Introduction

The Australian fintech sector is at a major inflexion point, with significant regulatory reform on the horizon as new technology solutions emerge, the industry matures and different transaction opportunities present themselves. This article provides a snapshot of some of these headwinds and makes predictions as to what may happen next.

Regulatory Reforms

Payments reforms

The payments industry in Australia has reached a pivotal moment, undergoing significant transformations driven by regulatory reforms, technological advancements and evolving consumer expectations. Australia has seen the arrival of new participants in the payments ecosystem increasing the number of payment service providers (PSPs) and others involved in the payments value chain locally and globally. There has been wide adoption of new payment solutions in light of the emerging technology infrastructure (discussed below) and the use of PSP solutions to tackle issues, like "debanking" in the digital asset sector.

Further, the Treasury’s proposed exposure draft legislation and regulations, intended to implement a new payments licensing framework, are eagerly awaited. It is anticipated that this will be released in the second half of 2025.

Based on current information, it is expected that the new payments licensing framework will expand the types of payment products and services which require an Australian financial services (AFS) licence. It is anticipated that this will extend to:

• Stored-value facilities – including digital wallets, value on online accounts or virtual or digital prepaid cards.
• Payment instruments – including debit and credit cards, buy now, pay later (BNPL) cards and cheques;
• Payment initiation services – including PayTo services, recurring payments initiated by a third party or direct debit or credit services;
• Payment facilitation services – including merchant acquirers, marketplace platforms, certain payment processors and domestic money transfer providers;
• Payment technology and enablement services – including passthrough digital wallets and payment gateways; and
• Cross-border transfer services – including international money transfer/remittance service providers.

The reforms are also aimed at drawing clearer boundaries between various regulators in Australia that share responsibility for payments, including the Australian Securities and Investments Commission (ASIC), the Reserve Bank of Australia (RBA) and the Australian Prudential and Regulatory Authority (APRA). These regulators would have related, but different responsibilities, namely:

• ASIC will be responsible for regulating consumer protection and conduct of PSPs;
• APRA will be responsible for prudential regulation of PSPs; and
• The RBA would oversee technical standards and there would be a newly authorised body (ASSB) overseen by the RBA to develop them.

In addition to the above, the ePayments Code is set to undergo major revision, with a greater focus on consumer protection and clarity as to remedies for electronic transactions and mistaken payments. While to date the ePayments Code has been a voluntary initiative, it is set to become mandatory. As a result, more PSPs will be required to comply with standards on security and electronic payment systems.

BNPL

Following a period of business consolidation and exits in the BNPL sector, customers are still accessing BNPL solutions as an alternate means of credit, given cost of living pressures and higher interest rates. It will be interesting to see how the next iteration of the BNPL sector will materialise in light of changes to low-cost credit contracts introduced late last year via the Treasury Laws Amendment (Responsible Buy Now Pay Later and Other Measures) Bill 2024 (BNPL Bill) to the National Consumer Credit Protection Act 2009 (Cth) (NCCP).

BNPL will be regulated as a low-cost credit contract and required to have an Australian credit licence from 10 June 2025. Conduct obligations for a BNPL credit licensee will include modified responsible lending obligations. BNPL providers will have to:

• Assess if the product is suitable;
• Take steps to make reasonable inquiries into the consumer’s financial situation; and
• Verify the suitability assessment.

In connection with this, BNPL providers will need to:

• Have an unsuitability assessment policy; and
• Undertake reasonable consumer inquiries having regard to the nature of the product and the applicable target market.

As with all regulatory reforms, it will be interesting to see the different approaches taken by industry to comply with the new requirements and the impact this will have on way BNPL products are offered. It is suspected that:

• Businesses that already provide regulated consumer credit will leverage existing compliance frameworks and may seek to harmonise responsible lending obligations across BNPL and non-BNPL products; and
• Businesses that only provide BNPL products will need to significantly uplift their existing processes to reflect the new requirements.

Digital assets

According to the Independent Reserve Crypto Index as at February 2025, 31% of Australians now own digital assets. As digital assets become increasingly mainstream for consumers and are more readily accessed with traditional finance, this is driving a concurrent proliferation of different providers and products and services. This includes exchange offerings, wallet offerings, custody solutions, investment platforms, staking and earn like products, as well as stablecoins, wrapped tokens and other asset backed tokens.

Corporate collapses such as FTX have seen legislators and regulators globally push for regulatory reform. Australia is no different. At present, certain digital asset exchanges are regulated as a "designated service" under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act).

In addition, some digital asset products and services may also be regulated under the financial services licensing regime, to the extent these products and services involve the provision of a financial product/service. It is also possible for certain digital asset products and services to involve the provision of regulated credit, markets or clearing and settlement facilities which may trigger additional licensing and disclosure/conduct requirements.

ASIC has issued high level guidance in its INFO Sheet 225: Digital assets but following a recent spate of regulatory enforcement actions, ASIC issued Consultation Paper 381: Updates to INFO 225: Digital assets: Financial products and services (CP 381) in December 2024, to update its guidance on the regulatory perimeter for digital assets.

