The Commonwealth Government of Australia (Government) has generally been supportive of driving innovation in the technology and financial services sectors and has been proactive in consulting and supporting the sector. As part of this, there have several leading blockchain initiatives in various sectors like financial services, energy, minerals, agriculture, food and beverage and the public sector. According to Investment NSW, Australia ranks 6^th globally for blockchain-related patents as at May 2024.

In the public sector, the Australian Taxation Office (ATO) used blockchain as part of its hackathon to increase transparency around the Luxury Car Tax in tracking and validating the dealer history of cars in a hackathon. The Government’s National Disability Insurance Scheme has also experimented with blockchain and the New Payments Platform to create “smart money” that has the capability of managing insurance pay-outs, budgeting and trust management. In August 2024, the Australian Federal Police announced it had partnered with blockchain data platform, Chainalysis to target criminal cryptocurrency scammers in a joint activity known as Operation Spincaster.

In the private sector, fintech businesses have leveraged blockchain to manage supply chains, make cross-border payments, trade derivatives, manage assets and operate digital currency exchanges. In particular, there have been numerous private sector projects that have used blockchain to more effectively and securely deliver services to consumers. For example, in September 2024, ANZ announced it has joined the Monetary Authority of Singapore’s Project Guardian to explore interoperability between private blockchains to exchange tokenised real world assets.

As the blockchain landscape has evolved beyond recognisable digital representations of value to novel concepts like decentralised finance (DeFi), stablecoins, non-fungible tokens (NFTs), digital markets, tokenised assets, identity, exchanges and decentralised autonomous organisations (DAOs), fintech businesses have seen a unique opportunity to develop and position themselves in Australia’s economy. The expansion of the fintech sector has (in part) been led by businesses in the payments, lending, investment and wealth management, custodial services and new digital asset spaces. In the context of blockchain, this has primarily revolved around the creation of new and innovative trading platforms and exchanges and it is clear that there is significant opportunity for the use of blockchain as businesses move towards a state of technological maturity.

Legislation

There are currently no specific regulations or legislation dealing with blockchain in Australia. The Australian Securities and Investments Commission (ASIC), Australia’s corporate, markets, financial services and consumer credit regulator, has stated that Australian legislative obligations and regulatory requirements are technology neutral and apply irrespective of the mode of technology that is being used to provide a regulated service. While there have been legislative amendments to accommodate the use of cryptocurrencies, to date these have predominantly focused on the transactional relationships (e.g., the issuing and exchanging process) and activities involving cryptocurrencies, rather than cryptocurrencies themselves. As a result, the focus on the regulation of crypto assets has been on applying the established financial services regulatory framework which includes financial services and consumer credit licensing, registration and disclosure obligations, consumer law requirements, privacy and anti-money laundering and counter-terrorism financing (AML/CTF) requirements.

Currently, the only formal monitoring of crypto asset activity in Australia is in relation to AML/CTF. Digital currency exchange providers have obligations under the AML/CTF Act and must register with AUSTRAC – see response to question 6. However, there are numerous Government reviews and consultations that are ongoing or have recently taken place in connection with how crypto assets and crypto asset-adjacent services should be regulated, including:

• In early 2022, Treasury consulted on a proposed licensing framework for crypto asset secondary service providers (referred to by Treasury as CASSPrs). This was generally targeted towards entities providing custody, brokerage, exchange and transmission services in relation to crypto assets that are not otherwise caught under the financial services regime. This consultation was set aside following a change of Government in mid 2022 and the proposals were suspended in favour of a token mapping consultation.
• On 3 February 2023, Treasury released a token mapping consultation paper, which sought to identify the key activities and functions of crypto assets and map them against existing regulatory frameworks.
• On 29 March 2023, opposition Senator Andrew Bragg introduced a private member’s bill, Digital Assets (Market Regulation) Bill 2023 proposing to regulate digital assets, including by introducing licensing requirements for digital asset exchanges, digital asset custody service providers and stablecoin issuers and disclosure requirements for facilitators of central bank digital currencies (CBDCs) in Australia. The bill was referred to the Senate Economics Legislation Committee for review and the Committee recommended that the bill not be passed.
• In April 2023, the Attorney General’s Department announced its consultation on long awaited reform to Australia’s AML/CTF regime. The Government introduced a corresponding bill to Parliament in September 2024 – see response to question 6.
• On 7 June 2023, Treasury released its Strategic Plan for Australia’s Payment System (Payments Strategic Plan), outlining the policy objectives and priorities to reform Australia’s payments system. The Payments Strategic Plan was released alongside two consultations, the first on reforming the Payments Systems (Regulation) Act 1998 (Cth) (Payments Systems Act) and the second on modernising the licensing framework for payment service providers (PSPs).  Subsequent consultations have been released providing more information on how the Government proposes to implement the Payments Strategic Plan.
• On 11 October 2023, as part of the Payments Strategic Plan, Treasury released a draft bill and explanatory memorandum for industry comment on proposals to update the Payments Systems Act. The draft bill proposes to expand the Payments Systems Act coverage across key definitional areas and introduce new ministerial powers.
• On 16 October 2023, Treasury released a consultation paper for industry comment on proposals to regulate digital asset intermediaries under the existing financial services licensing framework. The overarching theme of the proposals was to require digital asset intermediaries to hold an Australian financial services licence (AFSL) and comply with enhanced requirements regarding conduct and standard contracts. Submissions closed on 1 December 2023.
• On 8 December 2023, as part of the Payments Strategic Plan, Treasury released its second consultation paper in relation to an enhanced regulatory framework for Australian PSPs. The paper proposed amendments to existing prudential regulation, including requiring major stored value facilities and major payment stablecoin issuers holding in excess of A$100 million to be authorised by the Australian Prudential Regulation Authority (APRA).  All non-bank issued stablecoins will also need to be collateralised 1:1 with appropriate reserves.

