Introduction
Australia’s regulatory landscape for crypto and blockchain payment services is undergoing a significant transformation, moving from a period of ambiguity to one of increasing clarity. For years, platforms blending digital assets with traditional fiat currency have navigated a complex web of financial services laws originally designed for a non-tokenised world. Now, with recent draft legislation and active government consultations, the framework is solidifying, directly impacting how these innovative payment systems must operate.
This guide is for founders and compliance leads building hybrid payment models, such as stablecoin gateways, crypto remittance apps, or wallets that manage both AUD and digital tokens. It provides essential information on how to get an Australian Financial Services Licence (AFSL), alongside anti-money laundering obligations, and how the regime applies to your business. Understanding these evolving requirements is crucial for designing a compliant and sustainable payment architecture in Australia’s modernising financial ecosystem.
When Crypto Payments Become Regulated Financial Products
The Non-Cash Payment (NCP) Facility Test
Under the Corporations Act 2001 (Cth), a non-cash payment (NCP) facility is broadly defined as any arrangement that allows a person to make payments without the physical delivery of currency. This definition is technology-neutral and can extend to digital asset platforms, including crypto wallets and payment-enabled tokens, if they are designed or represented as enabling payment functionality to more than one person.
Whether a crypto service is an NCP facility depends on its specific rights and features. The key consideration is whether the arrangement provides the holder with the ability to make payments to third parties. This can apply to both:
- Custodial wallets: Where the platform holds the private keys
- Non-custodial wallets: Where users control their private keys
Both types may be classified as NCP facilities if they include a ‘pay anyone’ feature, allowing users to transfer digital assets to another person’s wallet or address.
The infrastructure surrounding the token is critical; if an issuer or platform provides the tools that allow a token to be used for payments, the arrangement itself may be deemed an NCP facility.
The Federal Court case of Australian Securities and Investments Commission v BPS Financial Pty Ltd [2024] FCA 457, a notable example of an ASIC investigation, provides a real-world example of this principle. The court determined that the ‘Qoin Wallet,’ which enabled users to store and transact with the Qoin token, was a regulated NCP facility. This decision clarified that:
- The underlying blockchain is not the financial product
- The wallet application that provides the payment mechanism is the regulated product
This confirms that the functionality of the service is the key factor in triggering AFSL requirements.
How Stablecoins & Other Crypto Assets Trigger AFSL Requirements
Beyond the NCP facility test, digital assets can be classified as other types of financial products under the Corporations Act 2001 (Cth), each of which necessitates an AFSL. The legal status of a crypto asset depends on its specific structure and the rights it confers upon its holder.
Several classifications can trigger AFSL obligations for a payment service provider:
| Asset Classification | Description & Conditions |
|---|---|
| Interests in a Managed Investment Scheme (MIS) | An arrangement is considered a Managed Investment Scheme (MIS) if it involves people contributing assets to be pooled, assets being managed in a common enterprise for financial benefits, and contributors lacking day-to-day control. A yield-bearing stablecoin is a likely example. |
| Securities | A digital asset is deemed a security if it grants rights similar to shares or debentures, such as ownership in a company, voting rights, a share in profits (like a share), or represents a promise to repay funds (like a debenture). |
| Derivatives | A crypto asset is classified as a derivative if its value is derived from or varies based on another asset, index, or financial product. A common example is a “wrapped token” representing a token on another blockchain. |
Get Your Free Initial Consultation
Consult with one of our experienced ACL & AFSL Lawyers today.
New Licensing Frameworks for Digital Asset & Crypto Platforms
Licensing Digital Asset Platforms Under the Proposed AFSL Regime
The Australian government is moving to establish a more explicit licensing framework for digital asset intermediaries. In September 2025, the Treasury released the Treasury Laws Amendment (Regulating Digital Asset, and Tokenised Custody, Platforms) Bill 2025 Exposure Draft, which proposes to bring crypto platforms under the existing AFSL regime.
This reform focuses on regulating the platforms themselves, rather than the individual digital assets they support. The draft legislation introduces two new categories of financial products under the Corporations Act 2001 (Cth):
| Platform Category | Definition |
|---|---|
| Digital Asset Platforms (DAPs) | Defined as facilities where an operator holds one or more digital tokens on behalf of a client. This is intended to capture services like crypto exchanges, brokerage platforms, and custodial wallet providers. |
| Tokenised Custody Platforms (TCPs) | Covers facilities where an operator holds an underlying asset (e.g., gold, shares) and creates a unique digital token that confers a right to redeem that asset. |
Under these proposed changes, any business operating a DAP or TCP will be considered to be issuing a financial product. Consequently, these operators will be required to obtain an AFSL and comply with its associated obligations, marking a significant shift for many previously unregulated crypto exchanges and custodians in Australia.