More work is anticipated before the proposed updated regulatory guidance in INFO Sheet 225 is finalised, given that there are likely to be diverging views in the industry as to where the regulatory perimeter begins and ends.

Following consideration of industry submissions, ASIC proposes to update its guidance and this is expected in the second half of 2025. In the meantime, regulatory uncertainty as to what digital asset products and services are currently caught by the existing regulatory regime prevails including what approach ASIC will take to regulatory enforcement. Without regulatory certainty, Australia is at risk of falling behind global peers that are taking facilitative and innovative approaches to regulating the digital asset industry.

Separately, the Department of Treasury is yet to release  exposure draft legislation and regulations to implement the proposed digital asset facility and payment stablecoin reforms. The intent is that these reforms will only apply to digital asset products and services that do not involve the provision of any regulated financial services (ie, fall outside the current regulatory perimeter). It is believed that the Treasury intends to seek industry feedback on the exposure draft in the second half of 2025. Treasury recently issued a statement titled ‘Developing an innovative Australian digital asset industry’ confirming this approach.

AML/CTF reforms for payments providers and digital assets

The Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2024 (Cth), introduced late last year, expands the regulatory requirements in the AML/CTF Act for payment providers, digital asset businesses and certain other higher risk industries, and has increased their obligations to detect and prevent financial crime. These changes were introduced to align Australia with standards set by the Financial Action Task Force (FATF), the global watchdog, and to ensure that Australia was not listed as a "grey area" jurisdiction.

The updated AML/CTF regime introduces the concept of "transfers of value", being transfer of money, virtual assets and other property. Along with this notion of "transfer of value", a new definition of "digital currency" has been introduced which includes a "virtual asset" aligning the definitions with global terminology set by the FATF.

The impact of these changes is that more PSPs and digital asset businesses will be providing "designated services" and will need to comply with the AML/CTF regulatory regime, including Know Your Client requirements, and ongoing transaction monitoring and transaction reporting.

To manage the significantly increased compliance burden, PSPs and digital asset businesses will need to buildout or enhance their existing compliance frameworks.

Climate reporting and risks

As of 1 January 2025, many large Australian businesses and financial institutions must prepare annual sustainability reports on mandatory climate-related financial disclosures. This requirement arises from the passing of the Treasury Laws Amendment (Financial Market Infrastructure and Other Measures) Bill 2024 (Cth) through parliament in September 2024, which amended the Corporations Act 2001 (Cth) (Corporations Act) to introduce these new measures.

Given the maturing size and scale of the fintech market, a number of fintechs in Australia will be required to comply with these new obligations. Further, over the past 18 months or so, ASIC and the ACCC have focused on climate risk and greenwashing as part of its regulatory enforcement priorities, with a number of cases relating to greenwashing amongst household names.

Capital markets

ASIC released a discussion paper titled "Australia’s evolving capital markets: A discussion paper on the dynamics between public and private markets" following a 2024 taskforce established to explore the need for additional regulation in private markets.

ASIC poses questions designed to deepen and sharpen its understanding of how Australia’s capital markets operate, in particular, how to balance the dual goals of ensuring private and public capital markets are open, accessible and support economic growth, while protecting against risks.

It will be interesting to see how this plays out given the interest in secondary trading and private credit at both a wholesale and individual consumer level (especially given the yield vs risk profile of the fintech industry).

CDR reinvigoration

Late last year, the Australian government announced a series of changes to the Consumer Data Right (CDR) that are intended to reinvigorate and encourage further uptake among consumers and remove barriers to data sharing between banks and fintechs. This follows a lacklustre initial rollout of the required changes by banks and other financial institutions in response to CDR’s first phase launch.

The changes include adding functionality to bundle consents, enabling consumers to provide multiple consents through a single action point and removing barriers for banks by simplifying the requirements that apply when an accredited bank seeks data from a consumer.

These changes followed the Australian Banking Association and Customer Owned Banking Association’s campaign against open banking which called for a halt to the CDR rollout and a pro-active counter-campaign by Fintech Australia to stay the course on CDR.

Additionally, an exposure draft of laws proposing to amend the Competition and Consumer (Consumer Data Right) Rules 2020 (CDR Rules) was released 26 November 2024 to provide clarity on how the CDR Rules will apply to the non-bank lending sector and narrow the scope of CDR data for both the banking and non-bank lending sectors.

New Technology Solutions

PayTo

PayTo was launched in Australia in 2023 to revolutionise payments to replace the outdated "BECS Direct Debit" systems and enable real-time transactions for recurring payments directly from customers’ bank accounts. However, its slow adoption has been blamed on high costs and technical challenges, with major banks struggling to integrate with the system.

More recently, innovative use cases and solutions have emerged and PSPs are now using the PayTo infrastructure for B2B transactions, including automating subscriptions, bill payments, and even distribution of wages (which otherwise wouldn’t be able to readily access PayTo solutions).

