Are you ready to comply with the Swiss implementation of the crypto information exchange standard CARF?
As one of the first countries, Switzerland published its draft legislation for the domestic implementation of the OECD’s Crypto-Asset Reporting Framework (CARF). In particular, on 15 May 2024, the Swiss authorities launched a combined consultation on CARF and the amendments to the Common Reporting Standard (CRS 2.0), proposing respective additions and amendments to the Automatic Exchange of Information (AEI) Act and Ordinance. The consultation runs until 6 September 2024, and new and amended rules are anticipated to come into force on 1 January 2026. While this blog focuses on the Swiss CARF implementation, we will publish a second blog shortly focusing on CRS 2.0 and the more general aspects of the consultation.
With respect to CARF, the consultation documents require Reporting Crypto-Asset Service Providers (RCASPs) in Switzerland to comply with CARF and additionally set out Swiss-specific rights and obligations. The consultation materials should be read in conjunction with the CARF itself as the Swiss legislation does not repeat the definitions and rules already included in the CARF. For a general introduction into CARF with a focus on the scope of crypto service providers affected including practical examples, please refer to our article (co-authored with Pascal Michel form the Swiss Federal Tax Administration (SFTA)) that was published in the April edition of the Expert Focus. In this blog, we highlight the key observations from the draft legislation in relation to CARF:
CARF partner states (draft Act art. 2 para. 1 lit. cbis/cter)
In addition to the existing CRS partner states definition, the draft Act includes a separate CARF partner states definition capturing all jurisdictions with which Switzerland will exchange information under the CARF framework.
Deloitte’s view: The fact that there are separate definitions is a clear indication that the CRS and CARF partner states will not completely overlap, at least not during a transitional phase. Thus, Swiss RCASPs that also qualify as Reporting Swiss Financial Institutions under CRS will have to monitor two separate lists and make sure that the correct actions are applied under each regime.
Providing crypto services as a business (draft Act art. 12b para. 2, draft Ordinance art. 30a para. 4)
An RCASP is a person that, as a business, provides relevant crypto services for or on behalf of customers (CARF sec. III para. B(1)9). The draft Ordinance states that crypto services are provided as a business if the provider either:
- Is a financial intermediary according to art. 2 para. 2 of the Swiss AML Act; or
- Offers the crypto services according to art. 7-10 of the Swiss AML Ordinance, i.e. exceeds any of the relevant thresholds, i.e.:
- Yearly gross revenue exceeding CHF 50’000;
- Establishment or maintenance of more than 20 client relationships per calendar year;
- Discretionary authority over assets from third parties exceeding CHF 5 million; or
- Execution of transactions exceeding a total volume of CHF 2 million per calendar year.
With respect to the thresholds in the AML Ordinance, the explanatory report states that they need to be applied irrespective of whether the provider otherwise is subject to Swiss AML legislation. Furthermore, it clarifies that only crypto services must be considered when the thresholds are tested.
Deloitte’s view:
- While the first prong of the “as a business” definition is clear, the reference to the Swiss AML Ordinance bears the risk that providers that are not otherwise subject to Swiss AML legislation (and who do not study the explanatory report in detail) may incorrectly conclude that they are not covered by the RCASP definition. Thus, in our view, it would be preferable if the thresholds were copied directly into the AEI Ordinance.
- From a materiality perspective, however, we think that the thresholds foreseen are appropriate to ensure that the infrequent provision of crypto services for non-commercial reasons does not result in a qualification as an RCASP. Nevertheless, monitoring the threshold may result in additional burden for certain potential RCASPs. In addition, we believe it would be desirable that entities not (yet) meeting the threshold are given the option to opt into the RCASP definition, e.g. to simplify the CARF implementation process for start-up companies in the crypto space. Similarly, it needs to be clarified what happens if an RCASP does not meet the threshold in single years, which in our view should not result in a loss of the RCASP status.