Additionally, the Australian Law Reform Commission (ALRC) conducted an inquiry into simplifying Australia’s overarching financial services regulatory framework to make it “more adaptive, efficient and navigable for consumers and regulated entities”.  As part of the inquiry, the ALRC provided interim reports on three areas, being the design and use of definitions in corporations and financial services legislation, the regulatory design and hierarchy of laws, and the potential to reframe or restructure financial services laws.  A final consolidated report, Confronting Complexity: Reforming Corporations and Financial Services Legislation (ALRC Report 141) was released on 18 January 2024 containing 58 recommendations designed to produce this improved legislative framework.  While the final report’s key proposals do not address crypto assets as an asset class, it does recognise the regulation of crypto assets as a public policy initiative that may be accommodated for by the improved legislation.

Generally, it is expected that the recommendations from these reviews will have significant effects on the regulatory regimes relevant to crypto assets.

Regulators

No regulator has been specifically tasked with supervising and regulating crypto assets in Australia and Australian regulators and agencies are each mandated with administration of laws applicable to a particular industry or legal area. The key regulatory agencies and bodies are as follows:

• Australian Securities and Investments Commission (ASIC): ASIC is Australia’s corporate, markets, financial services and consumer credit regulator. ASIC is responsible for overseeing licensing, supervision and enforcement of Australian companies, financial markets, financial services organisations (including banks, credit providers, insurers, superannuation providers, funds) and businesses dealing with or advising on investments, superannuation, insurance, deposit-taking and credit. ASIC also has delegated powers from Australia’s competition regulator, the Australian Competition and Consumer Commission, with respect to administering the Australian Consumer Law with respect to crypto assets.
• Australian Transaction Reports and Analysis Centre (AUSTRAC): AUSTRAC is Australia’s financial intelligence agency, responsible for preventing, detecting and responding to criminal abuse of Australia’s financial system. This includes oversight with respect to reporting entities that provide designated services (including digital currency exchange providers, remittance providers, certain financial product issuers and distributors and stored value facility operators) and overseeing reporting and other measures to combat money laundering and terrorism financing.
• Australian Prudential Regulation Authority (APRA): APRA is Australia’s prudential regulator, responsible for administering the banking, superannuation, insurance and prudential regimes. APRA is responsible for licensing, supervision and enforcement of authorised deposit-taking institutions (ie, banks) and other purchased payment facility operators, and the creation and administration of prudential standards in relation financial soundness, risk management and governance within such institutions.
• Reserve Bank of Australia (RBA): The RBA is Australia’s central bank and payment systems authority, responsible for supervising Australia’s core banking and payment systems. This includes conducting monetary policy, maintaining financial stability, issuing banknotes, supervising payment schemes, as well as the clearing and settling transactions between authorised deposit-taking institutions and purchased payment facility operators authorised and supervised by APRA.
• Australian Treasury (Treasury): The Treasury is not a regulator but a central policy agency for the Australian federal government. It has played an increasingly important role in Australia’s crypto asset and web3 landscape by consulting with industry and providing guidance as to the direction of how legislators seek to introduce changes with respect to the regulatory treatment of crypto assets and service providers.

Regulatory guidance

ASIC has published (and periodically updates) an information sheet (INFO 219 Evaluating distributed ledger technology) outlining its approach to the regulatory issues that may arise through the implementation of blockchain technology and solutions. In it, ASIC has reinforced its “technology neutral” approach to regulation and has re-asserted that businesses considering operating market infrastructure or providing financial or consumer credit services using blockchain will still be subject to the compliance requirements that currently exist under the applicable licensing regimes. This includes the requirement to have the necessary organisational competence, adequate technological resources, and risk management systems in place. ASIC has provided businesses with the following six questions by which to evaluate whether to use blockchain having regard to those requirements:

• How will the DLT be used?
• What DLT platform is being used?
• How is the DLT using data?
• How is the DLT run?
• How does the DLT work under the law?
• How does the DLT affect others?

ASIC has published its regulatory guidance on cryptocurrencies, INFO 225 Initial coin offerings and crypto-assets (INFO 225) to inform a greater range of crypto asset participants, including issuers, crypto asset intermediaries, miners and transaction processors, crypto asset exchange and trading platforms, crypto asset payment and merchant services providers, wallet providers and custody service providers, and consumers. INFO 225 sets out ASIC’s approach to determining the legal status of cryptocurrencies, which is dependent on the rights attached to the cryptocurrencies – ASIC has indicated this should be interpreted broadly – as well as their structure. Depending on the circumstances, coins or tokens may constitute interests in managed investment schemes (ie, collective investment vehicles), securities, derivatives, or fall into a category of more generally defined financial products, all of which are subject to the Australian financial services regulatory regime – see response to question 5. ASIC has indicated that it intends to update INFO 225 and this is slated for consultation in late 2024.

ASIC has clarified expectations for crypto assets that form part of the underlying assets of exchange-traded products (ETPs) and other investment products (see INFO Sheet 230 (INFO 230)).  In INFO 230, ASIC sets out expectations for market operators, retail fund operators (i.e., responsible entities), listed investment entities (including listed investment trusts and listed investment companies) and AFSL holders dealing in crypto assets. This primarily centres around criteria that ASIC expects market operators to apply when determining whether a specific crypto asset is an appropriate asset for market-traded products. This broadly requires institutional support of the crypto asset, service providers willing to support ETPs that invest in or provide exposure to the crypto asset, maturity of the spot market for the crypto asset, regulation of derivatives linked to the crypto asset, and the availability of robust and transparent pricing mechanisms for the crypto asset.  ASIC has commented that (as at October 2021) it considers Bitcoin and Ether likely satisfy ASIC’s criteria for determining appropriate underlying assets for an ETP.  ASIC has also included good practices in relation to how fund asset holders are required to custody crypto assets, as well as ensuring that adequate risk management systems are in place.