Blockchain applications

Blockchain is seen by many as the infrastructure of the future and with that comes a race to build out solutions. Many anticipate a migration of assets on-chain, referred to as asset tokenisation. As increasing numbers of assets are migrated to the blockchain, this is going to drive the need for strong user on and off ramps, easy to use interfaces and better integration between DeFI and TradFi. Stablecoins are likely to be a key driver in this ecosystem and the beginnings of a push for local stablecoins in the bigger economies outside of the United States, including Australia, can now be seen.

Artificial intelligence (AI)

AI is fast becoming the tool of choice when it comes to customer service, operational efficiencies and risk mitigation.

There has been a proliferation of different AI tools and integrations in financial and credit services. ASIC is well aware of this and released a first-of-its-kind report on AI at the end of last year, examining how Australian financial services and credit licensees are adopting and implementing AI solutions in their business and the significant governance gap that has occurred as a result.

In their report, ASIC highlighted a range of both accepted AI uses and emerging AI uses, including the following.

Accepted AI uses:

• Predicting and managing credit default risk collection strategies.
• Optimising marketing communications.
• Chatbots to answer simple questions.
• Transaction monitoring.
• Internal process efficiency, eg, business analytics, quality assurance, documentation indexing or triaging.
• Actuarial models for risk, cost and demand modelling for insurance.

Emerging AI uses:

• Predicting probability of recovery customer defaults/arrears for customer vetting.
• Generative AI drafting marketing copy.
• Generative AI use by customer-facing staff.
• Scam risk identification.
• Financial hardship or vulnerability indicators.
• Machine learning to enhance efficiency in the underwriting process.

Whilst ASIC has acknowledged that there are governance gaps, the onus is on fintechs to consider whether the proposed use cases and the appropriateness of risk mitigants and controls to reflect the nature, use and risks associated with AI deployment. Australian consumer and business expectations are also shifting, with greater demand for personalised products and services which can be delivered more efficiently, using AI.

Privacy reforms

On 12 September 2024, the Privacy and Other Legislation Amendment Bill 2024 (Cth) (Privacy Reform Bill) was introduced to amend the Privacy Act 1988 (Cth) (Privacy Act). These reforms introduced:

• A proposed cause of action in tort for serious invasions of privacy, which will be the first of its kind in Australia;
• Significant new and increased civil penalty provisions (including increased fines and penalties);
• Information on automated decision-making to be included in privacy policies; and
• Expansion of the scope of what is "personal information", increasing consumer protection.

It is important that fintechs stay abreast of these changes and the application of these changes to them.

Maturing Industry

With the industry maturing and the regulatory changes ahead, it presents unique investment and transaction opportunities. Some of these are highlighted below.

Consolidation

There are increasing acquisitive/divestment opportunities in the market that have a focus on service offering expansions or volume/synergy benefits. This is a key indicator of industry consolidation.

Businesses with a strong balance sheet are exploring the best ways to deploy capital and this may involve buying and integrating similar or related businesses (including fintechs). Whereas businesses with weaker balance sheets and limited cash runway (typically fintechs) are exploring exit opportunities to maximise value given the cost of borrowing and lower equity valuations.

It is suspected that, as in other countries, this is the beginning of a wave of consolidation that will follow regulatory reform. Given the proposed regulatory reforms captured above, consolidation activity is anticipated to cover payments, BNPL and digital assets over the new few years.

Strategic investments

Big banks, insurers and other financial institutions are continuing to partner and take strategic investments in fintechs, rather than acquiring the fintech outright. This provides both incumbents and fintechs with an opportunity to "try before you buy" and explore the benefits of accessing existing customer bases and distribution channels to provide additional solutions to customers and accelerate growth. As part of these transactions, a greater focus is being placed on understanding the regulatory risks associated when partnering with fintechs, including information and data security and understanding the pathway to regulatory compliance (given the major regulatory reform on the horizon).

Secondary trading

With venture capital funds looking to realise investments and the lack of IPO activity in these past few years, we expect to see increased secondary trading of securities in scale ups that are "unicorns" or "darlings". In Australia, we have seen recent examples of large secondary trading activity including Canva in 2024 raising AUD3.5 billion and Employment Hero raising AUD95 million in 2023 via secondary share sales. Some activity in other sectors involving digital assets is expected over the next 12 months with the IPO runway pipeline starting to build after a quiet spell. The trend is certainly "private is the new public" and ASIC has undertaken a detailed review of the private markets as a result.

What’s Next?

It is anticipated that the next few years will involve rolling out and bedding down major regulatory reforms across payments, digital assets, BNPL, artificial intelligence and AML/CTF. It is likely these regulatory reforms will trigger consolidation and transaction activity given the cost of compliance and the fact that scale is critical to the pathway of profitability. Consolidation is expected in payments, digital assets and BNPL over the next few years. It is also forecast that that advancements in technology will provide new products and solutions as well as mitigate and/or introduce new risks to the financial system that will need to be navigated by regulators and industry alike.