Category: XML Templates Last Updated: 2026-02-12 Applies To: EU DAC8 / OECD CARF XML Schema
---
Overview
Under DAC8 and the OECD CARF framework, Reporting Crypto-Asset Service Providers (RCASPs) must collect self-certification information from their users to determine tax residency. The self-certification is the foundation of the entire reporting process -- without it, you cannot correctly assign users to receiving jurisdictions or populate the required XML fields.
This article explains what a compliant self-certification must contain, provides a practical template, and covers the legal and operational requirements.
What Is a Self-Certification?
A self-certification is a formal declaration by a crypto-asset user stating their tax residency, tax identification number (TIN), and other identifying information. The RCASP relies on this declaration (combined with due diligence procedures) to determine where the user's data must be reported.
Self-certifications are not unique to DAC8 -- they are a standard mechanism in automatic exchange of information frameworks like CRS and FATCA. DAC8 extends this requirement to crypto-asset service providers.
Required Fields
A compliant self-certification must collect, at minimum, the following information:
For Individual Users
| Field | Description | XML Mapping |
|---|---|---|
| Full legal name | First name, middle name (if applicable), last name | Individual/Name |
| Date of birth | In YYYY-MM-DD format | Individual/BirthInfo/BirthDate |
| Place of birth | City and country | Individual/BirthInfo/City, CountryCode |
| Current residential address | Full address including country | Individual/Address |
| Country(ies) of tax residence | One or more jurisdictions | Determines ReceivingCountry |
| TIN for each tax residence country | Tax identification number per jurisdiction | Individual/TIN |
| Nationality | Country of citizenship (if required by jurisdiction) | Individual/Nationality |
For Entity Users
| Field | Description | XML Mapping |
|---|---|---|
| Legal entity name | Registered name of the organisation | Entity/Name |
| Registered address | Official registered address | Entity/Address |
| Country(ies) of tax residence | Jurisdiction(s) of tax residence | Determines ReceivingCountry |
| TIN for each tax residence country | Business tax identification number | Entity/TIN |
| Entity type | Legal form (company, partnership, trust, etc.) | May be required by some jurisdictions |
| Controlling persons | Individuals who control the entity (if applicable) | May require separate self-certification |
Sample Self-Certification Form
Below is a practical template that platforms can adapt. This is provided as guidance; your legal counsel should review the final form for compliance with applicable laws.
Section 1: Account Holder Identification
Full legal name: ___________________________
Date of birth: ____/____/________ (DD/MM/YYYY)
Place of birth (city): ___________________________
Place of birth (country): ________________________
Nationality: ___________________________
Current residential address:
Street: ___________________________
City: ___________________________
Postal/ZIP code: ___________________________
Country: ___________________________
Section 2: Tax Residency Declaration
I declare that I am a tax resident of the following jurisdiction(s):
Country 1: _______________ TIN: ___________________
Country 2: _______________ TIN: ___________________
Country 3: _______________ TIN: ___________________
[ ] I confirm that the TIN(s) provided above are correct and currently valid.
If TIN is not available, please select a reason:
[ ] The jurisdiction does not issue TINs
[ ] I have applied for a TIN but have not yet received it
[ ] Other (please explain): ________________________________
Section 3: Declaration and Signature
I certify that:
1. I am the account holder (or authorised to sign for the account holder).
2. All information provided in this self-certification is true, correct,
and complete to the best of my knowledge.
3. I undertake to notify [Platform Name] within 30 days of any change
in circumstances that would affect the information provided herein,
including any change in tax residency.
4. I understand that this information may be reported to the tax
authorities of the jurisdiction(s) in which I am tax resident,
under the EU Directive on Administrative Cooperation (DAC8) and/or
the OECD Common Reporting and Due Diligence Standard for
Crypto-Assets (CARF).
Signature: _________________________
Date: _________________________
Digital vs. Paper Self-Certification
Digital (Electronic) Self-Certification
Most crypto-asset platforms will collect self-certifications digitally, either during onboarding or as a separate compliance step. Digital self-certification is permitted under DAC8, provided:
- The form captures all required fields
- The user explicitly confirms the declaration (e.g., checkbox or electronic signature)
- The platform stores the submission with a timestamp and an audit trail
- The declaration text is clearly presented and not hidden in terms of service
Implementation in practice:
<!-- Example: storing self-certification metadata in your system -->
<SelfCertification>
<UserId>USR-00042</UserId>
<SubmittedAt>2025-01-15T14:22:00Z</SubmittedAt>
<Method>DIGITAL</Method>
<IPAddress>192.168.1.100</IPAddress>
<FormVersion>v2.1</FormVersion>
<DeclarationAccepted>true</DeclarationAccepted>
</SelfCertification>
Paper Self-Certification
Paper forms may still be used but are less common for crypto platforms. If you accept paper self-certifications:
- Scan and store the signed document securely
- Enter the data into your system with a clear audit trail
- Retain the original document for the period required by applicable law
Timing Requirements
New Users
Self-certification should be collected at or before account opening. Many platforms integrate it into the KYC/onboarding flow. Under DAC8, a new user's self-certification must be obtained before the user can conduct reportable transactions, or within a reasonable timeframe defined by the implementing jurisdiction.
Existing Users (Pre-Existing Accounts)
For users who opened accounts before DAC8 comes into effect, RCASPs have a transitional period to collect self-certifications. The exact deadline depends on the implementation timeline, but platforms should plan to remediate their existing user base well in advance.
Changes in Circumstances
If a user notifies you of a change in tax residency or other relevant information, you must:
- Obtain an updated self-certification
- Adjust your reporting accordingly for the relevant period
- Retain both the old and new self-certification for audit purposes
Reasonableness Test
RCASPs are not expected to independently verify every claim in a self-certification, but they must not accept information that is clearly unreasonable or contradicted by other data they hold. For example:
- If a user claims tax residency in France but their KYC address is in Germany, you should investigate the discrepancy
- If a user provides a TIN that is obviously invalid (e.g., wrong format for the claimed country), you should request correction
This is often called the "reasonableness test" and is a standard concept in CRS/FATCA due diligence that carries over to DAC8.
Data Retention
Self-certifications and supporting documentation must be retained for the period specified by applicable law -- typically at least five years after the end of the reporting period, though some jurisdictions require longer retention. Store self-certifications securely and ensure they are accessible for audit purposes.
Need help with DAC8 reporting?
Our team handles XML generation, TIN validation, and submission for CASPs across all 27 EU Member States.