DAC8 Reporting for Custody Services

Custody services — holding crypto-assets on behalf of clients — represent one of the core CASP activities covered by DAC8. This article examines the specific reporting considerations for custody providers.

Custody Under DAC8

DAC8 defines custody services broadly as the safeguarding or administration of crypto-assets on behalf of clients, or the provision of means to control such assets. This encompasses traditional custodial wallets where the CASP holds the private keys, institutional custody services for corporate and fund clients, escrow services that hold crypto-assets pending completion of a transaction, and staking services where the CASP holds and stakes crypto-assets on behalf of users.

What Custody Providers Must Report

Custody providers must report all transactions involving the crypto-assets they hold on behalf of each user. This includes exchanges executed from the custodial account, transfers from the custodial account to third parties, transfers received into the custodial account from third parties, and any retail payments made from the custodial account.

Additionally, custody providers may need to report the value of crypto-assets held in custody at the end of the reporting period, depending on the specific requirements of the Member State's transposition.

Challenge: Distinguishing Transfers

One of the key challenges for custody providers is classifying transfers correctly. When a user transfers crypto-assets from their custodial account to an external address, the custodian must determine whether the transfer is to another user (reportable as a transfer), to the user's own self-hosted wallet (potentially treated differently), or to another CASP (which may trigger reporting by the receiving CASP as well).

Travel Rule data (collected under MiCA and AML requirements) may assist in this classification, but gaps in information are common, particularly for transfers to self-hosted wallets.

Pure Custody vs Full-Service Providers

Pure custody providers that only hold assets (without executing trades or facilitating exchanges) may have fewer reportable transactions than full-service CASPs. However, they still must collect all required user identification data, obtain self-certifications, report any transfers that occur, and maintain records of assets under custody.

Conclusion

Custody providers face specific DAC8 reporting challenges related to transfer classification and end-of-period valuations. Building clear internal policies for these edge cases, informed by the specific requirements of the home Member State's transposition, is essential for accurate reporting.