Blockchain & Crypto-Assets 2026 Comparisons

The principal regulators relevant to blockchain and crypto-asset businesses in Australia are the ASIC, the Australian Transaction Reports and Analysis Centre (AUSTRAC) and the ATO, as outlined below.

• ASIC regulates crypto-asset activities where a token or arrangement falls within the definition of a “financial product” or where a business provides a financial service under the Corporations Act, including enforcement against misleading and deceptive conduct. ASIC’s remit is extended by delegated authority from the Australian Competition and Consumer Commission (ACCC) in relation to conduct involving misleading and deceptive conduct in the marketing or sale of crypto-assets that are not “financial products”. ASIC has adopted a more assertive supervisory posture, identifying crypto-assets as an enforcement priority following market instability, with a focus on investor protection and application of existing financial services laws.
• AUSTRAC regulates blockchain and crypto businesses that provide “designated services” with a geographical link to Australia, focusing on AML/CTF reporting, supervision and financial crime detection. AUSTRAC’s approach is risk-based and aligned with financial crime mitigation, requiring reporting entities to implement AML/CTF programmes tailored to the nature of the services provided.
• The ATO regulates tax treatment, including capital gains tax, trading stock characterisation and fringe benefits tax issues and has adopted a cautious approach, favouring guidance over legislative reform, following the Board of Taxation review published in 2025.

Australia has also taken steps to align its AML/CTF framework with international standards. Recent reforms include the adoption of the virtual asset service provider (VASP) concept, a shift toward regulating “virtual assets”, the introduction of the travel rule and the extension of international value transfer service obligations. These amendments reflect a move toward greater alignment with Financial Action Task Force (FATF) expectations and global risk based supervisory models.

In relation to the International Organisation of Securities Commissions (IOSCO), Australia’s approach has been to align substantively with the principles underpinning IOSCO’s 2023 policy recommendations. Specifically, applying the Australian financial services regime to crypto-asset activities, particularly with respect to licensing, disclosure, consumer protection and the custody of client assets.

Australia has not adopted a formal classification system for crypto-assets. Instead, whether a crypto-asset or crypto-related service is regulated under Australian financial services law turns on an assessment of its legal characteristics.

Regulators’ Approach to Classification

Regulators take a case-by-case approach focusing on whether a particular crypto-asset or activity falls within existing legal concepts. The central question is whether the asset constitutes a “financial product” under the Corporations Act, which broadly captures facilities through which a person makes a financial investment, manages financial risk or makes non–cash payments. Certain things, such as securities, derivatives and interests in a managed investment scheme, are specifically deemed financial products.

ASIC has indicated that this assessment depends on the rights and features of the specific token or arrangement and that many crypto-asset activities may fall within the financial product regime. Where a crypto-asset does not satisfy that definition, it may be treated as a form of property or goods, with regulatory consequences determined accordingly.

DAF Act Classification

The reforms under the DAF Act adopt an activity-based approach to classification, focusing on the function performed rather than the inherent characteristics of a crypto-asset. This means regulatory outcomes are determined by how a product or service operates in practice, particularly where custody, trading or tokenisation activities are involved. However, token-by-token analysis remains critical, as the classification of individual tokens continues to inform whether additional licensing obligations apply.

At the centre of the framework are two new regulated financial products: digital asset platforms (DAPs) and tokenised custody platforms (TCPs). These concepts extend the Australian financial services licensing (AFSL) regime to capture custodial and tokenisation activities involving digital assets. A DAP broadly covers arrangements in which an operator holds or controls digital assets on behalf of clients, whereas a TCP applies to structures in which real-world assets are tokenised and held for the benefit of token holders. These categories operate as a regulatory “wrapper”, requiring licensing regardless of whether the underlying assets are themselves financial products.

Regulatory Frameworks

Crypto-assets are primarily regulated through the following legal frameworks rather than a bespoke regime. In particular:

• the Corporations Act, which incorporates the DAF Act and applies where crypto-assets or related activities involve financial products or financial services;
• the AML/CTF Act applies to businesses providing “designated services”, including certain crypto-asset exchanges and, increasingly, broader virtual asset activities; and
• general consumer protection laws, including the Australian Consumer Law, apply to all crypto-asset businesses regardless of token classification.

