2025/2393

5.12.2025

Amending Protocol to the Agreement between the European Union and the Principality of Monaco on the exchange of financial account information to improve international tax compliance in accordance with the Standard for Automatic Exchange of Financial Account Information in Tax Matters developed by the Organisation for Economic Cooperation and Development (OECD)

THE EUROPEAN UNION

and

THE PRINCIPALITY OF MONACO,

both hereinafter referred to, individually, as ‘Contracting Party’ and, jointly, as ‘Contracting Parties’,

WHEREAS the Contracting Parties have a longstanding and close relationship with respect to mutual assistance in tax matters, which consisted, initially, in the application of measures equivalent to those laid down in Council Directive 2003/48/EC ( 1 ) and which was later developed into the Agreement between the European Union and the Principality of Monaco on the exchange of financial account information to improve international tax compliance in accordance with the Standard for Automatic Exchange of Financial Account Information in Tax Matters developed by the Organisation for Economic Cooperation and Development (OECD) ( 2 ) (‘the Agreement’), as amended by the Amending Protocol to the Agreement between the European Community and the Principality of Monaco providing for measures equivalent to those laid down in Council Directive 2003/48/EC ( 3 ) , based upon the reciprocal automatic exchange of information by means of implementing the OECD Standard for Automatic Exchange of Financial Account Information in Tax Matters (‘the Global Standard’),

WHEREAS, following the OECD's first comprehensive review of the Global Standard, amendments to the Global Standard were approved by the OECD's Committee on Fiscal Affairs in August 2022 and were adopted by the OECD Council on 8 June 2023 by means of its revised Recommendation on the International Standards for Automatic Exchange of Information in Tax Matters (‘the update to the Global Standard’),

WHEREAS the OECD comprehensive review identified the increasing complexity of financial instruments and the emergence and use of new types of digital assets and acknowledged the necessity of adapting the Global Standard to ensure comprehensive and effective tax compliance,

WHEREAS, the update to the Global Standard expanded the scope of reporting to include new digital financial products, such as Specified Electronic Money Products and Central Bank Digital Currencies, which offer credible alternatives to traditional Financial Accounts, which are already subject to reporting under the Global Standard,

WHEREAS the new OECD Crypto-Asset Reporting Framework (‘CARF’), which was introduced in parallel to the update to the Global Standard, serves as a complementary mechanism at the global level and is specifically designed to address the rapid development and growth of the Crypto-Asset market,

WHEREAS it was considered imperative to ensure an efficient interaction between those two frameworks, in particular to limit instances of duplicative reporting, by: (i) excluding Specified Electronic Money Products and Central Bank Digital Currencies from the scope of the CARF, given their coverage under the updated Global Standard; (ii) considering Crypto-Assets within the scope of the updated Global Standard to be Financial Assets for the purpose of reporting Custodial Accounts, Equity or Debt Interests in Investment Entities (except in cases of provision of services effectuating exchange transactions for or on behalf of customers, which are covered under the CARF), indirect investments in Crypto-Assets through other traditional financial products or traditional financial products issued in crypto form; and (iii) providing for an optional provision for Reporting Financial Institutions to switch-off gross proceeds reporting for assets that are classified as Crypto-Assets under both frameworks, when such information is reported under the CARF, while continuing to report under the Global Standard all other information, such as account balance,

WHEREAS the CARF has been implemented within the European Union by way of Council Directive (EU) 2023/2226 ( 4 ) , which amended Council Directive 2011/16/EU ( 5 ) , with those provisions applying from 1 January 2026,

WHEREAS the Principality of Monaco has not been identified as a jurisdiction of relevance for the implementation of the CARF by the OECD Global Forum on Transparency and Exchange of Information for Tax Purposes (‘the Global Forum’) at this stage, but remains ready to take all steps necessary to implement and apply the CARF in an expedited manner when the Global Forum deems it to be such a jurisdiction,

WHEREAS, with a view to limiting instances of duplicative reporting, where the Principality of Monaco implements the CARF with regard to Member States, the Contracting Parties should distinguish the scope of application of the Agreement, the CARF (for the Principality of Monaco) and Directive (EU) 2023/2226 (for EU Member States) in a manner consistent with the distinction of the scope of application between the updated Global Standard and the CARF,

WHEREAS, with the aim of improving the reliability and use of the exchanged information, the update to the Global Standard introduces more detailed reporting requirements and strengthened due diligence procedures,

WHEREAS the update to the Global Standard adds a new ‘Excluded Account’ category for Capital Contribution Accounts and a de minimis threshold for reporting of Depository Accounts holding Specified Electronic Money Products,

