Privacy Over Transparency? What Recent EU Court Developments Signal for AEOI

By Keir Anderson
22.01.2026
Read Time: 4 minutes
TAINA, TAINA Technology, FATCA compliance, CRS 2.0, CARF, Crypto-Asset Reporting Framework, global tax transparency, OECD tax reporting, CRS compliance, CARF compliance, financial institutions, tax reporting 2026, regulatory readiness, due diligence, onboarding, data quality, governance, RegTech, tax compliance automation

As global tax transparency frameworks mature, scrutiny is shifting beyond whether information is exchanged to how it is collected, governed, and justified. Recent legal developments in Europe could reshape the balance between privacy and transparency within the EU’s Automatic Exchange of Information (“AEOI”) framework. While neither challenges the existence of AEOI itself, the cases underline rising expectations around governance, privacy safeguards, and evidence-based compliance across FATCA, CRS, and CARF.

Belgian Court Referral to the Court of Justice of the European Union (“CJEU”)

The first development involvesa group of “accidental Americans” have challenged Belgium’s implementation of FATCA, arguing that the automatic transmission of their financial account information to the United States violates the EU’s General Data Protection Regulation (“GDPR”). These individuals, who may not identify as U.S. persons but possess “U.S. indicia” such as a U.S. place of birth, are treated as reportable by financial institutions under FATCA.

Lower authorities had previously found such FATCA‑related transfers unlawful. After multiple appeals, Belgium’s Market Court has now referred 13 preliminary questions to the CJEU for determination. These questions fall into three core categories:

1. Compatibility with pre‑GDPR EU data‑protection law 

The CJEU has been asked to determine whether FATCA is compatible with earlier EU data‑protection rules and the EU Charter of Fundamental Rights, given that FATCA predates the GDPR.

2. Whether FATCA is “grandfathered” under Article 96 GDPR 

The Court must clarify whether FATCA qualifies as a pre‑GDPR international agreement that remains temporarily valid, and if so, whether renegotiation is required to ensure compliance.

3. How FATCA data can be lawfully transferred under the GDPR 

The Market Court is seeking guidance on what safeguards are required when transferring FATCA data to the United States for tax‑compliance purposes.

This is the first FATCA‑related case to reach the CJEU, meaning the Court’s findings will not only guide Belgium’s future AEOI implementation, but will apply EU‑wide, shaping how all Member States fulfill their AEOI obligations.

Crucially, the referral does not signal a rollback of regulatory requirements. A ruling in favor of the claimants will only highlight that mass financial data processing must be supported by clear legal boundaries, proportionality, and oversight, not that it should not occur at all. 

 

Ferrieri and Bonassisa v. Italy (ECHR, 8 January 2026)

The second case of consequence had a ruling on January 8, 2026, by the European Court of Human Rights (“ECHR”) stating that Italy violated the right to private life by allowing tax authorities unrestricted access to taxpayers’ banking data without adequate legal safeguards, judicial oversight, or review mechanisms.

The Court found that:

  • Italy’s framework did not meet required “quality of law” standards. 
  • Tax authorities were granted excessive discretion over accessing financial data. 
  • No effective judicial or independent review process was in place. 
  • The deficiencies constituted a systemic issue requiring general legislative reform.

Although this case did not directly involve AEOI, its implications for CRS, FATCA, and CARF are clear. AEOI depends on national laws authorizing tax authorities to collect and process banking data before international exchange occurs. If the domestic foundations underlying AEOI fail to meet human‑rights standards, aspects of the AEOI system may need restructuring.

 

What Does This Mean for AEOI In Practice?

Over the past 15 years, AEOI has fundamentally transformed international tax transparency. FATCA, CRS, and CARF reflect a global consensus that automatic information exchange is indispensable for combating tax evasion. Significant rollback is unlikely.

However, both the Belgian referral and the Ferrieri judgment highlight an increasingly important counterbalance: privacy and data‑protection requirements are gaining legal force.

As a result:

  • Privacy protections in mass‑processing financial‑data systems will need to be strengthened. 
  • Legislatures must ensure proportionality, purpose limitation, and clear statutory boundaries for the collection and processing of data feeding AEOI systems. 
  • Effective remedies and oversight mechanisms will become more important, particularly for individuals who are not, or should not be, reportable. 
  • AEOI processes, from client onboarding to data retention and cross‑border transfer, will require more rigorous internal controls and data‑governance standards.

The direction of travel is not toward less AEOI, but toward more privacy‑compliant AEOI. And this will start at the Governmental level, with changes to processes and procedures in the industry following as required in due course. What is clear is that we will all need to find our balance as AEOI’s focus swings back towards data protection.

 

How TAINA Supports Evidence-Based AEOI Compliance 

TAINA’s automated validation and due-diligence platform is designed for exactly this environment, where transparency obligations and data-protection expectations must coexist. 

TAINA helps organisations: 

  • Embed FATCA, CRS, and CARF requirements directly into onboarding workflows 
  • Apply consistent, rules-based validation logic across jurisdictions 
  • Maintain traceable audit trails that evidence how classification and reporting decisions were reached 
  • Reduce unnecessary data handling through structured, purpose-driven processes 

As regulatory and judicial scrutiny intensifies, the ability to prove compliance decisions, not just produce reports, becomes a critical differentiator. 

The direction of travel is clear. AEOI is not retreating, but it is maturing. Courts, regulators, and supervisors are converging on a shared expectation: transparency must be accompanied by control, proportionality, and proof. 

 

We would love to talk to you more about your current documentation validation process and how our award-winning FATCA and CRS Validation platform may add value to your organisation.

For more information on how our fully automated FATCA and CRS Validation platform can add value to your business, get in touch or request a demo to see it in action.

 

 

 

Whitepapers & Case Studies
Read More +
Webcasts & Videos
Read More +
Events
Read More +
News & Insights
Read More +

Recommended for you