Regulated Activities

The following crypto-asset activities, amongst others, are regulated in Australia (but legal advice is required depending on structure and function):

• financial services involving crypto-assets, including issuing, dealing, advising or operating a facility involving crypto-assets that are financial products;
• custody and platform services, where an operator holds or controls crypto-assets on behalf of clients;
• exchange and transfer services, including fiat-to-crypto exchanges and broader “virtual asset service provider” (VASP) activities; and
• payment–related services, including stablecoin issuance or arrangements.

There are no blanket prohibitions on crypto-asset activities in Australia. However, activities may be effectively restricted where:

• a business operates without required licences or registrations (eg, AFSL or AUSTRAC registration);
• conduct involves misleading or deceptive representations, fraud or market misconduct; or
• products expose retail investors to risks without satisfying disclosure and licensing obligations.

Retail Versus Wholesale Customers

Australia imposes a distinction between retail and wholesale customers:

• where a crypto-asset is a financial product, retail client protections apply (eg, disclosure obligations, best interests duty, design and distribution obligations);
• wholesale client tests under the Corporations Act determine whether a client is treated as retail or wholesale.

Regulatory Transitions

Australia is undergoing a significant regulatory transition. Key developments have been outlined below.

• Reforms under the AML/CTF Act came into force on 31 March 2026, with a series of targeted transitional measures to ease implementation for existing reporting entities.
• ASIC’s no action position, a transitional measure under which ASIC will not take enforcement action for certain unlicensed digital asset services where a business lodges an AFSL (or variation) application by 30 June 2026, complies with specified conditions while that application is assessed.
• The commencement of the DAF Act on 8 April 2027. This will introduce:
1. licensing for DAPs and TCPs;
2. tailored custody, disclosure and operational standards; and
3. integration of crypto-asset intermediaries into the AFSL framework.
• Consultations on draft payments legislation modernisation are underway, with the aim to bring in a broader range of Payment Service Providers (PSP) within the AFSL framework, enhanced prudential oversight powers for the Australia Prudential Regulation Authority (APRA) in respect of major stored value facility (SVF) providers and the introduction of a broad rule making power to support the implementation of a mandatory, revised “ePayments Code”.

These reforms are intended to close regulatory gaps, improve consumer protection and align Australia more closely with international standards, while maintaining its technology neutral regulatory approach.

The use of a legal wrapper, such as a fund, can materially change the analysis in 2.2 Crypto-Asset Regulatory Frameworks.

While direct investment in crypto-assets may fall outside the financial product regime (depending on the asset’s characteristics), investment via a pooled vehicle (such as a fund that carries out purchases of crypto-assets) typically will constitute an interest in a managed investment scheme (MIS) or another financial product. ASIC’s updated Information Sheet 225 (INFO 225) confirms that digital asset arrangements involving pooled investment and reliance on a promoter are commonly characterised as facilities for making a financial investment or MIS interests.

As a result, the investor’s interest becomes the regulated financial product, bringing the arrangement within the Corporations Act. The responsible entity must hold an AFSL and comply with licensing, governance and operational obligations. Custody requirements are governed primarily by Regulatory Guide 133, which sets minimum standards for asset holding, including crypto-assets that are financial products. Funds must also meet disclosure and conduct obligations, including issuing a:

• product disclosure statement (PDS); and
• target market determination (TMD), if offered to retail clients.

Historically, Australia has had very few crypto-asset issuance (ICOs and TGEs) owing to the risks of breaching existing financial services laws. There is no bespoke regime governing token issuance. Instead, ASIC applies a technology neutral, substance based approach, under which the key issue is whether the token constitutes a “financial product” under the Corporations Act.

If a token confers rights analogous to shares, derivatives or interests in a managed investment scheme (ie, profit rights or pooled investment), it will be treated as a financial product. In that case, the token issuer and any intermediaries must hold an AFSL and comply with licensing, disclosure and conduct obligations.

The clarification of ASIC’s position on the boundaries of financial services law, as specified in INFO 225, potentially opens the door to regulated token sales under the AFSL framework, asset tokenisation and non-financial products subject to compliance with consumer laws.

Australia does not require a formal White Paper for token offerings. However, disclosure obligations depend on classification. If the token is a financial product, issuers must provide a regulated disclosure document (typically a TMD, PDS and FSG) for retail offers and ensure that the disclosures are accurate and not misleading. While White Papers are commonly used, they do not replace formal disclosure obligations.