WHEREAS, for Member States, Regulation (EU) 2016/679 of the European Parliament and of the Council ( 6 ) lays down specific data protection rules in the European Union which also apply to the exchanges of information effected by the Member States that are covered by the Agreement,

WHEREAS the protection of personal data in the Principality of Monaco is governed by Law No. 1.565 of 3 December 2024 relating to the protection of personal data including the conditions of implementation set out by Sovereign Order ( 7 ) ,

WHEREAS, on the date of signing of this Amending Protocol, the European Commission has, so far, not adopted a decision pursuant to Article 45(3) of Regulation (EU) 2016/679 finding that the Principality of Monaco ensures an adequate level of protection of personal data,

WHEREAS both Contracting Parties commit to implementing and observing the specific data protection safeguards set out in the Agreement, including Annex III thereto, in such a way as to ensure that neither Contracting Party may use any justification to refuse to exchange information with the other Contracting Party,

WHEREAS Reporting Financial Institutions, sending Competent Authorities and receiving Competent Authorities, as data controllers, should retain information processed in accordance with the Agreement for no longer than necessary to achieve the objectives thereof and whereas, given the differences in Member States' and the Principality of Monaco's legislation, the maximum retention period for each of the Contracting Parties should be set by reference to the statute of limitations provided by each data controller's domestic tax legislation,

WHEREAS the processing of information under the Agreement is necessary for and proportionate to the purpose of enabling Member States' and the Principality of Monaco's tax administrations to correctly and unequivocally identify the taxpayers concerned, to administer and enforce their tax laws in cross-border situations, to assess the likelihood of tax evasion being perpetrated and to avoid unnecessary further investigations,

HAVE AGREED AS FOLLOWS:

Article 1

The Agreement is amended as follows:

(1) the introductory wording between the title and Article 1 is replaced by the following:

‘THE EUROPEAN UNION

and

THE PRINCIPALITY OF MONACO,

both hereinafter referred to, individually, as “Contracting Party” and, jointly, as “Contracting Parties”,

HAVE AGREED TO CONCLUDE THE FOLLOWING AGREEMENT:’ ;

(2) in Article 1(1), the following subparagraph is added:

‘(m)

the term “Crypto-Asset Reporting Framework” means the international framework for the automatic exchange of information with respect to Crypto-Assets (which includes the Commentaries) developed by the OECD with G20 countries and approved by the OECD on 26 August 2022,’

;

(3) Article 2 is amended as follows:

(a) paragraph 2 is amended as follows:

(i) subparagraphs (a) and (b) are replaced by the following:

‘(a)

the following:

(i) the name, address, TIN(s) and date and place of birth (in the case of an individual) of each Reportable Person that is an Account Holder of the account and whether the Account Holder has provided a valid self-certification;

(ii) in the case of any Entity that is an Account Holder and that, after application of due diligence procedures consistent with Annexes I and II, is identified as having one or more Controlling Persons that is a Reportable Person, the name, address, and TIN(s) of the Entity and the name, address, TIN(s) and date and place of birth of each Reportable Person, as well as the role(s) by virtue of which each Reportable Person is a Controlling Person of the Entity and whether a valid self-certification has been provided for each Reportable Person; and

(iii) whether the account is a joint account, including the number of joint Account Holders;

(b) the account number (or functional equivalent in the absence of an account number), the type of account and whether the account is a Preexisting Account or a New Account;’

;

(ii) the term ‘and’ at the end of subparagraph (f) is deleted;

(iii) the following subparagraph is inserted after subparagraph (f):

‘(fa)

in the case of any Equity Interest held in an Investment Entity that is a legal arrangement, the role(s) by virtue of which the Reportable Person is an Equity Interest holder; and’

;

(b) the following paragraph is added:

‘3. Notwithstanding paragraph 2, subparagraph (e), point (ii), and unless the Reporting Financial Institution has elected otherwise under Section I(F) of Annex I with respect to any clearly identified group of accounts, the gross proceeds from the sale or redemption of a Financial Asset are not required to be exchanged to the extent such gross proceeds from the sale or redemption of such Financial Asset are exchanged by the Competent Authority of Monaco with the Competent Authority of a Member State or by the Competent Authority of a Member State with the Competent Authority of Monaco under the Crypto-Asset Reporting Framework.’ ;

(4) Article 3 is amended as follows:

(a) in paragraph 3, the following subparagraphs are added:

‘Notwithstanding the first subparagraph, for accounts that are treated as a Reportable Account solely by virtue of the amendments to this Agreement made by the Amending Protocol of 13 October 2025, and, with regard to all Reportable Accounts, for the additional information to be exchanged pursuant to the changes made to Article 2(2) under that latter Amending Protocol, information is to be exchanged with respect to the first year as from the entry into force of that Amending Protocol and all subsequent years.

