Liechtenstein CARF Compliance 2026: Practical Guide for Casps and Blockchain Businesses

Liechtenstein’s Crypto-Asset Reporting Framework (CARF) Act and its accompanying CARF Regulation entered into force on 1 January 2026, making the principality one of the first jurisdictions to transpose the OECD’s global crypto-asset transparency standard into binding domestic law. For crypto-asset service providers (CASPs), custodial wallet operators, brokers, and blockchain businesses registered or operating in Liechtenstein, CARF compliance Liechtenstein is no longer a future planning exercise, it is a live operational obligation that demands immediate action on data collection, client identification, and automated reporting workflows.

This guide delivers the step-by-step checklist that compliance officers, general counsel, and technical leads need to scope their obligations, map data elements, reconcile CARF with existing TVTG licence conditions and CRS requirements, and prepare for the first automatic exchange of information expected in 2027. The timing is especially consequential because Liechtenstein’s April 2026 Pillar Two / GloBE amendments create parallel compliance demands that must be managed alongside CARF implementation.

Executive Summary and Key Action Checklist

Before diving into the technical detail, compliance teams should internalise four essential points about CARF compliance Liechtenstein:

1. Who is affected? Every entity that qualifies as a “Reporting Crypto-Asset Service Provider” under the CARF Act, including licensed CASPs, custodial exchanges, brokers, and certain wallet providers operating from or within Liechtenstein.
2. What must be reported? Prescribed data elements covering user identification, transaction types, aggregate values of exchanges and transfers, and the specific crypto assets involved.
3. When do obligations bite? The CARF Act and Regulation are effective from 1 January 2026; the first reportable period covers calendar year 2026, with the first automatic exchange of information with partner jurisdictions anticipated in 2027.
4. What should you do now? Conduct entity-scoping analysis, gap-assess existing KYC and transaction-logging systems against CARF data elements, and build or procure an automated extraction-validation-submission pipeline.

Immediate 30 / 60 / 90-Day Blockchain Compliance Checklist

• Days 1–30. Confirm whether your entity falls within the definition of a Reporting Crypto-Asset Service Provider; appoint a CARF compliance lead; notify the Steuerverwaltung (Tax Administration) if registration is required.
• Days 1–30. Map your current KYC data fields against CARF-required identification elements (name, address, TIN, date of birth, jurisdiction of tax residence).
• Days 1–30. Inventory every crypto-asset product and service you offer; classify each as a Relevant Crypto Asset or an excluded asset under the CARF definitions.
• Days 31–60. Conduct a gap analysis between existing CRS reporting infrastructure and CARF-specific requirements; document overlaps and net-new fields.
• Days 31–60. Evaluate vendor solutions for on-chain data indexing, ETL (extract-transform-load) processing, and automated CARF XML generation.
• Days 31–60. Update internal policies and TVTG licence documentation to incorporate CARF reporting workflows and data-retention schedules.
• Days 61–90. Build and test the end-to-end data pipeline: collection → enrichment → validation → XML generation → encrypted submission.
• Days 61–90. Train compliance, operations, and engineering teams on CARF data standards, deadlines, and escalation procedures.
• Days 61–90. Run a dry-run submission using sample data to confirm schema compliance and identify formatting errors.
• Days 61–90. Establish a quarterly internal audit cycle to verify data completeness and accuracy ahead of the annual filing deadline.

What Is CARF in Liechtenstein? Key Dates and Scope

The Crypto-Asset Reporting Framework is an international tax-transparency standard developed by the OECD to close the information gap that exists because crypto assets fall outside the scope of the Common Reporting Standard (CRS). Liechtenstein formally committed to implementing CARF through the Multilateral Competent Authority Agreement (MCAA) on the Automatic Exchange of Information regarding Crypto-Assets. The domestic transposition took the form of the CARF Act (CARF-Gesetz) and the CARF Regulation (CARF-Verordnung), both of which entered into force on 1 January 2026, as confirmed by the consolidated text published on Gesetze.li and the KPMG tax alert issued on 8 January 2026. Crypto-asset transparency Liechtenstein now operates under a dual regime: CRS for traditional financial accounts and CARF for crypto-asset transactions.