Australia has a well-developed market abuse framework under the Corporations Act, which applies to misconduct involving “financial products” and is enforced by ASIC. This includes insider trading and market manipulation.

Insider trading is prohibited under Section 1043A and covers:

• trading while in possession of inside information;
• procuring another person to trade; and
• communicating (or “tipping”) such information to others.

“Inside information” is information that is not generally available and that would have a material effect on the price or value of a financial product if disclosed. The regime also prohibits broader market misconduct, including creating false or misleading trading activity, manipulating prices and making misleading statements to induce trading.

As a result, traditional securities markets have a clear prohibition on market abuse. Where crypto-assets fall within the financial product regime under the Corporations Act, similar offences apply to insider trading conduct.

It is expected that DAF Act reforms will require licensees to comply with new surveillance and reporting obligations regarding market conduct involving even non-financial products.

Australian regulators have demonstrated an increasingly active and deterrence focused enforcement approach toward non compliance.

Recent Regulatory Enforcement Actions

The Australian Securities and Investments Commission’s recent enforcement activity reflects its increased scrutiny of crypto-asset offerings that mimic “financial products” and services. The regulator has repeatedly warned that “simply because a product hinges on a crypto-asset does not mean it falls outside financial services law”. This stance became evident in ASIC’s proceedings against Qoin, Block Earner and Finder Wallet, which each concerned the alleged offer of unlicensed financial services involving crypto-assets.

A notable example is Australian Securities and Investments Commission v BPS Financial Pty Ltd (Penalty) [2026] FCA 18, where the Federal Court imposed AUD14 million in penalties for unlicensed conduct and misleading statements in relation to a digital wallet product, alongside a ten year ban on operating a financial services business without a licence and mandatory corrective disclosures.

AUSTRAC has previously taken action to refuse, cancel or suspend a Digital Currency Exchange (DCE) registration in a number of cases, which it published on its website. In 2025, AUSTRAC ran a “use it or lose it” campaign targeting inactive DCEs, resulting in the cancellation or voluntary withdrawal of 62 registrations. In more recent times, AUSTRAC has imposed stricter compliance requirements on cryptocurrency ATMs and enhanced supervision of AML compliance and the reporting of suspicious matters.

Cross-Border Enforcement

Regulators address cross border activity through a territorial approach, under which Australian law applies where services are provided to Australian investors. ASIC and AUSTRAC have expressly warned that offshore firms cannot avoid compliance by structuring operations outside Australia while targeting the local market, subject to applicable regulatory exemptions.

Outlook of Regulator Attitude

Looking forward, the regulatory stance is likely to become more interventionist as the new reforms come into force. Ongoing reforms and the expiration of transition relief (eg, June 2026 deadlines) indicate a shift toward full-compliance expectations and intensified enforcement across the sector.

Triggers for Requiring a Licence

In Australia, there is no standalone crypto licensing test; the trigger is whether a person carries on a “financial services” business under the Corporations Act.

Under ASIC’s INFO 225 framework, licensing is typically required where a crypto business:

• issues or deals in tokens that are financial products (eg, derivatives, managed investment schemes, securities or non–cash payment facilities);
• provides financial services, such as advising, dealing, custodial services or making a market; or
• operates a wallet or platform that facilitates payments or investment features.

Separately, ASIC’s Information Sheet 219 sets out an assessment tool to help businesses identify whether an AFSL may be required for blockchain-based services. This tool includes a set of factors to be considered by the business, such as:

• which blockchain platform is being used;
• how it will be run;
• how it works under the law;
• how the blockchain is using the data; and
• how the blockchain affects others.

Recent reforms under the DAF Act bring exchanges, custodians and platform operators (DAPs/TCPs) squarely within the AFSL regime. Although the DAF Act establishes new financial product categories, tokens must be assessed on a case-by-case basis to determine whether additional licensing authorisations are required to carry on the business.

Territorial Limits

The regime applies where an entity is “carrying on a financial services business in Australia”, regardless of where it is incorporated.

Foreign entities may require a licence if they:

• provide services to Australian clients on a systematic and ongoing basis;
• have a sufficient connection to Australia (eg, local agent, infrastructure); or
• engage in “inducing conduct” (marketing or soliciting Australian investors).

