Luxembourg, Cayman Islands and Canada implement AEOI reforms for CARF and CRS 2.0

The Canada Revenue Agency (CRA) announced on April 10, 2026 that it is reversing a portion of its updated CRS administrative guidance initially released in December 2025. The December guidance had significantly broadened the circumstances under which a partnership could be considered a Canadian tax resident for CRS purposes, including situations where management or decision‑making activities occurred in Canada.

The CRA confirmed that, for the current reporting period, it is reverting to the prior version of paragraph 3.32 of its CRS guidance, effectively narrowing the conditions under which partnerships may be treated as Canadian resident FIs for CRS compliance. The CRA noted that this portion of the guidance remains under review and may be revised again in the future, but no revised language has yet been finalized.

This announcement provides welcome relief to investment funds, private equity structures, and other partnerships with partial Canadian operational presence, many of which had been preparing for expanded CRS registration and reporting obligations following the December 2025 update. However, the temporary nature of the reversal underscores the importance of continued monitoring; any entities with cross‑border structures involving Canada should:

1. Re‑evaluate CRS residency determinations in light of the reverted guidance,
2. Confirm whether any provisional compliance steps taken earlier in 2026 remain necessary, and
3. Monitor closely for further CRA communications or revisions affecting future reporting periods.

Luxembourg has introduced a series of significant AEOI related developments that materially expand reporting and compliance expectations for FIs and other impacted entities. These changes span the adoption of the Crypto‑Asset Reporting Framework (CARF), expanded CRS data requirements, new regulatory and documentation obligations, and increased enforcement activity by the Luxembourg tax authorities. These updates require proactive attention and, in many cases, changes to systems, procedures and internal controls.

Luxembourg has introduced new governance focused requirements aimed at strengthening compliance with CRS and AEOI obligations. Under rules introduced last year and further clarified through recent FAQs, FIs are now required to maintain a Registry of Actions documenting the specific steps taken during the year to comply with AEOI obligations (including FATCA and CRS).

The Registry of Actions must track a range of compliance related activities, including due diligence reviews, classifications, remediation efforts, reporting processes and internal controls. The recently issued FAQs provide additional details on what the registry should contain including any changes to procedures, incident logs, training activities, taxpayer outreach evidence, etc. Failure to maintain this registry can lead to up to 250,000 Euro penalty. 

While this requirement is largely procedural, it represents a meaningful shift toward evidencing compliance, rather than merely performing it. FIs should ensure that a registry has been established, is consistently updated and aligns with Luxembourg tax authority expectations, particularly in light of increased audit activity.

Luxembourg also significantly strengthened its AEOI enforcement framework. The Luxembourg tax authority introduced new penalties, including:

• A fixed penalty of EUR 10,000 for failure to file nil reports;
• Penalties of up to EUR 250,000 for failure to comply with CRS due diligence or reporting obligations.

In conjunction with these increased penalties, Luxembourg has announced a robust audit program covering three distinct types of reviews:

1. Classification audits designed to identify entities that should be treated as reporting FIs, often conducted through targeted inquiries or information requests;
2. Thematic audits focusing on specific CRS or AEOI issues (e.g., due diligence or reporting practices) across one or more reporting years; and
3. In‑depth audits assessing full compliance with due diligence, reporting and recordkeeping requirements.

Given this heightened enforcement environment, FIs should expect increased scrutiny and should ensure that classifications, CRS filings, supporting documentation and internal governance frameworks are robust, well‑documented and defensible.

Luxembourg moved forward with the implementation of the OECD’s CARF as part of the EU’s DAC 8 regime. On April 3, 2026, the Luxembourg tax authority updated its CARF webpage to provide an overview of the new reporting framework applicable to Reporting Crypto‑Asset Service Providers (RCASPs).

CARF is to be enforced on relevant crypto‑asset activities for calendar years beginning on or after Jan. 1, 2026, with the first CARF reports (covering the 2026 calendar year) due by June 30, 2027. The framework significantly expands information reporting obligations related to crypto‑asset transactions and users and represents a major compliance development for entities operating in the digital asset ecosystem.

Entities that may fall within the scope of CARF should assess classification, data capture capabilities and reporting readiness well in advance of the first filing deadline, particularly where existing CRS or FATCA processes do not currently capture crypto‑related data.

Luxembourg has also continued to broaden the scope of CRS reporting, both in terms of what constitutes a reportable financial account and the specific data elements that must now be disclosed. Notably, the definition of a financial account is expanded to include electronic money (e‑money) products and Central Bank Digital Currencies (CBDCs), bringing additional products and account types into scope.