Legislative Timeline and First Exchange Dates

Industry observers expect the Steuerverwaltung to publish detailed filing instructions, including XML schema specifications and portal access procedures, during the second half of 2026, well ahead of the first reporting deadline. Firms should monitor the official LLV CARF page for updates.

Who Must Report? Entity Scoping and Examples

The CARF Act defines a Reporting Crypto-Asset Service Provider as any person or entity that, as a business, provides services to effect exchange transactions in Relevant Crypto Assets on behalf of customers. This captures licensed CASPs under the Token and Trustworthy Technology Services Act (TVTG), custodial exchanges, brokers and OTC desks, and certain wallet providers, provided they hold custody of assets or execute transactions for clients. The critical test is whether the entity acts as an intermediary that facilitates exchanges between crypto assets and fiat currency, between different crypto assets, or transfers of crypto assets on behalf of users.

Decision Logic for Entity Scoping

1. Does the entity provide services to effect exchange transactions in Relevant Crypto Assets for or on behalf of customers? If yes, proceed to step 2. If no, no CARF reporting obligation.
2. Is the entity tax-resident in Liechtenstein, or does it have a relevant operational nexus (e.g., registered CASP licence Liechtenstein under the TVTG)? If yes, the entity is likely a Reporting Crypto-Asset Service Provider.
3. Does any exclusion apply (e.g., the entity only provides software for self-hosted wallets and never controls private keys)? If yes, document the exclusion. If no, full CARF reporting applies.

Edge Cases: Non-Custodial Wallets, DAOs, and Hybrid Providers

Pure non-custodial wallet software that never touches private keys or facilitates transactions will generally fall outside the definition. However, hybrid providers, for example, a wallet that integrates a swap aggregator or acts as a relayer with control over transaction execution, may cross the threshold. Decentralised autonomous organisations (DAOs) present the most complex analysis, because the CARF framework presumes an identifiable service provider, and the absence of a legal person does not automatically eliminate reporting obligations where identifiable operators or front-end providers exist.

CARF Reporting Requirements, Data Elements and Mapping

The core of CARF compliance Liechtenstein lies in the crypto reporting requirements that oblige providers to collect, retain, and transmit specific data elements to the Steuerverwaltung. These requirements mirror the OECD CARF model rules and are implemented through the CARF Act and Regulation.

Required Data: Party Identification, Transaction Details, and Instruments

Reporting providers must collect and report the following categories of information for each Reportable User and each Relevant Transaction:

• User identification. Full legal name, residential address, jurisdiction(s) of tax residence, taxpayer identification number (TIN) in each reportable jurisdiction, and date of birth.
• Entity users. Entity name, registered address, TIN, and, where applicable, identification of controlling persons (beneficial owners) with the same data elements as individual users.
• Transaction details. The type of transaction (crypto-to-fiat, crypto-to-crypto, or transfer), aggregate gross proceeds or fair market value, number of units transacted, and the date or period of the transactions.
• Crypto-asset identification. The name and, where available, the unique identifier (e.g., token ticker, smart-contract address) of each Relevant Crypto Asset involved.

On-Chain to CARF Field Mapping

Mapping on-chain reporting obligations to CARF fields requires bridging two fundamentally different data architectures: pseudonymous blockchain ledgers and identity-verified customer databases. The table below illustrates how each CARF field can be sourced from a combination of on-chain and off-chain systems.

Beneficial Owner and KYC Linkages

Where the user is an entity, CASPs must look through to the controlling persons and collect full identification data for each beneficial owner holding a controlling interest. This requirement aligns with the existing TVTG and AML/CTF due-diligence obligations, but CARF adds an explicit tax-transparency dimension: TINs and jurisdictions of tax residence must be collected for each controlling person, not merely for AML purposes. Firms should update their onboarding questionnaires and self-certification forms to capture these additional fields at the point of account opening or, for existing clients, through a remediation programme during 2026.