Notwithstanding the first and second subparagraphs, with respect to each Reportable Account that is maintained by a Reporting Financial Institution as of 31 December preceding the entry into force of the Amending Protocol of 13 October 2025 and for reporting periods ending by the second calendar year following such date, information with respect to the role(s) by virtue of which each Reportable Person is a Controlling Person or Equity Interest holder of the Entity is to be exchanged where reported by the Reporting Financial Institution in accordance with Section I, subparagraphs A(1)(b) and A(6a), of Annex I.’ ;

(b) paragraph 4 is replaced by the following:

‘4. The Competent Authorities will automatically exchange the information referred to in Article 2 in a common reporting standard schema in Extensible Markup Language using the Common Transmission System approved by the OECD or any other appropriate system for data transmission that may be agreed in the future.’ ;

(5) Article 6 is amended as follows:

(a) paragraph 1 is replaced by the following:

‘1. In addition to the confidentiality rules and other safeguards provided for in this Agreement, including Annex III, the processing of personal data pursuant to this Agreement shall be subject, (i) in the case of Member States, to Regulation (EU) 2016/679 of the European Parliament and of the Council ( *1 ) , and (ii) in the case of Monaco, to Law No. 1.565 of 3 December 2024 relating to the protection of personal data including the conditions of implementation set out by Sovereign Order ( *2 ) .

For the purpose of the correct application of Article 5, Member States shall restrict the scope of the obligations and rights provided for in Article 13, Article 14(1) to (4) and Article 15 of Regulation (EU) 2016/679 to the extent required in order to safeguard the interests referred to in Article 23(1)(e) of that Regulation. Monaco shall take equivalent measures under its domestic law.

Notwithstanding the preceding subparagraph, each Member State and Monaco shall ensure that each Reporting Financial Institution under their jurisdiction informs each individual Reportable Person concerned (whether a Monaco Person or a Member State Person) that the information referred to in Article 2 relating to them will be collected and transferred in accordance with this Agreement and shall ensure that the Reporting Financial Institution gives that individual all information that he is entitled to under its domestic data protection legislation, and at least the following:

(a) the purpose for which his personal data are processed;

(b) the legal basis for the processing operation;

(d) the identity of the data controllers;

(e) the time-limits for storing the data;

(f) the existence of the right of a person to ask the controller for access to, and rectification and erasure of, their personal data;

(g) the right to seek administrative and/or judicial redress;

(h) the procedure for exercising the right to administrative and/or judicial redress;

(i) the right to apply to the competent data protection supervisory authority or authorities and their contact details.

This information shall be provided in sufficient time for the individual to exercise his data protection rights and, in any case, before the Reporting Financial Institution concerned reports the information referred to in Article 2 to the competent authority of its jurisdiction of residence (being a Member State or Monaco).

Member States and Monaco shall ensure that each individual Reportable Person (whether a Monaco Person or a Member State Person) is notified of a breach of security with regard to his personal data when that breach is likely to adversely affect the protection of his personal data or privacy.

( *1 ) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) ( OJ EU L 119, 4.5.2016, p. 1 )."

( *2 ) “Journal de Monaco”, the official bulletin of the Principality, n o 8725 of 13 December 2024.’;"

(b) paragraph 2 is replaced by the following:

‘2. Personal data processed in accordance with this Agreement shall be retained for no longer than necessary to achieve the purposes of this Agreement and, in any case, in accordance with each data controller's domestic rules on statute of limitations.

Reporting Financial Institutions and the competent authorities of each Member State and Monaco shall be considered to be data controllers, each with respect to the personal data it processes under this Agreement. Data controllers shall be responsible for enforcing personal data protection safeguards, in accordance with the provisions on such safeguards in this Agreement and for the respect of the rights of the data subjects.’ ;

‘5. Notwithstanding the preceding paragraphs, information received by a jurisdiction (being a Member State or Monaco) may be used for other purposes where such information may be used for such other purposes under the laws, including those on the protection of personal data, of the supplying jurisdiction (being, respectively, Monaco or a Member State) and where the Competent Authority of that jurisdiction authorises such use. Information provided by a jurisdiction (being a Member State or Monaco) to another jurisdiction (being, respectively, Monaco or a Member State) may be transmitted by the latter to a third jurisdiction (being another Member State), subject to the application of the safeguards provided for under this Article and in Annex III and subject to prior authorisation by the Competent Authority of the first-mentioned jurisdiction from which the information originated, which authority must have received the necessary data for assessment of the application of the safeguards in question.

