From 1 April 2026, New Zealand-based Reporting Crypto-Asset Service Providers must collect and report information about crypto-asset users operating through them.
The information we require focuses on crypto-assets that can be transferred and held outside of banks and other traditional financial intermediaries.
User information to report
For each reportable user, Reporting Crypto-Asset Service Providers (RCASPs) must report the following details.
Users who are individuals and controlling persons:
- first and last name
- date of birth
- residence address
- jurisdictions where the user is tax resident
- tax identification number (TIN), for example an IRD number for New Zealand tax residents.
Users who are entities:
- legal name
- address
- jurisdictions where the user is tax resident
- tax identification number (TIN) for each reportable person, for example an IRD number for New Zealand tax residents
- roles of each controlling person
- if it applies — details about why the entity qualifies as an active entity or an excluded person.
Tax identification number (TIN)
RCASPs must collect the TIN for crypto-asset users for each jurisdiction where the user is tax resident, if that country is a reportable jurisdiction for CARF purposes.
There are exceptions to this TIN requirement if the user is a tax resident in a country where 1 of the following applies - the country:
- does not issue TINs
- does not require the collection of the TINs they issue.
Relevant transactions
For all reportable users, RCASPs must report the following types of relevant transactions.
- Exchanges between relevant crypto-assets and fiat currencies.
- Exchanges between different relevant crypto-assets.
- Transfers of relevant crypto-assets, including reportable retail payment transactions.
Reportable retail payment transactions
If an RCASP transfers a payment in relevant crypto-assets from a customer to a merchant for more than USD50,000, the RCASP must report this transfer as a reportable retail payment transaction.
However, if the payment is less than USD50,000, the RCASP should treat the merchant as the crypto-asset user for this transaction and report it as a transfer to the merchant.
RCASPs are not required to treat the customer of the merchant as a crypto-asset user under New Zealand’s AML/CFT guidelines.
Branches
An RCASP is considered to have a regular place of business in any country where it has a branch. A branch is any office, business or unit of an RCASP that is treated as a branch by regulators.
RCASPs must follow reporting and due diligence rules for relevant transactions made through their New Zealand branches.
An RCASP does not need to do New Zealand reporting and due diligence for relevant transactions made through a branch in a partner jurisdiction, as long as the branch follows CARF reporting and due diligence rules in that partner jurisdiction.
If you’re unsure how relevant nexus rules apply to your branch, please email [email protected]
Self-reporting requirements
RCASPs must report the following information about themselves:
- their name
- their registered office address
- their TIN.