The Government has been generally supportive as indicated by the extent of its proposed legislative reform. The Government has sought to improve its understanding of, and engagement with, businesses by regularly consulting with industry on proposed regulatory changes. There has been considerable discussion around the opportunities, risks and challenges that have arisen for market participants, customers and regulators. The Government’s broader commitment to facilitating growth and innovation within the technology sector has been underpinned by its developing commitment to providing clarity as to how emerging services are adequately captured in Australia’s regulatory framework. This has included increased fintech specific regulatory guidance to assist businesses in understanding their obligations, amended legislation to bring fintech services providers within the remit of existing regimes, and the introduction of new legislation to provide greater consumer protection.

Regulators such as ASIC and AUSTRAC have generally been receptive to fintech and innovation but at the same time, regulators have been active in highlighting the risks of trading and investing in cryptocurrencies particularly in respect of retail consumers. Legislative change has been underpinned by regulators, primarily ASIC, pursuing high profile enforcement actions against crypto businesses, which has generated first-of-its-kind case law in Australia – see response to question 13. Market events, like the collapse of well-known cryptocurrency exchange, FTX Australia, and increasing calls from industry for clarity in regulation have caused an increase in proactive investigation and enforcement.

The Reserve Bank of Australia (RBA), Australia’s central bank, indicates no immediate plans to issue a retail CBDC.  However, it indicates a perceived use for wholesale CBDCs and is currently undertaking various industry research projects to explore use cases and economic benefits of a CBDC in Australia. In September 2024, the RBA and Australian Treasury published a joint paper on CBDC and the future of digital money in Australia. The RBA committed to:

• prioritising its work agenda on wholesale digital money and infrastructure including wholesale CBDC. The RBA perceives key benefits to include reducing counterparty and operational risks, improving capital efficiency, increasing informational transparency and auditability, increasing liquidity and the ability to transact and reducing intermediary and compliance costs; and
• a three year applied research program on the future of digital money in Australia. This progam will include a new project with industry on wholesale CBDC and tokenised commercial bank deposits to understand how concepts like programmability and atomic settlement can be used in Australia’s financial system. The program will also include industry and academic CBDC advisory forums scheduled for the first half of 2025, and covering both retail and wholesale CBDCs, as well as supporting reforms to enhance the existing regulatory sandbox for financial innovation. The program may include workshops on retail CBDC with subsections of the Australian community that are traditionally under-represented in public policy considerations. This will inform the RBA and Treasury’s findings in a proposed follow up paper on the merits of a retail CBDC scheduled to be published in 2027.

This coincides with Treasury’s consultation proposing to provide the RBA with expanded scope to regulate stablecoin payment systems that become fundamental to Australia’s payments infrastructure – see response to question 2.

In Australia, cryptocurrencies (also known as virtual assets, digital assets, crypto assets or digital currencies) refer to digital tokens created from code using blockchain that do not exist physically in the form of notes or coins. The current position in Australian law is that cryptocurrency is to be treated as an asset and not as fiat currency or money. Amendments to existing legislation over the last few years to accommodate increasing use of cryptocurrencies have generally focused on transactional relationships (ie, issuing and exchanging) rather than on cryptocurrencies themselves. As a result, while cryptocurrencies themselves are not restricted under Australian law, dealings in relation to, or services involving, cryptocurrencies are likely to be captured within existing regulatory regimes.

Australia’s regulatory framework (including how this relates to cryptocurrencies) is currently under review by multiple government bodies and agencies – see response to question 2. The primary focus of Australia’s approach to regulating cryptocurrencies has been in connection with centralised offerings rather than decentralised.

Financial services regulation

A person who carries on a financial services business in Australia must hold an AFSL or be exempt from the requirement to be licensed. Persons or entities dealing with, or providing services involving cryptocurrencies should consider whether the cryptocurrency constitutes a financial product, which may trigger the licensing requirement as well as other obligations in relation to disclosure, registration and conduct. The definitions of “financial product” and “financial service” under the Corporations Act 2001 (Cth) (Corporations Act) are broad, and cover facilities through which a person makes a financial investment, manages a financial risk or makes a non-cash payment. ASIC continues to reiterate its view that cryptocurrencies with similar features to existing financial products will trigger the Australian financial services laws.

Consumer credit

Certain credit activities will trigger the requirement to hold an Australian credit licence (ACL) under the National Consumer Credit Protection Act 2009 (Cth) (NCCP Act) (including the National Credit Code (Credit Code)), and requirements under the ASIC Act and associated regulations as administered by ASIC. Principal issuers of consumer credit contracts will trigger the requirement to hold an ACL. The ACL requirement also captures a broad range of businesses that provide credit services such as credit assistance (eg, suggesting or assisting a person in relation to credit) or credit intermediation (eg, acting as an intermediary in relation to credit). Web3 participants will need to consider whether credit licensing obligations are triggered in the context of borrowing or lending (including where loans are made using crypto assets or crypto assets are used as collateral for a fiat loan).

Stored value

Crypto asset issuers and service providers must also consider whether they are subject to prudential regulation. Generally, entities that are carrying on a banking business (eg, taking money on deposit and making advances of money) in Australia are required to be authorised by APRA as an authorised deposit-taking institution (ADI) and comply with associated obligations and prudential standards.

Entities that are holders of stored value in connection with a purchased payment facility (PPF) are required under the Payment Systems (Regulation) Act 1998 (Cth) (PSRA) to become an ADI authorised by APRA. A PPF is a facility (other than cash) where the customer is able to make payments up to the amount available under the facility and those payments are made by the provider of the facility (or another person acting in accordance with instructions). This may be relevant for digital wallet providers that are offer customers digital wallets as a means of payment and storing value for customers.

There is ongoing payments and stored value reform relevant to stablecoins – see response to question 2.