Swiss nexus details (draft Act art. 12b para. 1, draft Ordinance art. 30a para. 1-3)
The CARF establishes five points of connection (nexus) that link an RCASP to a jurisdiction: (1) tax residence in a jurisdiction, (2) incorporation or organization under the laws of a jurisdiction AND either legal personality in the jurisdiction or tax filing obligations in the jurisdiction, (3) management from a jurisdiction, (4) regular place of business in a jurisdiction, and (5) effectuating crypto transactions through a branch in a jurisdiction. For a Swiss nexus, the draft Ordinance provides further interpretation, namely:
- That tax residence in Switzerland means personal affiliation according to the Swiss Federal Direct Tax Act;
- What qualifies as a relevant tax filing obligation; and
- That a branch in Switzerland refers to an economic affiliation according to the Swiss Federal Direct Tax Act.
Furthermore, the explanatory report provides welcome clarification that the second nexus “incorporation or organization under the laws of Switzerland AND … tax filing obligations in Switzerland” is only applicable to entities that do not have legal personality in Switzerland, e.g. partnerships.
Deloitte’s view: Unfortunately, various questions regarding the relevant nexuses are not addressed in the consultation material, e.g.:
- What types of management are relevant under the third nexus “management from Switzerland”, considering that the place of effective management for a corporate entity is already covered via the personal affiliation under the first nexus “tax residence in Switzerland”?
- What scenarios are covered by the fourth nexus “regular place of business in Switzerland”, considering that an economic affiliation is covered by the branch nexus?
- How should the nexus of a trust be established?
Relevant and Swiss RCASPs (draft Act art. 2 para. 1 lit dbis /dter, draft Ordinance art. 35b para. 1-3)
The Swiss legislation introduces two types of RCASPs, which have different obligations (see further below):
- Relevant RCASP, i.e. all RCASPs who have a nexus to Switzerland, irrespective of whether they also have a nexus to any other jurisdiction; and
- Swiss RCASPs, i.e. the sub-population of relevant RCASPs who must fulfil the CARF due diligence and reporting obligations in Switzerland. A relevant RCASP qualifies as a Swiss RCASP, unless it is exempt from fulfilling the CARF due diligence and reporting obligations in Switzerland because it fulfils them in another jurisdiction. Furthermore, the draft Ordinance includes a transitional rule excluding relevant RCASPs from the Swiss RCASP definition in 2026 if they would fulfil the CARF obligations in another jurisdiction but such other jurisdiction only implements CARF as of 2027.
Deloitte’s view:
- While the naming convention (relevant vs. Swiss) might not be intuitive when reading the Swiss legislation for the first time, we are optimistic that industry participants will get used to it and that it will be helpful in enabling everyone to understand what obligations they have.
- With respect to the transitional exemption, we assume that this is mainly a “lex USA” to ensure that a US RCASP with a subordinate Swiss nexus does not need to fulfil its CARF obligation in Switzerland in 2026 before complying with CARF in the US in subsequent years (assuming respective rules are implemented in the US as of 2027). While this is a welcome relief for certain industry participants, we question whether it is in line with the often-promoted level playing field because there is no uniform implementation date for all RCASPs with a Swiss nexus.
The main obligations of relevant and Swiss RCASPs (draft Act art. 12c, art. 13a, art. 14a, art. 15 para 1bis/1ter/2bis, art. 41bis para. 3, draft Ordinance art. 31)
As indicated above, relevant and Swiss RCASPs have different obligations in Switzerland:
Deloitte’s view: The extension of the registration requirement to RCASPs that fulfil their due diligence and reporting obligation outside Switzerland is a novelty compared to CRS. Furthermore, as such RCASPs would not have any obligations in Switzerland under the plain rules in the CARF, they may not be aware of their obligations under the Swiss CARF implementation. This coupled with the proposed amendments to the penalty provisions (which will be discussed in more detail in our next blog) seems more problematic. To avoid any penalties, it is strongly recommended that all RCASPs with any Swiss nexus carefully assess their CARF duties in Switzerland.
Use of third-party service providers (draft Act art. 12d)
According to the draft legislation, Swiss RCASPs may rely on a third-party service provider to fulfil the CARF due diligence obligations, but such obligations remain the responsibility of the RCASP.