Information provided by one Member State to another Member State under its applicable law implementing Council Directive 2011/16/EU on administrative cooperation in the field of taxation may be transmitted to Monaco, subject to prior authorisation by the Competent Authority of the Member State from which the information originated.’ ;

(6) in Article 7, paragraph 2 is replaced by the following:

‘2. If the consultations concern significant non-compliance with this Agreement, and the procedure set out in paragraph 1 does not provide for an adequate settlement, the Competent Authority of a Member State or Monaco may suspend the exchange of information under this Agreement with, respectively, Monaco or a specific Member State, by giving notice in writing to the other Competent Authority concerned. Such suspension will have immediate effect. For the purposes of this paragraph, significant non-compliance includes, but is not limited to: (i) non-compliance with the confidentiality and data safeguard provisions of this Agreement, including Annex III, of Regulation (EU) 2016/679 and of Law No. 1.565 of 3 December 2024 relating to the protection of personal data including the conditions of implementation set out by Sovereign Order, depending on the context, (ii) a failure by the Competent Authority of a Member State or Monaco to provide timely or adequate information as required under this Agreement, and (iii) the designation of Entities or accounts as Non-Reporting Financial Institutions and Excluded Accounts in a manner that frustrates the purposes of this Agreement.’ ;

(7) Article 9 is replaced by the following:

‘Article 9

Termination

Either Contracting Party may terminate this Agreement by giving notice of termination in writing to the other Contracting Party. Such termination will become effective on the first day of the month following a period of 12 months from the date of the notice of termination. In the event of termination, all information previously received under this Agreement will remain confidential and subject (i) in the case of Member States, to the provisions of Regulation (EU) 2016/679 and (ii) in the case of Monaco, to the provisions of Law No. 1.565 of 3 December 2024 relating to the protection of personal data including the conditions of implementation set out by Sovereign Order, and in both cases to the specific data protection safeguards provided for in this Agreement, including those in Annex III.’ ;

(8) Annex I is amended as follows:

(a) in Section I, paragraph A is amended as follows:

(i) the introductory wording and subparagraphs 1 and 2 are replaced by the following:

‘Subject to paragraphs C to F, each Reporting Financial Institution must report to the Competent Authority of its jurisdiction (being a Member State or Monaco) with respect to each Reportable Account of such Reporting Financial Institution:

the following information:

(a) the name, address, jurisdiction(s) of residence (being a Member State or Monaco), TIN(s) and date and place of birth (in the case of an individual) of each Reportable Person that is an Account Holder of the account and whether the Account Holder has provided a valid self-certification;

(b) in the case of any Entity that is an Account Holder and that, after application of the due diligence procedures consistent with Sections V, VI and VII, is identified as having one or more Controlling Persons that are Reportable Persons, the name, address, jurisdiction(s) of residence and TIN(s) of the Entity and the name, address, jurisdiction(s) of residence (being a Member State or Monaco), TIN(s) and date and place of birth of each Reportable Person, as well as the role(s) by virtue of which each Reportable Person is a Controlling Person of the Entity and whether a valid self-certification has been provided for each Reportable Person; and

the account number (or functional equivalent in the absence of an account number), the type of account and whether the account is a Preexisting Account or a New Account;’ ;

(ii) the term ‘and’ at the end of subparagraph 6 is deleted;

(iii) the following subparagraph is inserted after subparagraph 6:

‘6a.

in the case of any Equity Interest held in an Investment Entity that is a legal arrangement, the role(s) by virtue of which the Reportable Person is an Equity Interest holder; and’

;

(b) in Section I, paragraph C of is replaced by the following:

‘C. Notwithstanding subparagraph A(1), with respect to each Reportable Account that is a Preexisting Account, the TIN(s) or date of birth is not required to be reported if such TIN(s) or date of birth are not in the records of the Reporting Financial Institution and is not otherwise required to be collected by such Reporting Financial Institution under domestic law or any European Union legal instrument (if applicable). However, a Reporting Financial Institution is required to use reasonable efforts to obtain the TIN(s) and date of birth with respect to Preexisting Accounts by the end of the second calendar year following the year in which Preexisting Accounts were identified as Reportable Accounts and whenever it is required to update the information relating to the Preexisting Account pursuant to domestic AML/KYC Procedures.’

