Crypto
What is DAC8 and Its Importance in Cryptocurrency Regulation? – OneSafe Blog
DAC8, or the Directive on Administrative Cooperation, represents a pivotal regulatory framework introduced by the European Union that broadens the current tax reporting system to encompass crypto assets. With an effective date set for January 1, 2026, DAC8 necessitates that crypto-asset service providers (CASPs) gather and disclose comprehensive data regarding user transactions to national tax authorities. The report will then be shared across EU member states, thereby enhancing the level of transparency and compliance in the crypto space.
This new regulation is critical because it fills the voids left by past regulations, ensuring that cryptocurrencies are treated in a way similar to conventional financial assets such as bank accounts and stocks. Such a shift is intended to deter tax evasion and augment the accountability of crypto transactions, which have historically functioned in a largely unregulated environment.
What Impact Will DAC8 Have on Small Fintech Startups?
The implications of DAC8 for small fintech startups within the crypto sector are significant and multifaceted. The compliance expenses associated with the new regulation are likely to be disproportionately burdensome for smaller companies, potentially undermining their ability to compete in the marketplace. Given that small startups typically lack the resources to develop or acquire the necessary systems for identity verification, data collection, and secure reporting—each of which is now mandated under DAC8—they may find it more challenging to thrive.
Since larger firms can distribute compliance costs over a broader customer base, smaller startups might face a considerable disadvantage unless they find innovative technological solutions or collaborate with larger providers. This regulatory burden poses the risk of stifling innovation and constraining the capacity of small firms to penetrate the market or effectively expand their operations.
What Compliance Requirements Are Stipulated by DAC8?
DAC8 imposes a range of compliance requirements that CASPs must adhere to, including:
- Data Collection: Firms are required to gather extensive information about their users, covering transaction data as well as customer identities.
- Reporting Obligations: CASPs must report this gathered information to national tax authorities, who will subsequently disseminate it to other EU member states.
- Implementation Timeline: The regulations are set to be implemented on January 1, 2026, with the first reports due by September 30, 2027, capturing data from the 2026 fiscal year.
These compliance demands call for significant investment in the necessary infrastructure, a daunting task for smaller startups. The requirements for technical, legal, and compliance resources can result in both fixed and ongoing variable costs that disproportionately burden smaller firms.
How Does DAC8 Relate to MiCA?
DAC8 operates in conjunction with the Markets in Crypto-Assets (MiCA) regulation, which gained approval in April 2023. While MiCA centers on the licensing and operational standards for crypto firms, DAC8 ensures tax compliance through precise reporting of user data and transactions.
The merging of DAC8 and MiCA aims to construct a comprehensive regulatory framework that addresses both market conduct and tax obligations. Together, they seek to bolster the overall integrity of the crypto market while ensuring that firms operate under a well-defined legal structure.
What Are the Consequences of Non-Compliance?
The repercussions for non-compliance with DAC8 are severe. Should a CASP fail to comply with reporting requirements, they risk facing hefty fines and legal sanctions as determined by national laws. Furthermore, tax authorities gain the authority to freeze or seize crypto assets linked to unpaid taxes, irrespective of the asset’s location outside the firm’s home country.
These stringent enforcement measures highlight the critical nature of compliance for crypto firms operating within the EU. The potential for asset seizure adds urgency for companies to ensure they meet DAC8’s requirements.
How Can Startups Alleviate Compliance Costs?
To adeptly navigate the compliance challenges posed by DAC8 without stifling innovation, small fintech startups can explore several approaches:
- Compliance-as-a-Service Solutions: Collaborating with third-party compliance providers can help startups manage their reporting commitments without a need for extensive in-house resources.
- Industry-Standard APIs: Utilizing established APIs for data collection and reporting can streamline compliance processes and lesson operational demands.
- Niche Markets: By specializing in services that fall outside the complete scope of DAC8’s reporting requirements, startups can reduce some compliance costs.
- Collaborations with Larger Firms: Forming partnerships with established entities in the crypto sector can grant access to shared compliance infrastructure and resources.
Implementing these strategies could equip startups to better position themselves in the evolving regulatory landscape while retaining their innovative capabilities.
Summary: A New Chapter for Crypto Regulation
DAC8 signifies a substantial transformation in the regulatory landscape for the crypto industry, particularly affecting small fintech startups. While the compliance obligations may present challenges, they also open avenues for innovation and collaboration. By grasping the implications of DAC8 and proactively strategizing, startups can navigate the complexities of compliance and sustain growth in the crypto space. In such a rapidly evolving environment, remaining informed and adaptable is paramount to achieving success.