Cross-border considerations

The regulation of foreign financial service providers (FFSPs) in Australia is in a state of flux. Currently, carrying on a financial services business in Australia will require a FFSP to hold an AFSL or otherwise rely on an exemption such as being an authorised representative of an AFSL holder. Entities, including FFSPs, should note that the Corporations Act may apply to crypto asset sales regardless of whether it was created and offered from Australia or overseas. Historically, FFSPs regulated in comparable jurisdictions had the benefit of limited licensing relief for financial services provided to wholesale clients (known as sufficient equivalence relief). In 2020, this was repealed and a foreign AFSL regime was introduced. In 2021, the Government proposed reverting back to the comparable jurisdiction regime (with some amendments). This proposal was put to Australian parliament in early 2022; however, the proposed legislation lapsed with the change of Government. On 7 August 2023, Treasury consulted on licensing exemptions for FFSPs  and on 30 November 2023, the Treasury Laws Amendment (Better Targeted Superannuation Concessions and Other Measures) Bill 2023 was introduced to Parliament, which was an updated bill considering the feedback from the August 2023 consultation. The Bill is currently before the Senate (Australia’s upper house of Government). The licensing exemptions are broadly based on the 2022 legislation and includes a professional investor exemption, comparable regulator exemption, market maker exemption and fit and proper person test exemption (the latter being a simplification of the AFSL application process for certain FFSPs).

While consultation is ongoing, ASIC has extended transitional relief for FFSPs currently relying on sufficient equivalence and limited connection relief. Transitional relief will expire 31 March 2026 (previously 31 March 2025). During this period, ASIC will also consider new applications for individual temporary licensing relief or new AFSL applications from entities that cannot rely on transitional relief.

Foreign companies taken to be carrying on a business in Australia, including by issuing cryptocurrency or operating a platform developed using token sale proceeds, may be required to either establish a local presence (ie, register with ASIC and create a branch) or incorporate a subsidiary. Broadly, the greater the level of system, repetition or continuity associated with an entity’s business activities in Australia, the greater the likelihood that registration will be required. Generally, a company holding an AFSL will be carrying on a business in Australia and will trigger the requirement.

Promoters should also be aware that if they wish to market their cryptocurrency to Australian residents, and the tokens are considered a financial product under the Corporations Act, they will not be permitted to market the products unless the requisite licensing and disclosure requirements are met. Generally, a service provider from outside Australia may respond to requests for information and issue products to an Australian resident if the resident makes the first (unsolicited) approach and there has been no conduct on the part of the issuer designed to induce the investor to make contact, or activities that could be misconstrued as the provider inducing the investor to make contact.

Consumer law

Even if a token or crypto-related offering is not regulated under the Corporations Act, it may still be subject to other regulation and laws, including the Australian Consumer Law set out at Schedule 2 to the Competition and Consumer Act 2010 (Cth) (ACL) relating to the offer of services or products to Australian consumers. The ACL prohibits misleading or deceptive conduct in a range of circumstances including in the context of marketing and advertising. As such, care must be taken in promotional and other customer facing material to ensure that customers are not misled or deceived and that the promotional material does not contain false information. In addition, promoters and sellers are prohibited from engaging in unconscionable conduct and must ensure tokens issued or services provided are fit for their intended purpose. The protections of the ACL are generally reflected in the Australian Securities and Investments Commission Act 2001 (Cth) (ASIC Act), providing substantially similar protection to investors in financial products or services. See also response to question 15.

A range of consequences may apply for failing to comply with the ACL or the ASIC Act, including monetary penalties, injunctions, compensatory damages and costs orders.

Anti-money laundering and counter-terrorism financing (AML/CTF)

See response to question 6.

Market licensing and clearing and settlement facilities

Related to the question of whether an AFSL is required is whether an operators is required to hold an Australian market licence or clearing and settlement facility licence (CSFL):

• Australian market licence: Anyone who operates a financial market in Australia must hold an Australian market licence or be otherwise entitled to rely on an exemption. Generally, a person will be taken to operate a financial market where a person operates a facility through which offers to acquire or dispose of financial products are regularly made or accepted. This broad definition applies to any form of technology or physical infrastructure that enables persons to make or accept offers or invitations by means of the facility. Whether a market venue ‘operates’ in Australia depends on a number of factors including whether the venue has Australian participants or is targeted at Australian investors. Part 12 of the recent Treasury Laws Amendment (Financial Market Infrastructure and Other Measures) Bill 2024 has further clarified when a financial market has connection with Australia, including that the market is denominated in Australian currency, the market provides a market for financial products based on something else located in or issued in Australia or one or more current or expected market participants is resident in or based in Australia.
• CSFL: Anyone who operates a clearing and settlement facility (CS Facility) in Australia must hold a CSFL or otherwise rely on an exemption from the licensing requirement. A CS Facility is a facility that provides a regular mechanism for the parties to transactions relating to financial products to meet obligations to each other that arise from entering into transactions or are prescribed under the regulations. This captures any technical infrastructure, regulations and procedures that systematically allow counterparties to meet their obligations to each other in relation to a financial product. Among other factors, someone ‘operates’ a CS Facility in Australia where it is located in Australia, it has one or more Australian users or participants and is targeted at Australian users and the volume and value of transactions cleared and settled by the CS Facility that are submitted by Australian participants or users are material.

Cryptocurrencies and tokens were brought within the scope of Australia’s AML/CTF regulatory framework as a result of legislative amendments in the Anti-Money Laundering and Counter-Terrorism Amendment Act 2017 (Cth) which came into force in April 2018. The legislation was introduced to recognise the movement towards digital currencies becoming a popular method of payment and the transfer of value in the Australian economy while posing significant money laundering and terrorism financing risks.

Broadly, digital currency exchange (DCE) service providers are required to register with AUSTRAC in order to operate. Among other obligations, registered exchanges are required to implement know-your-customer processes to adequately verify the identity of their customers, with ongoing obligations to monitor and report suspicious and large transactions. Exchange operators are also required to keep certain records relating to customer identification and transactions for up to seven years. DCE providers are required to renew their registration every three years.