Sample CSV Schema for CARF Data Extraction

The following column structure provides a starting template for building an automated data-extraction pipeline. Firms should adapt it to their specific systems and await the Steuerverwaltung’s final XML schema specification:

ReportingProviderTIN, ReportingProviderName, UserType (Individual/Entity), UserFirstName, UserLastName, UserEntityName, UserAddress, UserJurisdiction, UserTIN, UserDateOfBirth, ControllingPersonFirstName, ControllingPersonLastName, ControllingPersonTIN, ControllingPersonJurisdiction, TransactionType (Exchange/Transfer), CryptoAssetName, CryptoAssetIdentifier, AggregateGrossProceeds, NumberOfUnits, FiatCurrencyCode, TransactionPeriodStart, TransactionPeriodEnd

Operationalising CARF Reporting: Systems, Vendors, and Workflows

Knowing what data to collect is only half the challenge. The operational question, how to prepare automated data exports for CARF reporting, is what separates compliant firms from those facing enforcement risk. This section provides a practical framework for building the end-to-end reporting pipeline.

Data Pipeline Design: Collection → Enrichment → Validation → Submission

1. Collection. Extract raw transaction data from your core trading engine, custody platform, and blockchain indexers. Simultaneously pull user-identification records from the KYC/AML database. Ensure both data streams carry a common user identifier for joining.
2. Enrichment. Enrich on-chain transaction records with fiat-equivalent values using a reliable pricing oracle timestamped to the moment of execution. Tag each transaction with the correct CARF transaction type. Append user TINs and jurisdiction codes from the self-certification repository.
3. Validation. Run automated validation rules against the enriched dataset: verify TIN formats match the jurisdiction’s known patterns, confirm that aggregate values reconcile with the trading ledger, flag missing fields (especially tax-residence certifications) for remediation, and check that all Relevant Crypto Assets are correctly classified.
4. Submission. Generate the final report in the format prescribed by the Steuerverwaltung (expected to be XML consistent with the OECD CARF schema). Encrypt the file in accordance with the authority’s secure-transmission requirements and submit via the designated portal.

Vendor Selection Checklist

Compliance teams evaluating third-party solutions should assess vendors against the following criteria:

• On-chain indexer. Multi-chain coverage; real-time and historical data; ability to decode smart-contract events (swaps, liquidity provisions, token transfers); API reliability and uptime SLAs.
• KYC/identity provider. Integration with existing onboarding flows; support for TIN validation across multiple jurisdictions; secure storage and encryption of personal data consistent with GDPR and Liechtenstein data-protection law.
• Reporting / RegTech tool. Pre-built CARF XML templates; automated validation against OECD schemas; ability to generate CRS and CARF reports from a single data source to avoid duplication; audit-trail functionality for supervisory review.

Data Retention, Encryption, and Quality Assurance

The CARF Act requires reporting providers to retain all records and supporting documentation used to compile CARF reports for a minimum period specified in the legislation. As a practical recommendation, firms should retain records for at least six years, aligning with the general statutory limitation periods under Liechtenstein tax law. All personal data must be stored in encrypted form, with access restricted to authorised compliance and audit personnel. Quarterly internal data-quality audits, comparing reported figures against trading-ledger source records, are strongly recommended. Where specific retention or encryption technical standards have not yet been specified by the Steuerverwaltung, firms should verify current requirements directly with the authority.

Reconciliation: CARF, TVTG (CASP Licence), and CRS / Pillar Two

One of the most significant practical challenges of CARF compliance Liechtenstein is reconciling the new reporting obligations with the existing regulatory stack. Firms holding a CASP licence Liechtenstein under the TVTG already maintain substantial client-identification and transaction-monitoring infrastructure for AML/CTF purposes. The key question is where CARF adds net-new requirements and where existing processes can be leveraged. Separately, the CRS and the recent Pillar Two / GloBE amendments create additional data and reporting demands that must be coordinated with CARF workflows to avoid duplication and inconsistency.

Practical Conflicts and How to Reconcile

The principal risk is data inconsistency: if the TIN collected for CRS purposes differs from the TIN reported under CARF (for example, because a client updated their tax residence and the change propagated in one system but not the other), the automatic exchange may generate discrepancies visible to receiving jurisdictions. The practical solution is to maintain a single “golden source” client record that feeds both CRS and CARF reporting, with change-management controls that ensure updates cascade across all regulatory outputs. For international commercial operations spanning multiple jurisdictions, this single-source-of-truth approach becomes essential.