Crypto
Institutional Crypto Adoption ‘Happening Now’: Ripple Executive Says Real-World Use Cases Taking Hold
Key Takeaways:
- Ripple says institutional adoption of digital assets is happening now.
- Craddock states the focus has shifted to infrastructure and real-world use cases.
- Paris events showed strong momentum, with Ripple citing real industry energy.
Institutional Digital Asset Adoption Gains Momentum
Institutional adoption of digital assets is gaining momentum across global finance, marking a decisive shift as major firms move beyond experimentation into active deployment. Ripple’s managing director for the U.K. and Europe, Cassie Craddock, reinforced this momentum on April 20, pointing to Paris Blockchain Week 2026 and related industry events as evidence that large-scale crypto adoption is already underway.
Craddock stated on social media platform X:
“Institutional adoption of digital assets isn’t something that’s on the horizon. It’s happening now.”
“The debate has moved on. The focus is on infrastructure and real-world use cases. And the people I was fortunate enough to spend time with this week are the ones building it. Banks, asset managers, fintechs, and regulators, all discussing how to do this properly and at scale,” she further shared.
The executive tied that view to meetings held across the Ripple Roadshow Paris, Paris Blockchain Week itself, Mastercard Crypto Day at the Eiffel Tower, and Société Générale-FORGE’s event at the French Ministry of Finance. She explained that discussions no longer centered on whether institutions would engage with the sector. Instead, participants examined infrastructure, deployment standards, and real-world use cases that could support broader activity across regulated financial markets.
Paris Events Highlight Structured Industry Buildout
The comments suggest that digital asset conversations among large organizations are becoming more operational. Craddock referenced exchanges with speakers including David Durouchoux, Myles Harrison, and Frédéric Dalibard, while also highlighting the presence of banks, asset managers, fintechs, and regulators. That mix suggests several parts of the financial system are considering similar questions around scale and execution. Rather than focusing on abstract potential, the gatherings in Paris appeared to center on how institutions can build and apply digital asset systems in a structured way.
The Ripple executive added that the people involved in those meetings are “the ones building it.” She also concluded:
“The energy was real, the momentum even more so.”
These remarks reflect Ripple’s view that institutional interest is moving from long-term expectation to active development. By stressing implementation and participation from established financial groups, the post framed Paris Blockchain Week as a signal that digital asset adoption is advancing within mainstream finance.
Crypto
Scattered Spider hacker pleads guilty to stealing $8 million in cryptocurrency – Help Net Security
A British national tied to the Scattered Spider cybercrime group pleaded guilty to hacking multiple companies via SMS phishing and stealing over $8 million in virtual currency from US victims.
Tyler Robert Buchanan, 24, of Dundee, Scotland, pleaded guilty to conspiracy to commit wire fraud and aggravated identity theft.
In November 2024, US authorities unsealed criminal charges against Buchanan and four other alleged members of the Scattered Spider group, accusing them of using phishing text messages to steal employee credentials, breach company systems and steal cryptocurrency.
According to court documents, Buchanan and his co-conspirators conducted cyber intrusions and virtual currency thefts between September 2021 and April 2023.
The victims included interactive entertainment, telecommunications and technology companies, as well as business process outsourcing (BPO) and IT service providers, cloud communications firms, virtual currency companies and individual victims.
“As part of the scheme, Buchanan and his co-conspirators conducted Short Message Service (SMS) phishing attacks by sending hundreds of SMS phishing messages to the mobile telephones of a victim company’s employees. The messages purported to be from the victim company or a contracted IT or BPO supplier for the victim company,” the Justice Department said.
“The SMS phishing messages contained links to phishing websites designed to look like legitimate websites of a victim company or a contracted IT or BPO supplier. The websites then lured the recipient into providing confidential information, including personal identifying information (PII), and account usernames and passwords.”
In April 2023, police found on a digital device at Buchanan’s residence in Scotland the names and addresses of numerous victims, including a text file containing cryptocurrency seed phrases and login credentials for one account.
Buchanan has been in federal custody since April 2025 and faces up to 22 years in federal prison.