Whether this threshold is met is fact–specific and includes factors such as continuity of activity and the presence of Australian operations.

Transitional/Grandfathering Arrangements

Australia is currently operating a transitional regime to comply with new AFSL reforms, specifically ASIC’s no action position, a transitional measure under which ASIC will not take enforcement action for certain unlicensed digital asset services where a business lodges an AFSL (or variation) application by 30 June 2026 and complies with specified conditions while that application is assessed. The position extends to certain market operators and clearing and settlement facilities.

Separately, ASIC has outlined a transition pathway under the DAF Act, with staged implementation periods (including an anticipated transition window of approximately 18 months) to allow businesses to become fully licensed.

Application Process

• Lodgement of an Australian Financial Services Licence (AFSL) application with the Australian Securities and Investments Commission (ASIC), specifying the financial services and product authorisations sought.
• Submission of detailed supporting materials, including:
1. business plan and proposed activities;
2. compliance and risk management frameworks; and
3. organisational competence and governance arrangements.
• ASIC assesses whether the applicant can provide services “efficiently, honestly and fairly” and comply with ongoing obligations under the Corporations Act.

Substance Requirements

• Demonstration of organisational competence, typically through:
1. appointment of Responsible Managers with relevant financial services expertise (and, for crypto businesses, understanding of underlying technology);
2. clear governance structures, internal controls and reporting lines; and
3. documented compliance policies and procedures.
• Evidence of a genuine, ongoing business, including operational capability and systems.

Local Presence/Personnel

ASIC will expect the appointment of responsible managers who understand the local regulatory regime.

Overseas persons or experience may be accepted provided that sufficient organisational competence is established.

Outsourcing and intra-group support are permitted; however, full responsibility for compliance and supervision rests with the licence holder.

Prudential and Operational Requirements

Licensees must maintain:

• adequate financial, technological and human resources;
• effective risk management systems and internal controls;
• appropriate custody and client asset protection arrangements; and
• dispute resolution systems and disclosure processes.

Crypto-Specific Considerations

Under the DAF Act, exchanges, custodians and platform operators must obtain an AFSL and meet additional requirements (eg, asset–holding standards, governance and disclosure obligations).

Digital asset firms in Australia are subject to general laws governing changes in control, including the Competition and Consumer Act 2010 (Cth) and the Foreign Acquisitions and Takeovers Act 1975 (Cth). Where a firm holds an AFSL, any controllers, officers and responsible managers must satisfy ASIC’s “fit and proper person” requirements.

In addition, reporting entities under the AML/CTF Act must notify AUSTRAC of changes to key personnel, including beneficial owners and senior officers. From 31 March 2026, there is an additional requirement that the firm’s money laundering reporting officer be ordinarily resident in Australia.

Australian financial services licences do not benefit from a broad passporting regime and cannot be used to automatically access other jurisdictions. Unlike the EU model, there is no multilateral framework that confers cross-border rights on Australian licensees.

Instead, access to foreign markets is determined by the laws of the destination jurisdiction, which will generally require:

• a local authorisation; or
• reliance on limited exemptions (if available).

Reforms to Australia’s foreign financial service provider regime, which will be implemented in 2027, are expected to provide a clearer pathway for overseas licensees from peer jurisdictions to enter the Australian market.

The sale of blockchain and crypto-asset services in Australia is subject to the territorial scope of Australian financial services and consumer protection laws, rather than any bespoke cross border licensing regime. Where a crypto-asset constitutes a “financial product” or where a person provides financial services in relation to it to clients in Australia, the provider must generally hold an AFSL or rely on an exemption. ASIC has made clear that Australian law applies where digital assets are marketed, sold or services are provided to Australian users, including from offshore and that reliance on offshore or decentralised structures does not displace these obligations.

Accordingly, a foreign provider selling crypto-asset services into Australia may be required to:

• obtain an AFSL authorising the relevant activities (eg, dealing, advising or operating a financial product);
• comply with retail disclosure obligations, including the preparation of a PDS, TMD and FSG; and
• comply with ongoing conduct obligations (including acting efficiently, honestly and fairly) and other regulatory requirements under the Corporations Act.