Since April 2023, the Attorney-General’s Department has undertaken two consultations on long-awaited reform to Australia’s AML/CTF regime – see response to question 2. Following this consultation, Parliament introduced the Anti-Money Laundering and Counter-Terrorism Financing Amendment Bill 2024 in September 2024. Relevant to DCEs, among the matters are proposed changes to:

• expand the definition of digital currency to “virtual assets” to align with the definition used by the Financial Action Task Force;
• expand the types of regulated services to include exchanges between one or more other forms of digital currency, transfers of digital currency on behalf of a customer, safekeeping or administration of digital currency and participation in and provision of financial services related to an issuer’s offer and/or sale of a digital currency;
• broaden remittance designated services to include transfers of digital currency; and
• update the travel rule and extend its application to remitters and DCE providers. The bill proposes to update the travel rule to align with international standards by requiring payer and payee information for transfers on behalf of customers to other businesses, payer information to be verified and the inclusion of payee information.

The taxation of cryptocurrency in Australia has been an area of much debate, despite recent attempts by the Australian Taxation Office (ATO) to clarify the operation of the tax law.  For income tax purposes, the ATO views cryptocurrency as an asset that is held or traded (rather than as money or a foreign currency).  Recent amendments to Australia’s tax legislation clarify that cryptocurrencies are not foreign currencies for income tax purposes.

The tax implications for holders of cryptocurrency depend on the purpose for which the cryptocurrency is acquired or held.  The summary below applies to holders who are Australian residents for tax purposes.

Sale or exchange of cryptocurrency in the ordinary course of business

If a holder of cryptocurrency is carrying on a business that involves sale or exchange of the cryptocurrency in the ordinary course of that business, the cryptocurrency will be treated as trading stock.  Gains on the sale of the cryptocurrency will be assessable and losses will be deductible (subject to integrity measures and “non-commercial loss” rules).

Whether or not a taxpayer’s activities amount to carrying on a business is a question of fact and degree, and is ultimately determined by weighing up the taxpayer’s individual facts and circumstances.  Generally (but not exclusively), where the activities are undertaken for a profit-making purpose, are repetitious, involve ongoing effort, and include business documentation, the activities would amount to the carrying on of a business.

Isolated transactions

Even if a holder of cryptocurrency did not invest or acquire the cryptocurrency in the ordinary course of carrying on a business, profits or gains from an “isolated transaction” involving the sale or disposal of cryptocurrency may still be assessable where the transaction was entered into with a purpose or intention of making a profit, and the transaction was part of a business operation or commercial transaction.

Cryptocurrency investments

If cryptocurrency is not acquired or held in the course of carrying on a business, or as part of an isolated transaction with a profit-making intention, a profit on sale or disposal should be treated as a capital gain.  In this regard, the ATO has indicated that cryptocurrency is a capital gains tax (CGT) asset.  Capital gains may be discounted under the CGT discount provisions, so long as the taxpayer satisfies the conditions for the discount (for example, the cryptocurrency is held for at least 12 months before it is disposed of).

Although cryptocurrency may be a CGT asset, a capital gain arising on its disposal may be disregarded if the cryptocurrency is a “personal use asset” and it was acquired for A$10,000 or less.  Capital losses made on cryptocurrencies that are personal use assets are also disregarded.  Cryptocurrency is more likely to be a personal use asset if it was acquired and used within a short period of time for personal use or consumption (that is, to buy goods or services).

Note that the ATO’s view on the income tax implications of transactions involving cryptocurrencies is in a state of flux due to the rapid evolution of both cryptocurrency technology and its uses.  On 21 March 2022, the Government released the Terms of Reference for a review to be undertaken by the Board of Taxation into the appropriate policy framework for the taxation of digital assets and transactions in Australia.  In August 2022, the Board of Taxation published a consultation guide, and on 23 February 2024 the Board of Taxation delivered its report on the Tax Treatment of Digital Assets and Transactions to the Government.

Other transactions involving cryptocurrency

Other transactions involving cryptocurrency that may have taxation implications including the following:

• Staking – An entity may stake their cryptocurrency to facilitate the validation and verification of transactions on a blockchain. The entity may be rewarded with additional tokens for its role in this process.  The market value of the additional tokens at the time they are received will be ordinary income that the entity will be taxed on at marginal tax rates.
• DeFi – An entity may lend their cryptocurrency via DeFi apps protocols or platforms. Any “interest” that the entity receives in the form of tokens should be assessable as ordinary income.  However, it is important to note that entering into the DeFi arrangement may result in a disposal of the cryptocurrency for tax purposes.

Australian goods and services tax (GST)

The normal GST rules apply to using or receiving digital currency to pay for goods and services as if the digital currency is money, but the remittance of GST to the ATO must be in Australian currency.

However, supplies of digital currency in exchange for money or digital currency (i.e., trading in digital currency) are not subject to GST on the basis that the supplies will be:

• input-taxed financial supplies, if supplied to another Australian resident located in Australia; or
• GST-free supplies, if supplied to a non-resident who is not located in Australia.

Consequently, such suppliers of digital currency will not be required to pay to the ATO GST on these supplies.  However, the suppliers of digital currency may be charged GST on costs that relate to their sale of the digital currency (i.e., a transaction fee charged by a digital currency exchange (DCE) platform), and may be restricted from claiming input tax credits for such costs.

The term “digital currency” is defined under the A New Tax System (Goods and Services Tax) Act 1999 as a digital unit of value that has all of the following characteristics:

• it is fully interchangeable with the same digital currency;
• can be provided as consideration for a supply;
• it is available to the public without any substantial restrictions;
• it is neither denominated in any country’s currency, or denominated in a currency that is not issued by, or under the authority of, an Australian or foreign government agency;
• its value is not derived from or dependent on anything else;
• it does not give an entitlement to receive something else unless the entitlement is incidental to holding the digital currency or using it as consideration; and
• if supplied, it would not be an input taxed financial supply for a reason other than being a supply of a digital currency or money.

