Australia is moving from a principles-based approach to a defined regulatory framework for digital assets. For financial services firms, this shift is more than theoretical. It is already changing licensing expectations, custody obligations, and AML/CTF requirements.
Where jurisdictions such as Singapore established early clarity of cryptocurrency regulation, Australia has now clearly formalised its position. On 01 April 2026, the Australian Parliament passed the highly-anticipated Digital Assets Framework Bill 2025. The Bill introduces a framework for digital tokens, digital asset platforms and tokenised custody platforms. It also applies the financial services law in a way that is tailored to these platforms, and provides the Australian Securities and Investments Commission (ASIC) and the Minister with powers to regulate these platforms.
The country’s updated digital assets regime aims to close gaps and bring crypto activity firmly within the financial services regulatory perimeter. What does this mean for financial services firms operating in Australia? They must now meet well-defined standards for dealing with digital assets or prepare to exit certain activities.
Key Highlights
- The Corporations Amendment (Digital Assets Framework) Bill 2025 passed Parliament in April 2026, introducing new regulated product categories.
- ASIC has tightened expectations through updated guidance and transitional licensing deadlines.
- Australian Transaction Reports and Analysis Centre is expanding AML/CTF obligations to broader virtual asset services from July 2026.
- Enforcement activity is increasing, with a clear focus on licensing, onboarding controls, and consumer protection.
A Structured Evolution of Australia Crypto Regulation
Australia’s digital assets framework has developed in phases. Each phase has increased regulatory certainty while expanding the scope of oversight.
2018: An AML-First Crypto Regulation Foundation
Australia’s first formal step into crypto regulation began in April 2018, with the Australian Transaction Reports and Analysis Centre (AUSTRAC) bringing digital currency exchange (DCE) providers under the regulator’s AML/CTF regime.
DCE providers were now required to register with AUSTRAC, implement anti-money laundering (AML) and counter-terrorism financing (CTF) programmes, conduct customer due diligence, and report suspicious activity. These expectations created a strong baseline that focused on financial crime risk and market integrity.
However, the regime did not address licensing, custody, or investor protection in a comprehensive way. Instead, it targeted the most immediate regulatory concern at the time: the potential misuse of digital assets for money laundering and terrorism financing. The AML-first approach set the stage for future crypto regulation.
2022: Defining the Regulatory Direction
In March 2022, Treasury released the Crypto Asset Secondary Service Providers: Licensing and Custody Requirements: Consultation Paper. The paper proposed three different regulatory options, with many stakeholders indicating that leveraging the existing financial services laws was the most appropriate avenue.
In April 2022, APRA outlined expectations and set out a policy roadmap for banks and superannuation funds to manage crypto-related risks. The regulator set expectations for firms to adopt a prudent approach and ensure risks were well-understood and well-managed before engaging in crypto-asset activities. Key requirements included conducting comprehensive risk assessments before investing, ensuring compliance with outsourcing standards (CPS 231/SPS 231), and maintaining strong operational controls against fraud, cyber risks, and volatility.
2023: Enforcement and Perimeter Pressure
In 2023, regulatory pressure increased through enforcement rather than new legislation. ASIC cancelled the licence of a derivatives entity of a major cryptocurrency exchange. The action followed a targeted review of the exchange’s financial services business in Australia, including its classification of retail and wholesale clients.
ASIC Chair Joe Longo said at the time, “It is critically important that AFS licensees classify retail and wholesale clients in accordance with the law. Retail clients trading in crypto derivatives are afforded important rights and consumer protections under financial services laws in Australia, including access to external dispute resolution through the Australian Financial Complaints Authority.”
These actions highlighted that firms could not rely on offshore structures to avoid Australian regulation, and that retail client protections would be closely scrutinised.
2025: Clarity, Deadlines, and Transitional Relief
In October 2025, ASIC updated its guidance, aimed at supporting digital asset innovation and strengthening investor protection.
