The OECD just dropped updated CARF FAQs, and they’re worth your attention. Let’s break down what actually matters.
DeFi: The COSI Test Everyone’s Talking About
Non-custodial = safe from CARF?
Not quite.
The FAQs confirm what we’ve suspected: custody isn’t the dividing line. It’s about Control or Sufficient Influence (COSI) over platforms that effectuate transactions.
Where does COSI come from?
MLD5. Problem: it’s largely untested in most jurisdictions. Tax authorities don’t have clear playbooks for applying this to DeFi.
What might trigger COSI?
- Holding administrative keys
- Governance participation (DAOs, tokens)
- Managing frontend interfaces
- Protocol updates and maintenance
- Fee collection mechanisms
The pragmatic move: The OECD gives jurisdictions room to defer COSI implementation until FATF provides more guidance. Smart. It prevents regulatory overreach while keeping tax aligned with AML developments.
NFTs: The Four-Point Test
NFTs escape CARF reporting if ALL apply:
- Not financial assets or fungible crypto-assets
- Not marketed as investments or regulated
- Not “virtual assets” under FATF rules
- Low value (e.g., <$200) and minimal trading
Translation: The OECD wants to exclude “fun” NFTs – loyalty points, tickets, art collectibles – unless they’re functioning like financial products.
The $200 threshold gives concrete guidance, though jurisdictions can set their own definitions.
Branch Nexus: Global Reporting Required
Key clarification: If your only CARF nexus is through a branch, you report all transactions globally, not just local ones.
This significantly expands compliance for international crypto businesses.
Retail Payments: Agent Role Matters
The $50,000 threshold for reportable retail payments now has clarity:
- Agent for customer: Must report as retail payment transaction
- Agent for merchant: Different rules, but still potential obligations
Wrapping & Liquid Staking: Exchange Transactions
Finally settled: Both are Exchange Transactions under CARF, regardless of tax treatment.
WETH, stETH, and similar tokens trigger reporting because they involve exchanging one crypto-asset for another.
The Reality Check
These FAQs show the OECD understands crypto’s complexity. The DeFi implementation deferral and NFT thresholds demonstrate regulatory pragmatism.
For crypto service providers: This isn’t the end. The OECD continues engaging with its Business Advisory Group. More clarifications are coming.
Bottom line: CARF is evolving, but the direction is clear. Better to prepare now than scramble later.
The industry broadly supports this cautious, coordinated approach. It beats regulatory chaos.