Deloitte’s view: While this is in line with the CARF, it is noteworthy that – different to the corresponding article in the AEI Act for CRS purposes – the outsourcing of the CARF reporting obligations is not explicitly allowed. We do not see any reason for this discrepancy between CRS and CARF and thus believe the outsourcing of reporting obligations should also be allowed for CARF purposes. Nevertheless, from a legal certainty perspective, it would be preferable if an explicit legal basis is created.
Clarifications on due diligence requirements (draft Act art. 12f, draft Ordinance art. 30d)
Finally, while Swiss RCASPs generally must apply the due diligence procedures set out in the CARF (sec. III) itself, the draft legislation provides for various clarifications, e.g.:
- CARF distinguishes between preexisting and new crypto-asset users with 1 January 2026 as cut-off date. For new crypto-asset users, the draft legislation states that a Swiss RCASP must implement adequate organisational measures to ensure that a self-certification from the user is obtained when the relationship is established (unless a valid self-certification was collected for CRS purposes). For preexisting users, a self-certification needs to be on file latest by 31 December 2026. For RCASPs who do not only provide crypto services, the explanatory report clarifies that the opening date of the overall client relationship is irrelevant when determining whether a crypto-asset user is preexisting or new, and that one must rely on the date when the relationship is extended to include relevant crypto services (or put differently: when the crypto service relationship is established).
- Analogous to CRS, if a Swiss RCASP is not able to confirm the reasonableness of a self-certification within 90 days after establishing the crypto service relationship (see above), it must close the relationship or not execute any crypto transactions until a valid self-certification is obtained.
- Again, analogous to CRS, if a relationship is closed within 90 days of a change in circumstances and the Swiss RCASP was not able to redetermine the user’s tax residence and/or CARF status, it does not need to consider the change for the CARF reporting.
Deloitte’s view:
- The clarification in the explanatory report regarding the establishment of a crypto service relationship will have a huge impact for Swiss RCASPs who want to benefit from the 1-year period to collect a self-certification for preexisting crypto-asset users (i.e. users with a crypto service relationship established before 1 January 2026), which thankfully is not required if a valid self-certification has already been obtained under CRS. Swiss RCASPs that do not only provide crypto services, e.g. banks also providing crypto services, cannot simply rely on the overall relationship opening date in the systems but can only treat clients as preexisting users that can benefit from the 1-year period if crypto services were actually provided to such clients before 1 January 2026.
- While the non-reporting rule following a change in circumstances was copied from the Swiss CRS implementation, we do not understand why the CRS non-reporting rules for preexisting and new accounts were not adapted. Thus, by analogy to the CRS rules, we would suggest that the Swiss authorities include additional exceptions from CARF reporting where:
- A preexisting crypto-asset user closes its relationship before 31 December 2026 and before the Swiss RCASP was able to obtain a valid self-certification; anD
- A new crypto service relationship is established, the Swiss RCASP is unable to confirm the reasonableness of the self-certification at onboarding and subsequently closes the relationship.
Next steps
Summarizing, even though the Swiss CARF legislation primarily refers to the CARF itself and only governs Swiss specifics, it should be carefully analysed by all crypto service providers with a nexus to Switzerland.
Nevertheless, the consultation materials leave a lot of practical questions unanswered. Some of them may be clarified in the Swiss CARF guidance notes (“Wegleitung”), which we – unfortunately – do not expect to be published any time soon but rather close to the 1 January 2026 effective date. Thus, it is time for action now and crypto service providers should conduct an impact assessment (if not done yet) and start addressing the operational aspects. This is particularly important because the adaptation of IT systems and processes to comply with such new regulatory requirements typically take 12-18 months.
How Deloitte can support
Deloitte’s FSI Tax team combines thought leadership regarding CARF interpretation and implementation with in-depth understanding of the financial and crypto industry and applicable business processes as well as long-lasting experience from the implementation of other information reporting regimes (CRS, FATCA, QI etc.). If you need any support determining how you are impacted by CARF or how to comply with CARF, please do reach out to our key contacts below.
Key contacts
Comments
You can follow this conversation by subscribing to the comment feed for this post.
Verify your Comment
Previewing your Comment
This is only a preview. Your comment has not yet been posted.
As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.
Having trouble reading this image? View an alternate.
Posted by: |