Timetable, Exchanges, and Enforcement, What to Expect

The CARF Act’s entry into force on 1 January 2026 means that the first reportable period runs from 1 January to 31 December 2026. Reporting providers must compile and submit their annual CARF report to the Steuerverwaltung ahead of the first automatic exchange with partner jurisdictions, which is anticipated in 2027. The exact filing deadline will be specified by the Steuerverwaltung and is expected to follow a schedule similar to the existing CRS calendar, with reports due in the first half of the year following the reportable period.

Enforcement and Supervisory Expectations

The CARF Act empowers the Steuerverwaltung to conduct compliance reviews, request supporting documentation, and impose penalties for failures to report, late reporting, or submission of inaccurate data. While specific penalty amounts and enforcement thresholds have not yet been tested in practice, industry observers expect the Steuerverwaltung to adopt a supervisory approach consistent with its existing CRS enforcement posture, prioritising education and remediation in the first cycle, while reserving formal sanctions for wilful non-compliance or repeated failures. Firms should not take this as a reason to delay: early and proactive engagement with the authority is strongly recommended.

Practical recommendation: Where public guidance on specific enforcement procedures or penalty scales is not yet available, verify current requirements directly with the Steuerverwaltung via the official LLV CARF page.

Quick Practical Checklist and Sample Submission Walkthrough

The following five-step workflow illustrates the end-to-end process from a single reportable transaction through to submission:

1. Detect. A customer executes a crypto-to-fiat exchange on your platform (e.g., 2.5 ETH sold for CHF). Your trading engine logs the order, counterparty, timestamp, and settlement details.
2. Map. The compliance pipeline classifies this as a “Crypto-to-Fiat Exchange” transaction type, records the gross fiat proceeds in CHF, tags the crypto asset as “ETH” with its contract identifier, and links the transaction to the customer’s internal account ID.
3. Enrich. The pipeline pulls the customer’s KYC record, name, address, TIN, jurisdiction of tax residence, and appends it to the transaction record. The fiat-equivalent value is confirmed against the pricing oracle at the moment of execution.
4. Validate. Automated rules verify: TIN format matches the declared jurisdiction; all mandatory fields are populated; the aggregate gross proceeds reconcile with the trading ledger; the crypto-asset identifier is in the approved asset registry.
5. Submit. The validated record is aggregated with all other reportable transactions for the calendar year, formatted into the prescribed XML schema, encrypted, and transmitted to the Steuerverwaltung portal.

Records to retain for each reportable transaction:

• Raw trading-engine order log (including timestamps and counterparty data)
• KYC self-certification form (original and any updates)
• Pricing-oracle snapshot at execution time
• Validation-rule output log (pass/fail for each field)
• Final XML submission file and transmission receipt from the Steuerverwaltung portal
• Any correspondence with the Steuerverwaltung relating to the submission

Conclusion: Achieving CARF Compliance Liechtenstein in 2026

CARF compliance Liechtenstein is a defining regulatory compliance challenge for every crypto-asset business operating in or from the principality in 2026. The obligations are live, the data-collection requirements are granular, and the first automatic exchange window is approaching. Firms that act now, scoping their reporting status, upgrading KYC intake to capture TINs and tax-residence certifications, building automated reporting pipelines, and reconciling CARF with TVTG licence conditions and CRS obligations, will be well positioned to meet the first filing deadline with confidence. Those that delay risk enforcement exposure and reputational damage at a moment when cross-border crypto-asset transparency is becoming a regulatory baseline worldwide.

For jurisdiction-specific guidance, consult the Global Law Experts lawyer directory to connect with qualified advisors across Liechtenstein and the broader EEA.

Last reviewed: 18 May 2026

Sources

1. Liechtenstein National Administration, CARF (English)
2. Liechtenstein Steuerverwaltung, CARF (DE)
3. Gesetze.li, Consolidated CARF Act / MCAA Enacted Text
4. OECD, CARF Commitments
5. KPMG, Liechtenstein: Enacted CARF Regulation (Tax Alert)
6. Chambers, CARF, MCAA, and CRS Addendum: Cross-Border Tax Compliance from 2026
7. Bergt.Law, Crypto-Asset Transparency 2.0: Liechtenstein CARF Act and CRS Revision
8. Global Law Experts, Liechtenstein GloBE Compliance 2026