Co-conspirator Noah Michael Urban is serving a 10-year federal prison sentence and was ordered to pay $13 million in restitution after pleading guilty in April 2025 to fraud-related charges. Three other defendants charged alongside Buchanan, including Ahmed Hossam Eldin Elbadawy, Evans Onyeaka Osiebo and Joel Martin Evans, still face criminal charges in the case.
Scattered Spider is a cybercrime collective, also known as UNC3944, Muddled Libra and Octo Tempest, made up largely of young, native English-speaking hackers who use social engineering, including impersonating IT and help-desk staff, to gain initial access, bypass MFA, and compromise enterprise networks.
The group gained notoriety for its role in high-profile hacking and extortion attacks against Caesars Entertainment and MGM Resorts International, two of the largest casino operators in the US.
Although authorities have increased pressure on the group and arrested several members, including four they consider responsible for ransomware attacks targeting UK-based retailers last year, the group continues to operate, with new members replacing those arrested.
Key Takeaways:
- Ripple outlines a phased roadmap to prepare XRPL for quantum-era cryptography risks.
- Industry momentum grows as XRPL testing highlights performance and security tradeoffs.
- Developers at Ripple will expand testing to balance innovation with network stability.
Ripple Maps Quantum Security Strategy
Ripple’s post-quantum strategy reflects a growing shift in blockchain security as quantum computing risks gain credibility. The company’s latest Insight, published April 20 by Senior Director of Engineering Ayo Akinyele, outlined a structured roadmap to prepare the XRP Ledger for future cryptographic disruption while preserving network performance.
The Insight stated:
“Ripple is introducing a multi-phase roadmap to prepare the XRP Ledger (XRPL) for a post-quantum future, with a target for full readiness by 2028.”
It also detailed collaboration efforts: “Ripple is working with Project Eleven to accelerate development, including validator testing and early custody prototypes.”
Akinyele explained that quantum security is becoming more relevant because blockchain networks rely on cryptographic systems that could eventually be broken by sufficiently advanced quantum computers. On XRPL, each signed transaction reveals a public key on-chain, which could weaken long-term wallet security in a post-quantum environment.
He also pointed to the “harvest now, decrypt later” threat, where attackers collect cryptographic data today and wait for future quantum capabilities to exploit it. While this does not indicate an immediate failure of current protections, it increases the urgency of preparing systems that secure long-duration value. These risks reinforce the need for early testing of quantum-resistant cryptographic systems and structured migration planning.
XRPL Testing Targets Long-Term Stability
Ripple’s roadmap consists of four phases, starting with contingency planning for a potential failure of existing cryptographic standards. This includes a “Quantum-Day” framework designed to enable secure migration to post-quantum accounts if vulnerabilities emerge. Additional phases focus on evaluating National Institute of Standards and Technology (NIST)-recommended algorithms under real network conditions, measuring impacts on throughput, storage, and verification efficiency. XRPL’s native features, including key rotation and deterministic key generation, provide a technical advantage by enabling gradual migration without forcing users to abandon existing accounts. Parallel testing on development networks will allow developers to assess performance tradeoffs before broader implementation.
The senior director of engineering emphasized long-term execution and coordination, stating:
“We should not view addressing the quantum threat on XRPL as a single upgrade, but rather a multi-phased strategy of carefully migrating a live, global financial infrastructure without compromising the value of digital assets protected by the XRPL.”
Akinyele indicated that achieving post-quantum readiness requires balancing cryptographic innovation with operational stability, ensuring the network remains efficient while adapting to future security challenges.
-
Louisiana4 minutes agoFederal appeals court upholds Texas’ Ten Commandments law. What does it mean for Louisiana?
-
Maine10 minutes agoMaine Republican candidates are upset about their own party’s online poll
-
Maryland16 minutes ago3 men, teen arrested in connection to Maryland car rallies
-
Michigan22 minutes agoHockey roundup: Three Michigan State recruits at U18 worlds; Bruins top Sabres
-
Massachusetts28 minutes agoWrong-way crash closes I-495 southbound in Chelmsford, 1 seriously injured – Boston News, Weather, Sports | WHDH 7News
-
Minnesota34 minutes ago5 tornadoes confirmed in Friday’s outbreak in southeastern Minnesota
-
Mississippi40 minutes agoValincius homer lifts Bulldogs past Memphis
-
Missouri46 minutes ago
Missouri Lottery Mega Millions, Pick 3 winning numbers for April 21, 2026