;

‘F. Notwithstanding subparagraph A(5)(b), and unless the Reporting Financial Institution elects otherwise with respect to any clearly identified group of accounts, the gross proceeds from the sale or redemption of a Financial Asset are not required to be reported to the extent such gross proceeds from the sale or redemption of such Financial Asset are reported by the Reporting Financial Institution under the Crypto-Asset Reporting Framework.’

;

(d) in Section VI, subparagraph A(2)(b) is replaced by the following:

‘(b)

Determining the Controlling Persons of an Account Holder. For the purposes of determining the Controlling Persons of an Account Holder, a Reporting Financial Institution may rely on information collected and maintained pursuant to AML/KYC Procedures, provided that such procedures are consistent with the 2012 FATF Recommendations. If the Reporting Financial Institution is not legally required to apply AML/KYC Procedures that are consistent with the 2012 FATF Recommendations, it must apply substantially similar procedures for the purpose of determining the Controlling Persons.’

;

(e) in Section VII, the following paragraph is inserted after paragraph A:

‘Aa. Temporary lack of self-certification. In exceptional circumstances where a self-certification cannot be obtained by a Reporting Financial Institution in respect of a New Account in time to meet its due diligence and reporting obligations with respect to the reporting period during which the account was opened, the Reporting Financial Institution must apply the due diligence procedures for Preexisting Accounts, until such self-certification is obtained and validated.’

;

(f) in Section VIII, subparagraphs A(5) to (7) are replaced by the following:

‘5.

The term “Depository Institution” means any Entity that:

(a) accepts deposits in the ordinary course of a banking or similar business; or

(b) holds Specified Electronic Money Products or Central Bank Digital Currencies for the benefit of customers.

The term “Investment Entity” means any Entity:

(a) which primarily conducts as a business one or more of the following activities or operations for or on behalf of a customer:

(i) trading in money market instruments (cheques, bills, certificates of deposit, derivatives, etc.); foreign exchange; exchange, interest rate and index instruments; transferable securities; or commodity futures trading;

(ii) individual and collective portfolio management; or

(iii) otherwise investing, administering, or managing Financial Assets, money, or Relevant Crypto-Assets on behalf of other persons; or

(b) the gross income of which is primarily attributable to investing, reinvesting, or trading in Financial Assets or Relevant Crypto-Assets, if the Entity is managed by another Entity that is a Depository Institution, a Custodial Institution, a Specified Insurance Company, or an Investment Entity described in subparagraph A(6)(a).

An Entity is treated as primarily conducting as a business one or more of the activities described in subparagraph A(6)(a), or an Entity's gross income is primarily attributable to investing, reinvesting, or trading in Financial Assets or Relevant Crypto-Assets for the purposes of subparagraph A(6)(b), if the Entity's gross income attributable to the relevant activities equals or exceeds 50 % of the Entity's gross income during the shorter of: (i) the three-year period ending on 31 December of the year preceding the year in which the determination is made; or (ii) the period during which the Entity has been in existence. For the purposes of subparagraph A(6)(a)(iii), the term “otherwise investing, administering, or managing Financial Assets, money, or Relevant Crypto-Assets on behalf of other persons” does not include the provision of services effectuating Exchange Transactions for or on behalf of customers. The term “Investment Entity” does not include an Entity that is an Active NFE because that Entity meets any of the criteria in subparagraphs D(9)(d) to (g).

This paragraph shall be interpreted in a manner consistent with similar language set forth in the definition of “financial institution” in the Financial Action Task Force Recommendations.

The term “Financial Asset” includes a security (for example, a share of stock in a corporation; partnership or beneficial ownership interest in a widely held or publicly traded partnership or trust; note, bond, debenture, or other evidence of indebtedness), partnership interest, commodity, swap (for example, interest rate swaps, currency swaps, basis swaps, interest rate caps, interest rate floors, commodity swaps, equity swaps, equity index swaps, and similar agreements), Insurance Contract or Annuity Contract, or any interest (including a futures or forward contract or option) in a security, Relevant Crypto-Asset, partnership interest, commodity, swap, Insurance Contract, or Annuity Contract. The term “Financial Asset” does not include a non-debt, direct interest in real property.’

;

(g) in Section VIII, the following subparagraphs are added after subparagraph A(8):

‘9.

The term “Specified Electronic Money Product” means any product that is:

(a) a digital representation of a single Fiat Currency;

(b) issued on receipt of funds for the purpose of making payment transactions;

(d) accepted in payment by a natural or legal person other than the issuer; and

(e) by virtue of regulatory requirements to which the issuer is subject, redeemable at any time and at par value for the same Fiat Currency upon request of the holder of the product.

