Introduction
The Common Reporting Standard (“CRS”) was introduced by the Organisation for Economic Co-operation and Development (“OECD”) in 2014 and adopted by Hong Kong in 2016 to enhance international tax transparency and combat cross-border tax evasion. It requires the collection of financial account information from reporting financial institutions (“RFIs”) by tax authorities and automatic exchange of the information of persons with participating tax jurisdictions where the persons are tax residents on an annual basis.
Financial markets have continued to evolve, giving rise to a wide range of investment and financial uses around crypto-assets and new intermediaries and service providers, such as crypto-asset exchanges and wallet providers that are not currently catered for under the existing CRS. To address these concerns, the OECD has developed the following two initiatives:
- Crypto-Asset Reporting Framework (“CARF”), a new tax transparency framework, which provides for the automatic exchange of tax information on transactions in crypto-assets by the source jurisdiction with the jurisdiction of residence of the crypto-asset users and their controlling persons on an annual basis; and
- Amendments to CRS (“CRS 2.0”), which cover digital financial products and provide for enhanced CRS reporting and due diligence requirements.
The Government of the HKSAR will introduce legislative proposals into the Legislative Council in 2026, such that the crypto-asset service providers covered by CARF can collect the required information starting from 2027 for the Inland Revenue Department’s exchange with partner jurisdictions from 2028.
The Government also intends to implement the CRS 2.0 with effect from 1 January 2028, with the first exchange of data under CRS 2.0 in 2029.
The HKSAR Financial Services and the Treasury Bureau and the IRD on 9 December 2025 jointly released a consultation paper on the Implementation of CARF and CRS 2.0. The public is invited to provide feedback by 6 February 2026.
CAFR
CAFR is a new tax reporting framework specifically dealing with crypto assets. It requires transaction-level reporting by crypto-asset service providers.
Crypto-assets covered by CARF
Under CARF, “crypto-asset” refers to a digital representation of value that relies on a cryptographically secured distributed ledger or a similar technology to validate and secure transactions. It must represent a right to value, and that the ownership of, or right to, such value can be traded or transferred to other individuals or entities in a digital manner. It encompasses cryptocurrencies, stablecoins, derivatives issued as crypto-asset, specific non-fungible tokens (NFTs), etc., while central bank digital currencies (“CBDCs”) and specified e-money products are covered under CRS 2.0. Crypto-assets that cannot be used for payment or investment purposes are excluded from the scope of CARF.
Crypto-asset service providers covered by CARF
An individual or entity that, as a business, provides a service executing exchange transactions for or on behalf of customers, including by acting as a counterparty or as an intermediary to such exchange transactions, or by making available a trading platform is a reporting crypto-asset service provider (“RCASP”). Activities of an investment fund investing in relevant crypto-assets are not regarded as executing exchange transactions. Examples of RACASPs include:
- crypto-asset dealers and brokers;
- operators of crypto-asset automated teller machines; and
- centralized and decentralized crypto-asset exchanges.
The CARF introduces comprehensive reporting obligations for RCASPs.
Transactions covered by CARF
Three types of transactions are reportable under CARF, including:
- any exchange between relevant crypto-assets and fiat currencies;
- any exchange between one or more forms of relevant crypto-assets; and
- transfers of relevant crypto-assets.
Criteria of RCASPs subject to reporting
CARF sets out the nexus criteria for determining whether an RCASP is subject to the reporting and due diligence requirements in a jurisdiction. These criteria include:
- tax residency;
- incorporation or organization under the laws of the jurisdiction where the entity has legal personality or obligations to file tax returns;
- management from that jurisdiction; or
- a regular place of business in the jurisdiction.
To avoid duplicative reporting, the above criteria constitute a hierarchy of rules in case an RCASP has a nexus with more than one jurisdiction. An RCASP is not required to complete the reporting and due diligence requirements in a jurisdiction, if such requirements are completed in a partner jurisdiction with a higher reporting nexus.
