The Swiss government has announced a delay in its plans to implement a major crypto law. This comes as governments worldwide face difficulty in achieving uniform crypto tax regulations, even as the crypto industry heats up with wider adoption. 

Swiss Government Delays Implementation Of Popular Crypto Law

In a press release, the Swiss Federal Council announced that the new Crypto-Asset Reporting Framework (CARF) will be enshrined into law from January 2026, but will not be implemented until 2027 at the earliest. The National Council’s Economic Affairs and Taxation Committee (ETAC) earlier this month suspended deliberations on the partner states with which Switzerland intends to exchange data under the crypto law, which prompted this decision.

The Federal Council also determined that the provisions on crypto assets contained in the Federal Act on the Automatic Exchange of Information in Tax Matters (AEOIA) and AEOI Ordinance shall not apply next year. Meanwhile, the government approved amendments to the Automatic Exchange of Information in Tax Matters (AEOI Ordinance). 

The release noted that the crypto law contains implementing provisions on amending the Federal Act on the AEOIA. As part of the amendments, the AEOI Ordinance now includes the crypto service providers’ duty to report, duty to conduct due diligence, and duty to register. It also specifies their nexus to Switzerland. 

Furthermore, under the crypto law, crypto service providers such as exchanges will now directly apply to associations and foundations, and their accounts will be subject to the law. However, they are excluded from the AEOI if they meet certain conditions under the revised ordinance. Lastly, the law also contains transitional provisions that make it easier for the affected parties to implement the amended CRS and the CARF. 

The Crypto-Asset Reporting Framework (CARF) will enable the automatic exchange of tax information on crypto transactions between countries. Other countries, including the U.S. and the U.K., are working to implement this global standard of crypto tax reporting into their legal frameworks. 

U.K. Also Moves To Implement CARF

In a release, the U.K. government announced that it is implementing the CARF for the first international data exchanges in 2027. The government noted that the CARF requires U.K. reporting crypto asset service providers (RCASPs) to collect relevant tax information and undertake due diligence in relation to their users on an annual basis. 

These U.K. RCASPs will also be required to collect information concerning U.K. resident customers. This means that the country’s tax authority, HMRC, will have CARF data on all taxpayers using a U.K.-based RCASP. Meanwhile, it is worth noting that the U.S. is also planning to implement the crypto law. Bitcoinist recently reported that the Treasury Department has dispatched the CARF regulations to the White House for review.

At Synack, we’re truly committed to making the world a safer place. We’re doing that by helping organizations defend themselves against an onslaught of cyberattacks. We’re harnessing the tremendous power of the Synack Red Team, our community of the most skilled and trusted ethical hackers in the world, and through the most-advanced security tools available today to deliver continuous penetration testing (and more) with actionable, prioritized results.

Now, the Synack Platform is expanding to help organizations globally overcome the worldwide cybersecurity talent gap. I am excited to announce the launch of Synack Campaigns to provide on-demand access to the SRT, who will be available 24/7 to execute specific and unique cybersecurity tasks whenever you need them — and deliver results within hours. This new approach to executing targeted security operations tasks will fundamentally change organizations’ approach to cybersecurity by providing on-demand access to this highly skilled community of security researchers.

During my time at Synack, I’ve seen firsthand how the Synack Operations and Customer Success teams creatively engage with the SRT to address a growing range of clients’ security operations tasks, in addition to our traditional vulnerability discovery and penetration testing services. 

Now, we are making these targeted security activities directly available to every organization in the form of Synack Campaigns, available through the new Synack Catalog, also launching today on the Synack Client Platform.

The new Synack Catalog, where customers can discover, configure, purchase and launch Synack Campaigns is available now on the Synack Client Portal. Please speak with your CSM to have this feature enabled for your organization.

I know from speaking to our clients across multiple industries that security teams are struggling to keep pace with the speed of product development. At the same time, they are trying to scale defenses to meet the complexity and magnitude of today’s threats. Our customers ascribe challenges with their growing backlog of security tasks such as CVE checks and cloud configuration reviews. On top of all of that, there’s the need to implement industry best-practice frameworks such as OWASP & Mitre Att&ck. Essentially, customer security teams are struggling with demanding workloads and have asked us for assistance in a number of areas:

• On-demand access to talented Synack Red Team members who are available 24/7 and capable of completing diverse security operations activities across a growing range of assets. 
• A flexible security solution that can be configured to meet their specific needs in one centralized platform with their existing pentesting insights.
• A security solution that delivers results quickly (hours and days, not weeks or months) and is aligned with their agile development processes.

Synack Campaigns expands the core capabilities of the Synack Platform, including our trusted community of researchers, an extensive set of workflows, payment services, secure access controls and intelligent skills-based task-routing to provide customers with the ability to execute a growing catalog of cybersecurity operations.

With Synack Campaigns our researchers can augment internal security teams by performing targeted security checks such as:

• CVE and OWASP Top 10 vulnerability checks
• Cloud Configuration Checks
• Compliance Testing (NIST, PCI, GDPR, etc.)
• ASVS Checks

Synack Campaigns are built to complement our vulnerability management and pentesting services, and help customers achieve long-term security objectives, such as Application Security, M&A Due Diligence, and Vulnerability Management. 

I’m excited for you to learn more about Synack Campaigns and to hear how you and your teams would like to leverage our on-demand community of researchers to address your organization’s growing operational security needs.

Peter Blanks is Synack’s Chief Product Officer.

The post The Synack Platform Expands to Confront the Cyber Skills Gap appeared first on Synack.