In addition, Luxembourg has introduced new mandatory CRS reporting fields, requiring FIs to disclose enhanced information, such as:

• Whether an account is preexisting or new;
• Confirmation that a valid self‑certification was obtained;
• The number of account holders for joint accounts;
• Specific roles of controlling persons, including distinctions between controlling persons and equity interest holders;
• Whether an account is joint, and further details regarding the nature of ownership or control.

These expanded data requirements go beyond traditional CRS reporting and may necessitate system enhancements, revised onboarding procedures, updated self‑certification reviews and enhanced recordkeeping processes. FIs should evaluate whether current data collection and reporting frameworks are sufficient to meet these new obligations.

As discussed in a prior tax alert, Cayman Islands adoption of CARF and CRS 2.0 means key changes for reporting FIs, the Cayman Islands continues to implement enhanced global tax transparency standards, including the adoption of the OECD’s CARF and CRS 2.0. These reforms introduce material changes for reporting FIs, including accelerated registration and reporting deadlines that affect a broad range of Cayman domiciled funds and investment structures. It is important to note that these accelerated timelines compress compliance windows and require earlier operational readiness than in previous years. Many Cayman FIs have historically structured their compliance calendars around long standing July and September deadlines, and failure to recalibrate processes, controls and service provider coordination could result in missed filings, regulatory exposure and increased costs around remediation efforts.

Under the prior Cayman FATCA and CRS regime, FIs were generally required to complete their initial registration on the DITC portal by April 30 following the year in which the entity became an FI. This uniform April 30 deadline applied to both FATCA and CRS and remained unchanged for many years.

In late 2025, Cayman enacted the Tax Information Authority (International Tax Compliance) (CRS) (Amendment) Regulations, 2025, with most provisions effective Jan. 1, 2026, introducing an accelerated registration framework under CRS 2.0. As a transitional measure, entities that became FIs during calendar year 2025 are permitted to register by April 30, 2026, despite the broader acceleration.

For entities that become FIs on or after Jan. 1, 2026, the registration deadline has been permanently moved to Jan. 31 following the year the entity becomes an FI, representing a three‑month acceleration from the prior April deadline and one of the most operationally impactful changes under CRS 2.0.

Similar changes have been implemented to CRS reporting deadlines. Historically, Cayman Reporting FIs were required to file FATCA and CRS returns by July 31 annually, with a separate CRS Compliance Form due Sept. 15 annually. For the 2025 reporting year (filed in 2026), these legacy deadlines remain in place. However, beginning with 2026 CRS reporting (filed in 2027), both the CRS return and the CRS Compliance Form will be due by June 30, significantly compressing the compliance timeline. FATCA reporting deadlines remain unchanged and continue to be due by July 31.

Entities operating in or through Cayman should continue to assess whether the expanded reporting frameworks affect their classification, onboarding processes or data collection obligations and ensure operational readiness ahead of upcoming filing cycles.

As part of the Cayman Islands’ broader efforts to enhance its international tax transparency and economic substance frameworks, new Principal Point of Contact (PPOC) requirements have been introduced to strengthen local oversight and regulatory accountability for FIs and fund structures.

Under these requirements, PPOC information submitted through the Department for International Tax Cooperation (DITC) electronic portal must identify either (i) a natural person with a physical address in the Cayman Islands or (ii) a legal person that is incorporated, registered or otherwise established in the Cayman Islands and maintains a genuine physical presence in the jurisdiction. Importantly, the PPOC must have a bona fide physical address in Cayman and may not rely solely on a mailing or correspondence address.

Under the original implementation timeline, entities that became FIs during calendar year 2025 were required to identify and submit local PPOC information by April 30, 2026. For entities registered prior to 2025 that had not previously identified a Cayman‑based PPOC, limited transitional relief was introduced, allowing additional time until Jan. 31, 2027 to submit a change form designating a local PPOC. Under this guidance, entities that became FIs in 2025 are also now permitted to identify and submit their local PPOC information by Jan. 31, 2027. On a go forward basis, entities that become FIs in 2026 and subsequent years must submit PPOC information by Jan. 31 of the year following the year in which FI status is triggered, aligning with the accelerated CRS 2.0 registration framework.

This new requirement is particularly significant given the number of impacted funds and FIs and the practical challenges associated with sourcing, onboarding and documenting Cayman‑resident PPOCs.

Affected entities should use the transition period to:

1. Review existing PPOC designations and confirm residency status,
2. Identify and appoint appropriately qualified Cayman‑resident PPOCs where necessary, and
3. Update internal documentation, service provider arrangements and regulatory filings accordingly.

Failure to timely identify and maintain a compliant Cayman‑resident PPOC may result in rejected registrations, increased regulatory scrutiny, follow‑up inquiries from the DITC and potential enforcement/penalty exposure. Given the shortened compliance timelines under CRS 2.0 and the heightened focus on local control and accountability, affected entities should prioritize PPOC compliance to mitigate operational disruption and regulatory risk.