In relation to a holder carrying on an enterprise of cryptocurrency mining, whether or not GST is payable by the miner on its supply of new cryptocurrency depends on a number of factors, including its specific features, whether the miner is registered for GST, and whether the supply is made in the course or furtherance of the miner’s enterprise.

For example, if the miner supplies mining services, i.e., to a mining pool operator in Australia, the supply of mining services may be taxable if the supply is made in the course or furtherance of an enterprise that is registered for GST.

A miner would generally be required to register for GST if, over a 12-month period, the miner has a GST turnover (i.e., gross income from all businesses minus GST, excluding the value of any input taxed supplies of digital currencies and other input taxed supplies) of A$75,000 or more.  A miner who is not required to register for GST may nevertheless elect to register for GST in order to claim input tax credits from the ATO for certain GST costs related to its supplies of mining services.

A miner will carry on an enterprise where the miner conducts the activity, or a series of activities, in the form of business or in the form of an adventure or concern in the nature of trade.  However, this does not include activities conducted for a private recreational pursuit, a hobby, activities carried on as an employee or office holder, or activities carried on by individuals or partnerships without a reasonable expectation of profit.  The scope of carrying on an “enterprise” can be broader than carrying on a “business” and some miners may unintentionally be carrying on an “enterprise” for GST purposes.

Enforcement

The ATO has created a specialist task force to tackle cryptocurrency tax evasion.  The ATO also collects bulk records from Australian cryptocurrency designated service providers to conduct data matching to ensure that cryptocurrency users are paying the right amount of tax.  With the broader regulatory trend around the globe moving from guidance to enforcement, it is likely that the ATO will also continue to tighten its scrutiny of cryptocurrency.

There are currently no express prohibitions on the use or trading of cryptocurrencies in Australia. The legal obligations and requirements applicable to any cryptocurrency, token or virtual asset will depend upon the rights which are attached to them and their features – see response to question 5.

Trading crypto assets is common. According to ATO’s data analysis there has been a dramatic increase in cryptocurrency trading since the beginning of 2020. As at 28 May 2021, the ATO estimated that over 600,000 Australians have invested in crypto assets in recent years and a 2023 study by the ASX revealed that 15% of Australian investors currently hold cryptocurrency and 29% of Australian investors are interested in buying cryptocurrency in the next 12 months, with that number rising to 31% for investors aged between 18-24. More broadly, ASIC Report 735: Retail Investor Research (released August 2022) indicates cryptocurrencies may now represent the second most held investment asset by Australian investors.

Mainstream financial institutions in Australia have historically stayed away from any involvement with cryptocurrency trading citing money laundering and terrorism financing risks. Industry association bodies have also raised concerns of “de-banking” with banks closing the accounts of a notable number of Australian digital currency exchanges to meet “compliance and assurance requirements”. In recent times numerous institutional market makers and liquidity providers have increased their scope to provide broader corporate solutions across cryptocurrency and digital asset trading, including custody solutions. Similarly, there is a growing presence of cryptocurrency and digital asset-based classes of underlying assets within managed funds. Such inclusion has indirectly increased the volume of trading in these assets.

To the extent that cryptocurrencies are financial products, trading or on-selling financial products fall within the existing regulatory regime and issuers, distributors and traders should have regard to the following regulatory considerations.

Design and distribution obligations

Since 5 October 2021, issuers and distributors of financial products to retail clients must comply with DDOs which may impact the way cryptocurrencies are structured and token sales are conducted. Issuers and distributors are required to implement effective product governance arrangements including a TMD subject to review triggers. ASIC indicated in its 2024-25 corporate plan that the DDOs remains a strategic priority. ASIC has pursued numerous enforcement actions to address poor design and distribution of products. In the blockchain and cryptocurrency sector, ASIC has made interim stop orders preventing the distribution of retail funds providing exposure to crypto-assets (and those funds have since been wound up). The orders were made on the basis that ASIC does not consider that the target market in the TMD to be suitable.

Product intervention powers

ASIC also has product intervention powers (PIPs) where there is a risk of significant consumer detriment. This enables ASIC to address market-wide problems or specific business models and deal with certain “first mover” issues. The power covers financial products under the Corporations Act and ASIC Act and credit products under the National Consumer Credit Protection Act 2009 (Cth) (NCCPA). These powers are highly likely to impact marketing and distribution practices in the cryptocurrency sector where cryptocurrencies fall within the scope of these powers.

The purpose of these regulations is to ensure that financial products are targeted at the correct category of potential investors. ASIC has already commenced using its PIP to address issues relating to short term credit products and various derivatives. However, these have not yet been directed specifically toward cryptocurrencies. It is anticipated that ASIC will use its PIP should a risk of significant consumer detriment arise in relation to certain cryptocurrency types and structures. ASIC has made a product intervention order under ASIC Corporations (Product Intervention Order—Contracts for Difference) Instrument 2020/986 (CFD Instrument) imposing conditions on the issue and distribution of CFDs to retail clients until 23 May 2027. Among other conditions, the product intervention order restricts contract for different leverage offered to retail clients to a maximum ratio depending on the asset referenced and the leverage ratio is 2:1 for CFDs referencing crypto assets.

While the data on ICO activity in Australia is opaque, a number of Australian businesses such as Synthetix, Power Ledger and CanYa have raised significant funds via ICOs.

ASIC has referred to ICOs as being “a highly speculative investment” and that “while the potential returns may look attractive, these projects are mostly unregulated and the chance of losing your investment is high”. This approach to issue public statements and warnings to consumers specific to ICOs aligns with the approach of many members of the International Organization of Securities Commissions. Consequently, ASIC has emphasised consumer protection and compliance with the relevant laws and has taken action as a result to stop proposed token sales targeting retail investors due to issues with disclosure and promotional materials, as well as offerings of financial products without an AFSL. In August 2021, ASIC urged consumers to be wary of investing in crypto-asset related financial products, such as options and futures, through unlicensed entities. ASIC has also received delegated powers from the Australian Competition and Consumer Commission to enable it to take action against misleading or deceptive conduct in marketing or issuing in initial coin offerings (ICOs) (regardless of whether it involves a financial product). ASIC has indicated misleading or deceptive conduct in relation to ICOs may include:

• using social media to create the appearance of greater levels of public interest;
• creating the appearance of greater levels of buying and selling activity for an ICO or a crypto-asset by engaging in (or arranging for others to engage in) certain trading strategies;
• failing to disclose appropriate information about the ICO; or
• suggesting that the ICO is a regulated product or endorsed by a regulator when it is not.