The term “Specified Electronic Money Product” does not include a product created for the sole purpose of facilitating the transfer of funds from a customer to another person pursuant to instructions of the customer. A product is not created for the sole purpose of facilitating the transfer of funds if, in the ordinary course of business of the transferring Entity, either the funds connected with such product are held longer than 60 days after receipt of instructions to facilitate the transfer, or, if no instructions are received, the funds connected with such product are held longer than 60 days after receipt of the funds.

10.

The term “Central Bank Digital Currency” means any digital Fiat Currency issued by a Central Bank, or other monetary authority.

11.

The term “Fiat Currency” means the official currency of a jurisdiction, issued by a jurisdiction or by a jurisdiction's designated Central Bank or monetary authority, as represented by physical banknotes or coins or by money in different digital forms, including bank reserves and Central Bank Digital Currencies. The term also includes commercial bank money and electronic money products (including Specified Electronic Money Products).

12.

The term “Crypto-Asset” means a digital representation of value that relies on a cryptographically secured distributed ledger or a similar technology to validate and secure transactions.

13.

The term “Relevant Crypto-Asset” means any Crypto-Asset that is not a Central Bank Digital Currency, a Specified Electronic Money Product or any Crypto-Asset for which the Reporting Crypto-Asset Service Provider has adequately determined that it cannot be used for payment or investment purposes.

14.

The term “Exchange Transaction” means any:

(a) exchange between Relevant Crypto-Assets and Fiat Currencies; and

(b) exchange between one or more forms of Relevant Crypto-Assets’

;

(h) in Section VIII, subparagraph B(1)(a) is replaced by the following:

‘(a)

a Governmental Entity, International Organisation or Central Bank, other than:

(i) with respect to a payment that is derived from an obligation held in connection with a commercial financial activity of a type engaged in by a Specified Insurance Company, Custodial Institution, or Depository Institution; or

(ii) with respect to the activity of maintaining Central Bank Digital Currencies for Account Holders which are not Financial Institutions, Governmental Entities, International Organisations or Central Banks.’

;

(i) in Section VIII, subparagraph C(2) is replaced by the following:

‘2.

The term “Depository Account” includes any commercial, checking, savings, time, or thrift account, or an account that is evidenced by a certificate of deposit, thrift certificate, investment certificate, certificate of indebtedness, or other similar instrument maintained by a Depository Institution. A Depository Account also includes:

(a) an amount held by an insurance company pursuant to a guaranteed investment contract or similar agreement to pay or credit interest thereon;

(b) an account or notional account that represents all Specified Electronic Money Products held for the benefit of a customer; and

;

(j) in Section VIII, subparagraph C(9)(a) is replaced by the following:

‘(a)

a Financial Account maintained by a Reporting Financial Institution as of 31 December 2016 or, if the account is treated as a Financial Account solely by virtue of the amendments to this Agreement made by the Amending Protocol of 13 October 2025 as of 31 December preceding the entry into force of the latter Amending Protocol;’

;

(k) in Section VIII, subparagraph C(10) is replaced by the following:

‘10.

The term “New Account” means a Financial Account maintained by a Reporting Financial Institution opened on or after 1 January 2017, or, if the account is treated as a Financial Account solely by virtue of the amendments to this Agreement made by the Amending Protocol of 13 October 2025, on or after the entry into force of the latter Amending Protocol, unless it is treated as a Preexisting Account under the extended definition of Preexisting Account in subparagraph C(9).’

;

(l) in Section VIII, the following subparagraph is added after subparagraph C(17)(e)(iv):

‘(v)

a foundation or capital increase of a company provided that the account satisfies the following requirements:

— the account is used exclusively to deposit capital that is to be used for the purpose of the foundation or capital increase of a company, as prescribed by law;

— any amounts held in the account are blocked until the Reporting Financial Institution obtains an independent confirmation regarding the foundation or capital increase;

— the account is closed or transformed into an account in the name of the company after the foundation or capital increase;

— any repayments resulting from a failed foundation or capital increase, net of service provider and similar fees, are made solely to the persons who contributed the amounts; and

— the account has not been established more than 12 months ago.’

;

(m) in Section VIII, the following subparagraph is inserted after subparagraph C(17)(e):

‘(ea)

A Depository Account that represents all Specified Electronic Money Products held for the benefit of a customer, if the rolling average 90 day end-of-day aggregate account balance or value during any period of 90 consecutive days did not exceed USD 10 000 or an equivalent amount denominated in the domestic currency of each Member State or Monaco at any day during the calendar year or other appropriate reporting period.’

;

(n) in Section VIII, subparagraph D(2) is replaced by the following:

‘2.