RCASPs must apply the due diligence procedures for identifying reportable persons, including both individual and entity crypto-asset users or their controlling persons who are tax resident in a reportable jurisdiction. The due diligence procedures build on the anti-money laundering / know your customer obligations and the self-certification process of CRS, supplemented by the enhanced due diligence requirements which are also applicable under CRS 2.0. Reported information includes identification information of each reportable person, identification information of the RCASP and detailed information on crypto transactions (e.g. sales, transfers, crypto-fiat trades, and even certain payment flows) above specified thresholds.
CRS 2.0
CRS 2.0 introduces a series of targeted updates to reflect the evolving financial landscape. These changes cover three main areas, including new digital financial products, enhanced reporting requirements and additions of and clarifications to the definitions and due diligence obligations.
Expanding the scope of financial accounts and financial assets to include digital money products
Certain e-money products and CBDCs (representing a digital fiat currency issued by a central bank) can be considered functionally similar to a traditional bank account from the perspective of customers and may therefore entail tax compliance concerns similar to those associated with bank accounts currently covered by CRS. CRS 2.0 expands the definition of financial accounts to include specified e-money product accounts and CBDC accounts. Additionally, direct investments in crypto-assets, including those made through derivatives and investment vehicles are reportable under CRS 2.0.
New reporting requirements
Additional reporting information for each reportable account includes:
- Type of financial account (g. depository account, custodial account, etc.);
- whether the account is a joint account, as well as the number of joint account holders;
- whether the account is a pre-existing account or a new account;
- the role of controlling persons (e.g. settlor, trustee, beneficial owner, etc.); and
- whether a valid self-certification has been obtained.
Enhanced due diligence requirements (also applicable under CARF)
RFIs or RCASPs should not rely on self-certifications or documentary evidence if they know, or have reason to know, that such information is incorrect or unreliable, for example, when it conflicts with other information RFI or RCASP holds about the user/account holder.
When assessing the reliability of self-certifications, RFIs or RCASPs must consider OECD-published guidance on high-risk Citizenship-by-Investment and Residence-by-Investment schemes which may be potentially misused for hiding the individuals’ assets offshore by escaping reporting under CRS.
RFIs or RCASPs should not rely on the tiebreaker rules under double tax treaty in case of dual tax residency. An individual or entity account holder who is resident for tax purposes in two or more jurisdictions is required to declare all jurisdictions of tax residence and be treated as tax resident in all identified jurisdictions.
Other proposed changes under CRS 2.0
CRS 2.0 contains a new optional category of “qualified non-profit entity” for any genuine non-profit entity that meets all of the specified conditions to be treated as Non-Reporting Financial Institution.
An excluded account category for capital contribution accounts, typically used to block funds for a limited period of time in company incorporation, is created.
CARF vs. CRS 2.0
CARF shares some similarities with CRS 2.0. In essence, CARF focuses on on-chain or crypto transactions whilst CRS 2.0 primarily deals with e-money or digital currencies held in depository or custodial accounts and indirect crypto exposure such as derivatives held in custodial accounts and investment entities employing crypto strategies. CARF is intended to work alongside CRS 2.0 as two separate, but complementary, reporting regimes. The key features of each framework are summarized as below:
Conclusion
CARF and CRS 2.0 collectively address and close the transparency gap between traditional financial systems and digital assets. Their implementation is crucial for maintaining Hong Kong’s reputation as an international financial and business centre. The consultation paper demonstrates Hong Kong’s ongoing efforts in promoting international tax co-operation as a responsible tax jurisdiction.
Wealth managers will need to reassess client account structures as a result of the implementation of CARF and CRS 2.0. For example, a trust or special-purpose vehicle holding crypto investments may generate crypto-related transactions under CARF scope. Any cross-border arrangement may fall under the scope of CRS 2.0 or CARF reporting. Beneficial owners or controlling persons of trusts or entities will face stricter identification requirements.
Hope you find this helpful in understanding more about CARF and CRS 2.0. If you have any questions about this topic, feel free to contact us.
Welcome to follow us:
- WeChat: Fungyu_1964
- Weibo: 丰裕企业服务
- LinkedIn: Fung, Yu & Co.
- FB: Fung, Yu & Co. CPA Limited