ASIC has stated that it will use this power to issue further inquiries into ICO issuers and their advisers to identify potentially unlicensed and misleading conduct.

The legislative amendments introduced to provide for the regulation of cryptocurrencies have generally focused on the transactional relationships (eg, the issuing and exchanging process) and activities involving cryptocurrencies, rather than the cryptocurrencies themselves. See response to question 5 regarding the key aspects of Australia’s regulatory regimes as relevant to the sale of cryptocurrency through an ICO. For example, depending on the circumstances, coins or tokens may constitute interests in managed investment schemes (collective investment vehicles), securities, derivatives, or fall into a category of more generally defined financial products (including the ability to make non-cash payments), all of which are subject to the Australian financial services regulatory regime.

ASIC has provided high-level guidance to assist in determining whether an ICO may fall within the Australian financial services regulatory framework in INFO 225 (see response to question 2 9). This includes how the legal status of an ICO may trigger licensing, registration and disclosure requirements if the tokens represent financial products (see response to question 5).

Title

As digital assets are increasingly included in underlying baskets of fund assets, there have been concerns regarding the ability of an appointed custodian to hold legal title to digital assets to the exclusion of other fund participants and beneficiaries. These concerns relate to the ability to comply with existing laws regulating the holding of fund assets (for example, having exclusive possession of assets held on trust for beneficiaries). Solutions have primarily revolved around a series of cold storage and multi-signature access and trade execution processes. However, these have not been widely solved in a manner that allows for relative ease of trade execution in high volume trading schemes.

There has also been continuous development in the use of blockchain in bond issuances. Currently, the majority of blockchain issued bonds only mirror off-chain transactions on the on-chain ledger, rather than effecting the transaction using blockchain. The technology generally has not yet extended to allow for the recordings in the ledger to constitute a transfer of legal title to the bonds and consequently, transactions are executed through an off-chain bond register and then replicated on the blockchain.

Security

The process for taking security over cryptocurrency in Australia is not yet settled because Australian courts are yet to consider the treatment of cryptoassets in an insolvency context and whether they are a form of ‘property’.

Under Australia’s Personal Property Securities Act 2009 (Cth) (PPSA), a security interest in ‘personal property’ will only be fully effective if the secured party has perfected the interest by possession or control of the personal property, or by registration on the Personal Property Securities Register (PPSR). As a party seeking to take security over crypto assets would generally not have possession or control of the assets, the interest would need to be registered on the PPSR.

Relevantly, there must be ‘property’ within the meaning of the PPSA to which the security interest attaches. Whilst there remains uncertainty as to the type of personal property that properly defines crypto assets, anecdotally insolvency practitioners are generally proceeding on the basis that a user’s third party holding or direct holding is a form of personal property for the purposes of the PPSA until such time as Court directions on this subject are provided and/or the law is clarified by the legislature.

The use of smart contracts has generally been limited to the cryptocurrency sector for order matching and transaction execution (with increasing regularity for atomic swaps). Over the last few years, there has also been an increase in institutional adoption of smart contracts to digitise readily automatable processes. This has primarily taken hold in the financial services sector with multiparty arrangements (for example, issuing bank guarantees or debt instruments, issuing and dealing with fund interests through smart contracts).

Smart contracts (including self-executing contracts) are permitted in Australia under the Electronic Transactions Act 1999 (Cth) (ETA) and the equivalent Australian state and territory legislation. The ETA provides a legal framework to enable electronic commerce to operate in the same manner as paper-based transactions. Under the ETA, self-executing transactions are permitted in Australia, provided that they meet all traditional elements of a legal contract, including an intention to create legally binding obligations; offer and acceptance; certainty; and consideration.

The pre-determined and self-executing form of smart contracts creates difficulties where there is a required element of discretion by either party, particularly relating to dispute mechanisms (e.g. arbitration and mediation) and non-deterministic provisions. There has been very little case law on the subject. Self-executing contracts may alter traditional dispute resolution in Australia if online platforms can facilitate self-executing dispute resolution.

Currently, Australian law does not expressly legislate decentralised autonomous organisations (DAOs) and there is no legal recognition of DAOs as a corporate structure meaning members do not have limited liability or other protections in place. There is an open question as to whether DAOs satisfy the definition of ‘partnership’ under Australian law however limitations on the number of members or partners means that this classification is not generally suitable.

In 2021, the Senate Select Committee’s Technology and Financial Centre recommended that the Government formally recognise DAOs as a company structure, which would address the issues of legal personhood and liability. The Government agreed to the recommendation in principle but noted that further consultation would be needed on the “appropriate regulatory structure” for DAOs.

In 2022, the ALRC, as part of its investigation into financial services laws in Australia, published a background paper on new business models, technologies and practices, including considerations of DAOs. The paper notes the advantages of allowing DAOs to adopt a corporate from as enabling DAOs to have legal personality to enter into contracts and hold property and so members of a DAO can enjoy limited liability protection in the DAO’s dealings. However, the paper notes that a common limitation when regulating DAOs is registration often requires the appointment of agents or representatives on behalf of the DAO, which inherently contradicts a DAO’s nature and foregoes crucial elements of anonymity and autonomy. The paper notes it may be possible for future regulatory design to distinguish a DAO that operates in a purely decentralised form to be treated as an unincorporated association and a ‘wrapped’ DAO (ie, where a DAO operates through a corporate structure).