The term “Reportable Person” means a Reportable Jurisdiction Person other than: (i) an Entity the stock of which is regularly traded on one or more established securities markets; (ii) any Entity that is a Related Entity of an Entity described in clause (i); (iii) a Governmental Entity; (iv) an International Organisation; (v) a Central Bank; or (vi) a Financial Institution.’

;

(o) in Section VIII, subparagraph D(5)(c) is replaced by the following:

‘(c)

any other jurisdiction: (i) with which the relevant Member State or Monaco, as the context requires, has an agreement in place pursuant to which that other jurisdiction will provide the information specified in Section I; and (ii) which is identified in a list published by that Member State or by Monaco.’

;

(p) in Section VIII, the following subparagraph is added after subparagraph E(6):

‘7.

The term “Government Verification Service” is an electronic process made available by a Reportable Jurisdiction to a Reporting Financial Institution for the purposes of ascertaining the identity and tax residence of an Account Holder or Controlling Person.’

;

(q) the following section is added after Section IX:

‘SECTION X

TRANSITIONAL MEASURES

Notwithstanding subparagraph A(1)(b) and A(6a) of Section I, with respect to each Reportable Account that is maintained by a Reporting Financial Institution as of 31 December preceding the entry into force of the Amending Protocol of 13 October 2025 and for reporting periods ending by the second calendar year following such date, information with respect to the role(s) by virtue of which each Reportable Person is a Controlling Person or Equity Interest holder of the Entity is only required to be reported if such information is available in the electronically searchable data maintained by the Reporting Financial Institution.’ ;

(9) Annex III is amended as follows:

(a) the heading is replaced by the following:

‘ADDITIONAL DATA PROTECTION SAFEGUARDS REGARDING THE TREATMENT OF THE DATA PROCESSED UNDER THIS AGREEMENT’ ;

(b) paragraphs 3 and 4 are replaced by the following:

‘3. Data minimisation

The personal data processed by the Contracting Parties under this Agreement shall be relevant and limited to what is necessary and proportionate to the purposes set out in this Agreement.

The Contracting Parties shall not exchange personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, or data concerning the health or sex life of the individual.

4. Transparency, right of access and rectification and erasure of data

Where personal data is used for other purposes within the receiving jurisdiction or is transmitted by the receiving jurisdiction to a third jurisdiction (being a Member State or Monaco) in accordance with Article 6(5) of the Agreement, the Competent Authority of the receiving jurisdiction using the personal data for other purposes or transmitting it to a third jurisdiction shall inform the persons concerned. This information shall be provided in sufficient time for the individual(s) concerned to exercise their data protection rights and, in any case, before the receiving jurisdiction has used the personal data for other purposes or transmitted it to the third jurisdiction.

With respect to any personal data processed under this Agreement, any individual shall have the right to obtain access to personal data concerning him or her and to obtain rectification of inaccurate personal data concerning him or her. Where personal data has been unlawfully processed the individual may obtain its erasure.

To facilitate the exercise of this right, each individual shall be entitled to submit requests for access to and rectification and/or erasure of their data; these requests shall be addressed to the other Competent Authority concerned through the individual's own Competent Authority.

The requested Competent Authority shall provide access to the relevant data and, where appropriate, update and/or correct any inaccurate or incomplete data.’ ;

‘6. Automated processing

The Competent Authorities shall not take any decision which produces legal effects concerning an individual or significantly affects him or her and which is based solely on automated processing of data.

7. Transfers to authorities of third countries

A Competent Authority may occasionally transfer personal data received pursuant to this Agreement to public authorities of third jurisdictions, other than the Member States and Monaco, if all of the following circumstances apply:

(a) the transfer is necessary for the purposes specified in Article 6(4) in the receiving third jurisdiction and the personal data will be used by the receiving third jurisdiction only for such purposes;

(b) the personal data is relevant and proportionate to the purposes for which it is transferred;

(c) the competences of the third jurisdiction authority are directly related to the purposes referred to in Article 6(4);

(d) the receiving third jurisdiction guarantees a level of protection of personal data equivalent to that established by this Agreement, and undertakes not to transfer the received data to any third parties;

(e) the Competent Authority that provided the information has given prior authorisation in accordance with the conditions set out in Article 6(5); and

(f) the data subject has been informed of the transfer.

Any other transfers of information received pursuant to this Agreement to third parties shall be prohibited.’ ;

(d) paragraph 10 is replaced by the following:

‘10. Oversight

The processing of personal data by Reporting Financial Institutions and Competent Authorities under this Agreement shall be subject to the independent supervision of: (i) for Member States, the national data protection supervisory authorities established under Regulation (EU) 2016/679 and (ii) for Monaco, the Autorité de protection des données personnelles (Monaco's Data Protection Authority).