Marketing Restrictions

In relation to marketing, Australia does not impose crypto-specific advertising rules comparable to those in some other jurisdictions. However:

• where a crypto-asset is a financial product, marketing is subject to financial product–specific restrictions, including prohibitions on hawking and requirements that disclosures are clear, accurate and not misleading;
• where a crypto-asset is not a financial product, its promotion remains subject to general consumer law, including the prohibition on misleading and deceptive conduct; and
• ASIC has emphasised that many digital asset offerings will fall within existing financial services laws, meaning that marketing must be consistent with those frameworks.

Consistent with this, ASIC enforcement activity in the crypto-asset space has frequently focused on marketing representations and “fin-fluencers”, including claims regarding returns, risk, licensing status and product characteristics.

Reverse Solicitation Exemption

The reverse solicitation exemption allows a foreign financial service provider to provide financial services to an Australian client without holding an AFSL where the service is provided at the client’s own initiative, rather than being the result of marketing or inducement into Australia.

It is narrowly construed, as any prior marketing, promotion or conduct within the jurisdiction will generally preclude reliance on the exemption, meaning the provider will instead be taken to be carrying on a financial services business in Australia and will be required to obtain a licence.

External firms can enter the Australian market using white-label models via the corporate authorised representative (CAR) framework.

However, there are important limitations:

• the CAR must act strictly “on behalf of” the licensee and within the scope of the licence;
• the licensee retains full legal responsibility and must supervise and monitor the CAR’s conduct; and
• the CAR cannot hold itself out as licensed and must clearly disclose its representative status.

Courts have emphasised that firms cannot use CAR structures to avoid licensing requirements, particularly where they operate independently or issue products in their own name.

An alternative intermediary authorisation may apply to issuance models offered in partnership with a financial services licensee.

DeFi

DeFi is permitted in Australia, but it is regulated through existing financial services and AML/CTF laws applied on a technology neutral basis.

DeFi is not treated as a separate category; instead, activities are regulated by function, meaning lending, staking or liquidity pooling may trigger Australian Financial Services Licensing requirements if they constitute financial products or services.

CeFi

CeFi firms may utilise DeFi, but firms must assess and address its scope of:

• licensing risk (AFSL triggers);
• AML/CTF obligations, now expanded to virtual asset services;
• sanctions compliance; and
• custody and client asset protection risks.

DeFi is not prohibited in Australia, but there is no specific legal framework; thus, projects typically operate through traditional entities alongside on-chain arrangements. However, a difficulty arises in relation to DeFi where a protocol operates autonomously and does not fit neatly or at all, within the existing regulatory framework. It is also unclear how regulators may attempt to impose liability or accountability on DAOs or their participants. The Senate Committee has proposed legal recognition of DAOs, but the proposal has not been taken up by the Australian government to date and there is no case law to date addressing the legal capacity or liability of DAOs.

Australian regulators and courts have not yet approached the concept of accountability or liability in relation to DeFi.

ASIC would likely focus on identifiable intermediaries, promoters and operators and apply existing financial services laws where conduct targets Australian users.

Crypto-asset payments are permitted in Australia. Where crypto is used through a platform or wallet, it may constitute a “non cash payment facility” (NCPF), a financial product under the Corporations Act.

Providers of such facilities (eg, payment platforms, wallets) generally must hold an AFSL and comply with conduct and disclosure obligations.

Separately, crypto payment intermediaries are typically subject to AML/CTF regulation, including AUSTRAC registration, customer due diligence and transaction monitoring.

The tokenisation of traditional financial assets has been a topic of considerable interest in Australia; notwithstanding, the regulatory position has evolved following the enactment of the DAF Act.

In substance, Australia continues to adopt a technology neutral approach, such that tokenised assets are regulated by reference to the underlying rights and features, rather than the fact that they are issued on a blockchain. Accordingly, where a tokenised asset constitutes a “financial product” (eg, a security, derivative or interest in a managed investment scheme), it remains subject to the same regulatory treatment as its non tokenised equivalent under the Corporations Act.

The DAF Act introduces a bespoke regime for intermediaries involved in tokenised markets, including TCPs, which facilitate the tokenisation of real world assets. Additional licence authorisations may be required to issue, offer or distribute tokenised assets.

TCPs are treated as financial products in their own right and must hold an AFSL and comply with conduct, custody, disclosure and asset holding obligations. Critically, TCP operators must ensure that tokenised real world assets (other than money) are held on a one to one basis and redeemable by the token holder.