Currently proposed legislative reform has not addressed DAOs further – see response to question 2.

Crypto asset offerings have been a significant focus area for ASIC. ASIC has pursued a number of high-profile enforcement actions that have focused on alleged unlicensed activities and the nature of associated conduct (eg perceived instances of investor and consumer risk).

The following matters are currently before the Australian Courts:

• On 25 October 2022, ASIC commenced proceedings against BPS Financial Pty Ltd (BPS) for allegedly making false, misleading or deceptive representations and engaging in unlicensed conduct in relation to a regulated payment facility involving a crypto asset token called Qoin. On 3 May 2024, the Federal Court found that BPS engaged in unlicensed conduct when offering the ‘Qoin Wallet’. On 18 June 2024, ASIC appealed part of the judgment relating to authorised representative arrangements where the Court held that BPS was exempt from the requirement to be licensed.
• On 23 November 2022, ASIC commenced proceedings against Web3 Ventures Pty Ltd (Block Earner) alleging it provided unlicensed financial services in relation to its crypto asset based products and that it operated an unregistered managed investment scheme. On 9 February 2024, the Federal Court held that Block Earner’s fixed yield product required Block Earner to be licensed and that the product was a managed investment scheme that needed to be registered. The Court found that Block Earner’s variable yield product, which provided access to Aave and Compound did not require Block Earner to be licensed. On 4 June 2024, the Federal Court relieved Block Earner from liability to pay a penalty. On 18 June 2024, ASIC appealed the Federal Court’s decision to relieve Block Earner from liability to pay a penalty. Block Earner has cross appealed the Court’s finding regarding its fixed yield product.
• On 15 December 2022, ASIC commenced proceedings against Finder Wallet Pty Ltd, for allegedly providing unlicensed financial services, breaching product disclosure requirements and failing to comply with design and distribution obligations in relation to its crypto asset related product Finder Earn. On 14 March 2024, the Federal Court dismissed the proceedings. On 14 April 2024, ASIC appealed the decision.

ASIC has also undertaken other enforcement. For example:

• on 20 September 2023, Bobbob Pty Ltd paid $53,280 to comply with ASIC infringement notices regarding representations it made about a crypto asset linked investment product. ASIC also accepted a court enforceable undertaking from Bobbob and its sole director Mr Byron Goldberg including Bobbob not providing financial services to retail clients for 12 months and Mr Goldberg not providing or being involved in a business providing financial services to retail clients for 12 months.
• on 21 September 2023, ASIC commenced civil penalty proceedings in the Federal Court against Kraken, alleging failures to comply with the design and distribution regime (and ASIC has more broadly been very active in enforcement in this space – see response to question 8) in connection with Kraken’s margin lending product. On 24 August 2024, the Federal Court held that Kraken had made its fiat and crypto margin extension product available without a target market determination in contravention of its design and distribution obligations. However, the Federal Court also held that the obligation to repay a digital asset was not an obligation to repay “money” for the purposes of determining whether margin lending is deferred debt and a credit facility under the Australian Securities and Investments Commission 2001 (Cth).

ASIC has also released a warning in particular for brokers offering or seeking to offer unregulated crypto assets alongside regulated products on trading apps. ASIC noted this may provide clients with “a false sense of security, leading them to believe crypto-assets have the same protections as regulated financial products or they may underestimate the risks”.

It is generally expected that there will be an increased effort by ASIC to undertake enforcement activity in the blockchain and crypto sectors.

In Australia, the Privacy Act 1988 (Cth) (Privacy Act) regulates the handling of personal information by Government agencies and private sector organisations with an aggregate group revenue of at least A$3 million with a jurisdictional link to Australia. In some instances, the Privacy Act will apply to businesses (e.g. credit providers and credit reporting bodies) regardless of turnover. The Privacy Act includes 13 Australian Privacy Principles, which impose obligations on the collection, use, disclosure, retention and destruction of personal information. Relevantly, before entities collect personal information, they must disclose the way in which this data will be used, the purposes for which it will be used and third parties to which it is likely to be disclosed. This is the basis on which individuals provide consent for their personal information to be collected, used and disclosed. Note, Australia’s privacy legislation is currently the subject of reform and it is anticipated that there will be significant changes in this space.

Blockchain arrangements can be structured in various ways, from information being readily visible to all participants on a network, to closed networks where information is limited to specific participants in specific instances. Therefore, entities wishing to collect and use personal information through blockchain implementations must ensure that they have gained appropriate consents for the contemplated use and disclosure.

The Notifiable Data Breaches (NDB) scheme was implemented in 2018. The NDB scheme mandates that entities regulated under the Privacy Act are required to notify any affected individuals and the Office of the Australian Information Commissioner in the event of a data breach (i.e. unauthorised access to or disclosure of information) which is likely to result in serious harm to those individuals. The NDB scheme applies to agencies and organisations that the Privacy Act requires to take steps to secure certain categories of personal information. Therefore, entities will also need to ensure that any blockchain implementations are sufficiently protected from security issues such as unauthorised access and operational failure, and in the case of a data breach, ensure that they have adequate processes in place to comply with the NDB scheme.

Entities offering solutions that incorporate blockchain technology (as well as their legal advisers) should be aware of the regulations that may apply to the broader context in which the solution is offered. This particularly relates to the extent to which the general public may not accurately understand how the blockchain components operate, and how they fit within the overall solution.

The ACL provides various consumer protections in relation to goods and services sold to Australian consumers (irrespective of where the business is located). These protections include prohibitions against:

• misleading and deceptive conduct;
• false or misleading representations;
• unfair contract terms; and
• unconscionable conduct.

Where the blockchain solution forms part of a financial services offering, the ASIC Act will apply and sets out identical consumer protections as the ACL. Therefore, where an offering incorporates blockchain technology, entities must ensure that consumers have the necessary information to understand how the solution works, the purpose and use of the blockchain components and what that means from an end-user perspective.