Those data protection supervisory authorities of the Member States and Monaco shall have effective powers of oversight, investigation, intervention and review, and must have the power to refer violations of law for legal action, where appropriate. They shall in particular ensure that complaints relating to non-compliance are received, investigated, responded to, and appropriately redressed.’ ;

(10) in Annex IV, subparagraph (ac) is deleted.

Article 2

Entry into force and application

1. This Amending Protocol is concluded subject to its ratification or approval by the Contracting Parties in accordance with their internal procedures. The Contracting Parties shall notify each other of the completion of these procedures. This Amending Protocol shall enter into force on the first day of January following the last notification.

2. Notwithstanding paragraph 1 of this Article, Article 1(2), (3)(b) and (8)(c) of this Amending Protocol shall apply as of the date on which the Principality of Monaco begins to apply the CARF with all Member States.

Article 3

Languages

This Amending Protocol shall be drawn up in duplicate in the Bulgarian, Croatian, Czech, Danish, Dutch, English, Estonian, Finnish, French, German, Greek, Hungarian, Irish, Italian, Latvian, Lithuanian, Maltese, Polish, Portuguese, Romanian, Slovak, Slovenian, Spanish and Swedish languages, each text being equally authentic.

IN WITNESS WHEREOF, the undersigned Plenipotentiaries have hereunto set their hands.

[Bild bitte in Originalquelle ansehen]

( 1 ) Council Directive 2003/48/EC of 3 June 2003 on taxation of savings income in the form of interest payments ( OJ L 157, 26.6.2003, p. 38 , ELI: http://data.europa.eu/eli/dir/2003/48/oj ).

( 2 ) OJ L 19, 21.1.2005, p. 55 , ELI: http://data.europa.eu/eli/agree_internation/2005/44(1)/oj .

( 3 ) OJ L 225, 19.8.2016, p. 3 , ELI: http://data.europa.eu/eli/prot/2016/1392/oj .

( 4 ) Council Directive (EU) 2023/2226 of 17 October 2023 amending Directive 2011/16/EU on administrative cooperation in the field of taxation ( OJ L, 2023/2226, 24.10.2023, ELI: http://data.europa.eu/eli/dir/2023/2226/oj ).

( 5 ) Council Directive 2011/16/EU of 15 February 2011 on administrative cooperation in the field of taxation and repealing Directive 77/799/EEC ( OJ L 64, 11.3.2011, p. 1 , ELI: http://data.europa.eu/eli/dir/2011/16/oj ).

( 6 ) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) ( OJ L 119, 4.5.2016, p. 1 , ELI: http://data.europa.eu/eli/reg/2016/679/oj ).

( 7 ) ‘Journal de Monaco’, the official bulletin of the Principality, n o 8725 of 13 December 2024.

DECLARATIONS OF THE CONTRACTING PARTIES

JOINT DECLARATION OF THE CONTRACTING PARTIES ON THE AGREEMENT AND THE ANNEXES

The Contracting Parties agree, regarding the implementation of the Agreement and Annexes I and II thereto, as amended by the Amending Protocol of 13 October 2025, to use the Commentaries to the OECD Model Competent Authority Agreement and Common Reporting Standard, as well as the Commentaries to the 2023 Addendum to the OECD Model Competent Authority Agreement and to the 2023 update to the Common Reporting Standard, as a source of illustration or interpretation and in order to ensure consistency in application.

JOINT DECLARATION OF THE CONTRACTING PARTIES ON ARTICLE 5 OF THE AGREEMENT

The Contracting Parties agree that Article 5 of the Agreement is aligned to the latest OECD standard on transparency and exchange of information in tax matters enshrined in Article 26 of the OECD Model Tax Convention. Therefore, the Contracting Parties agree, regarding the implementation of Article 5 that the commentary to Article 26 of the OECD Model Tax Convention on Income and on Capital should be a source of interpretation.

JOINT DECLARATION OF THE CONTRACTING PARTIES ON THE ENTRY INTO FORCE AND IMPLEMENTATION OF THE AMENDING PROTOCOL

The Contracting Parties declare that they expect that the constitutional requirements of the Principality of Monaco and the requirements of European Union law concerning entering into international agreements will be fulfilled in time to enable the Amending Protocol to enter into force on the first day of January 2026. They will take all the measures in their power to achieve that goal.

ELI: http://data.europa.eu/eli/agree_internation/2025/2393/oj

ISSN 1977-0677 (electronic edition)