Timeline 2024
2024 is defined by Pillar 2 minimum tax implementation, CARF adoption for crypto assets, the launch of MiCA regulation, the EU AI Act entering into force, and DORA preparation – the regulatory landscape enters a new era.
Summary
2024 marks the beginning of a new generation of regulation:
- Pillar 2 / Global Minimum Tax: Numerous jurisdictions (EU, UK, Japan, Canada, etc.) implement the 15% minimum tax for multinational corporations (IIR/QDMTT from January 1, 2024; UTPR follows from January 1, 2025)
- CARF (Crypto-Asset Reporting Framework): OECD standard for automatic exchange of information on crypto asset transactions; first implementations begin
- MiCA (Markets in Crypto-Assets): EU-wide regulatory framework for crypto assets enters fully into force (from July 2024 for stablecoins, fully from December 2024)
- DAC8: EU directive extending automatic information exchange to crypto assets
- EU AI Act: AI regulation (Regulation (EU) 2024/1689) enters into force on August 1, 2024; first prohibitions (unacceptable risk) from February 2025
- DORA (Digital Operational Resilience Act): Regulation (EU) 2022/2554 on digital operational resilience in the financial sector; extensive preparation obligations in 2024, full applicability from January 17, 2025
History
The OECD/G20 Inclusive Framework on BEPS reached political agreement in October 2021 on a global minimum tax of 15% (Pillar Two). In 2022–2023, model rules were adopted and implemented in numerous jurisdictions. From January 1, 2024, the Qualified Domestic Minimum Top-up Tax (QDMTT) / Income Inclusion Rule (IIR) entered into force in many EU states, the UK, and Japan. The complementary Undertaxed Profits Rule (UTPR) became applicable from January 1, 2025.
The OECD published the Crypto-Asset Reporting Framework (CARF) on August 10, 2022 as a consultation draft; the final version was presented in October 2022 alongside the revised CRS. First pilot countries began implementation in 2024; the first exchange round is planned for 2027. In parallel, the EU adopted DAC8 in October 2023 (Directive 2023/2226), transposing CARF into EU law.
The MiCA Regulation (Regulation (EU) 2023/1114) was adopted by the EU Parliament and Council on May 16, 2023 and published in the Official Journal on June 9, 2023. E-money tokens and asset-referenced tokens became subject to licensing from July 2024; all other crypto-asset service providers (CASPs) from December 2024.
The EU AI Act (Regulation (EU) 2024/1689) was adopted on June 13, 2024 and entered into force on August 1, 2024. First prohibitions on AI systems with unacceptable risk apply from February 2025; further requirements become applicable in phases through 2027.
The Digital Operational Resilience Act (DORA) (Regulation (EU) 2022/2554) had entered into force on January 16, 2023. Financial entities and ICT third-party providers had until January 17, 2025 for full compliance; 2024 was the central preparation year.
Scope
Areas affected in 2024:
- Pillar 2: Multinational groups with global revenue over EUR 750 million in participating states
- CARF/DAC8: Crypto-asset service providers (exchanges, brokers, wallet providers)
- MiCA: Issuers of crypto-assets and crypto-asset service providers in the EU
- EU AI Act: Providers and deployers of AI systems in the EU, particularly high-risk AI
- DORA: Financial entities (banks, insurers, investment firms) and their ICT third-party providers in the EU
Key Requirements
- Pillar 2 IIR/UTPR: Parent companies top up tax on subsidiary profits where their ETR is below 15% (IIR); UTPR complements this from 2025 by denying deductions
- CARF: Reporting of user data and transactions (type, volume, consideration) to tax authorities
- MiCA CASP license: Authorization by national authority; whitepaper obligation for token issuers; capital requirements
- DAC8: Reporting obligation for crypto-asset service providers to member state tax authorities from January 1, 2026
- EU AI Act: Prohibitions on AI with unacceptable risk; conformity assessments for high-risk AI; transparency obligations for general-purpose AI
- DORA: ICT risk management, reporting of major ICT-related incidents, resilience testing, oversight of critical ICT third-party providers
Predecessors
Corrections & Errata
3 corrections:
- DAC8 key_date wrong: Council adoption instead of entry into force
- MiCA stablecoin key_date: June 30 instead of July 1, 2024
- MiCA stablecoin date wrong: 'July 2023' instead of 'July 2024'
2 updates:
- DORA missing: Digital Operational Resilience Act 2024 not mentioned
- EU AI Act missing: major 2024 regulation not mentioned
5 clarifications.
1 note.