Stablecoins, wrapped tokens, tokenised securities, and certain wallet-based or custody arrangements were identified as digital asset structures that could be defined as financial products depending on their structure and associated rights. Firms must assess each arrangement on a case-by-case basis.
ASIC also introduced a transitional “no-action” position, allowing eligible firms time to submit AFSL applications.
The regulator’s guidance clarified and reinforced that existing client asset and custody rules apply where digital assets are classified as financial products. This clarification has practical implications for firms managing digital assets, including:
- Segregation of client assets
- Reconciliation and record-keeping
- Oversight of sub-custodians
2026: A Defined Regulatory Framework
In April 2026, the most significant development in Australia’s regulation of digital assets came as the Digital Assets Framework Bill passed both Houses of Parliament. Once implemented, it will introduce two new regulated categories:
- Digital asset platforms
- Tokenised custody platforms
The new framework is expected to bring crypto exchanges and custodians more directly and consistently within the financial services licensing regime.
This framework introduces explicit, tailored obligations for firms holding client digital assets, particularly in areas such as governance, asset protection, and disclosure.
In parallel, AUSTRAC’s in implementing AML/CTF reforms through:
For firms, a dual compliance challenge now exists. They must align both licensing and AML frameworks at the same time.
What the New Guidance, Obligations, and Legislation Mean for Australian Firms
Australia is entering a more defined phase of crypto regulation. The combination of new legislation, updated regulatory guidance, and expanded AML obligations is closing gaps where uncertainty previously existed.
For Australian financial services firms, it is now clear that:
1. Licensing Is No Longer Optional
Firms must determine whether their activities fall within the financial services perimeter. If they do, licensing is required.
2. Custody Expectations Are Increasing
Holding client assets introduces significant obligations. Firms must demonstrate:
- Clear segregation of client assets
- Robust reconciliation processes
- Effective oversight of third-party custodians
3. AML/CTF Obligations Are Expanding
AUSTRAC’s reforms significantly broaden the scope of regulated activity. Crypto-to-crypto services, custody functions, and other virtual asset activities are increasingly within scope. Firms must ensure their AML programmes reflect this expanded coverage.
- Digital assets are now firmly within the regulatory perimeter
- Licensing, custody, and AML obligations are converging
- Enforcement is increasing alongside regulatory clarity
With the right controls, processes, and technology in place, firms can meet evolving regulatory requirements effectively and continue to participate confidently in a regulated digital asset market.
How RegTech Helps Firms Meet Australia’s Crypto Regulation Requirements
As regulatory expectations increase, manual compliance processes become unsustainable. Firms must now manage licensing obligations, monitor employee activity, oversee transactions, and maintain audit-ready records across multiple regulatory frameworks.
Regulatory Technology (RegTech) solutions such as MCO (MyComplianceOffice) provide a centralised system for managing compliance obligations. Rather than relying on fragmented tools, MCO enables firms to maintain a single view of employee activity, transactions, and regulatory controls.
Additionally, MCO's Digital Asset Personal Trading solution provides a purpose-built workflow to manage employee personal trading in digital assets and cryptocurrency. With Digital Asset Personal Trading, firms can:
- Track digital asset holdings
- Pre-clear trades
- Recognise wallets natively
- Capture an up-to-date asset list
- Integrate with major exchanges and wallets
- Generate detailed, audit-ready reports
- Establish restriction and exemption lists
- Run conflict checks against employee activity using configurable, rules-based logic
MCO’s broader Know Your Employee Compliance Suite also provides firms with a fully integrated solution to monitor, identify and remedy conflicts of interest and code of conduct issues to keep pace with a changing regulatory environment. For compliance teams, the outcome is less time spent on manual processes and more time strategically managing risk.
Are you ready to help your firm meet evolving regulatory expectations? See the MyComplianceOffice complete compliance suite in action now.
Also, see our in-depth crypto regulation compliance article which includes the latest updates across Singapore, Japan, the United States, United Kingdom, and more.
.svg "MCO-Color-logo")
