Reporting Crypto-Asset Service Provider shall report the following information with respect to its Crypto-Asset Users that are Reportable Users or that have Controlling Persons that are Reportable Persons:
|
C. |
Notwithstanding subparagraph B(1), the place of birth is not required to be reported unless the Reporting Crypto-Asset Service Provider is otherwise required to obtain and report it under domestic law. |
D. |
The information listed in paragraph B shall be reported annually in the calendar year following the year to which the information relates. The first information shall be reported for the relevant calendar year or other appropriate reporting period as from 1 January 2026. |
E. |
Notwithstanding paragraphs A and D of this Section, a Reporting Crypto-Asset Service Provider within the meaning of Section I, subparagraph A(2), point (a), (b), (c) or (d), shall not be required to provide the information set out in paragraph B of this Section with respect to a Reportable User or Controlling Person for which the Reporting Crypto-Asset Service Provider completes the reporting of such information in a non-Union jurisdiction that is covered by an Effective Qualifying Competent Authority Agreement with the Member State of residence of such Reportable User or such Controlling Person. |
SECTION III
DUE DILIGENCE PROCEDURES
A Crypto-Asset User is treated as a Reportable User beginning as of the date when it is identified as such pursuant to the due diligence procedures described in this Section.
A. |
Due diligence procedures for Individual Crypto-Asset Users The following procedures apply for the purpose of determining whether the Individual Crypto-Asset User is a Reportable User.
|
B. |
Due diligence procedures for Entity Crypto-Asset Users The following procedures apply for the purpose of determining whether the Entity Crypto-Asset User is a Reportable User or an Entity, other than an Excluded Person or an Active Entity, with one or more Controlling Persons who are Reportable Persons.
|
C. |
Requirements for validity of self-certifications
|
D. |
General due diligence requirements
|
SECTION IV
DEFINED TERMS
The following terms have the meaning set out below:
A. |
Reportable Crypto-Asset
|
B. |
Reporting Crypto-Asset Service Provider
|
C. |
Reportable Transaction
|
D. |
Reportable User
|
E. |
Excluded Person
|
F. |
Miscellaneous
|
SECTION V
EFFECTIVE IMPLEMENTATION
A. |
Rules to enforce the collection and verification requirements laid down in Section III
|
B. |
Rules requiring Reporting Crypto-Asset Service Providers to keep records of the steps undertaken and any information relied upon for the performance of the reporting requirements and due diligence procedures and adequate measures to obtain those records
|
C. |
Administrative procedures to verify compliance of Reporting Crypto-Asset Service Providers with the reporting requirements and due diligence procedures Member States shall lay down administrative procedures to verify the compliance of Reporting Crypto-Asset Service Providers with the reporting requirements and due diligence procedures set out in Sections II and III, respectively. |
D. |
Administrative procedures to follow up with Reporting Crypto-Asset Service Providers where incomplete or inaccurate information is reported Member States shall lay down procedures for following up with Reporting Crypto-Asset Service Providers where the reported information is incomplete or inaccurate. |
E. |
Administrative procedure for authorisation of a Crypto-Asset Service Provider The competent authority of a Member State providing authorisation to Crypto-Asset Service Providers in accordance with Regulation (EU) 2023/1114 shall communicate on a regular basis and at the latest before 31 December of the relevant calendar year or other appropriate reporting period to the competent authority under this Directive, if that is a different authority, a list of all authorised Crypto-Asset Service Providers. |
F. |
Administrative procedure for single registration of a Crypto-Asset Operator
|
ELI: http://data.europa.eu/eli/dir/2023/2226/oj
ISSN 1977-0677 (electronic edition)