Payments System Modernisation & Your Crypto Service
In parallel with the digital asset platform reforms, Australia’s payments system is undergoing a significant modernisation. This reform moves away from the outdated concept of ‘non-cash payment facilities’ and introduces a new, function-based licensing framework for Payment Service Providers (PSPs).
This new regulatory framework is designed to be:
- Technology-neutral
- Adaptable to future innovations
The modernisation initiative, detailed in the Treasury Laws Amendment (Payments System Modernisation) Bill 2025, introduces seven defined payment functions. A key development for the crypto industry is the proposal to regulate payment stablecoins as a type of Stored-Value Facility (SVF). This classification is due to their functional similarities to traditional SVFs, as they are designed to store value and be used for making payments.
This change creates another clear pathway to AFSL obligations for crypto businesses. If your service involves the issuance or use of payment stablecoins that can be redeemed at face value for a fiat currency, it will likely be captured under the SVF framework. As a result, your business would be required to obtain an AFSL to legally provide that payment service within the Australian financial system.
Speak with an ACL & AFSL Lawyer Today
Request a Consultation to Get Started.
Core AFSL & AUSTRAC Obligations for Crypto Businesses
Key AFSL Obligations: Custody, Risk Management & Disclosure
Holding an AFSL brings a suite of ongoing responsibilities designed to protect consumers and ensure market integrity. Licensees must provide their financial services efficiently, honestly, and fairly, as stipulated by the Corporations Act 2001 (Cth).
Asset custody is a primary responsibility, with strict rules outlined in the Australian Securities and Investments Commission’s (ASIC) Regulatory Guide 133 (RG 133). These standards, which now expressly cover crypto assets, require:
- Client assets to be held on trust
- Segregation from the company’s operational funds
For custodial services, a provider typically needs to maintain at least $10 million in Net Tangible Assets (NTA), although this may be lower if custody is incidental to other financial services. The new draft legislation for DAPs and TCPs also empowers ASIC to set minimum standards for asset holding, transactional functions, and settlement.
Furthermore, AFS licensees must maintain adequate risk management systems under section 912A(1)(h) of the Corporations Act 2001 (Cth). This involves identifying, assessing, and mitigating risks associated with the business, including:
- Operational risks
- Market risks
- Cybersecurity risks
For crypto businesses, this extends to conducting due diligence on any digital asset exchanges used and implementing strong information security controls.
Managing conflicts of interest is another critical obligation, particularly for vertically integrated businesses that may issue a token, operate a trading platform, and provide custody. Under section 912A(1)(aa) of the Corporations Act 2001 (Cth), licensees must have adequate arrangements to identify and manage potential, perceived, and actual conflicts. This could involve separating business units or ensuring transparency in transactions.
Finally, the proposed licensing framework introduces new disclosure requirements. Instead of a traditional Product Disclosure Statement (PDS), operators of DAPs and TCPs will need to provide retail clients with a ‘DAP/TCP Guide’. This guide must be clear and concise, providing all the information a person would reasonably need to decide whether to use the platform, including details on risks, fees, and operational arrangements.
Integrating Your AUSTRAC AML & CTF Program
Alongside AFSL obligations, crypto payment providers must comply with a separate but interconnected regulatory regime managed by the Australian Transaction Reports and Analysis Centre (AUSTRAC). Any business that exchanges digital currency for fiat currency (or vice versa) is considered a Digital Currency Exchange (DCE) and must be registered with AUSTRAC. This registration is mandatory for operating legally in Australia.
Registration with AUSTRAC requires the implementation of a comprehensive Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) program. This program is a cornerstone of your compliance framework and must be tailored to the specific risks of your business.
The core components of an AML/CTF program include:
| AML/CTF Component | Requirement |
|---|---|
| Customer Due Diligence (CDD) | You must have procedures to verify the identity of your customers, often referred to as Know-Your-Customer (KYC) processes. |
| Transaction Monitoring | Your systems must be capable of monitoring transactions to identify patterns that may be unusual or suspicious. |
| Reporting Obligations | You are required to report suspicious matters, transactions involving physical currency of $10,000 or more, and all international funds transfers to AUSTRAC. |
| Record-Keeping | Detailed records of customer identification and transactions must be kept for up to seven years. |
These AML/CTF obligations must be fully integrated into your overall compliance structure, which includes crucial responsibilities like breach reporting by AFS licensees. ASIC and AUSTRAC work closely together, and ASIC expects AFSL applicants to demonstrate that a compliant AML/CTF framework is already in place.
This dual compliance ensures that your financial service is not only fair and transparent for consumers but also secure from financial crime. Upcoming reforms are set to expand AUSTRAC’s oversight from March 2026 to include services like crypto-to-crypto exchanges and the safekeeping of virtual assets.
Get Your Free Initial Consultation
Consult with one of our experienced ACL & AFSL Lawyers today.
Structuring Compliant Hybrid Payment Models: Practical Examples
Model A: A Stablecoin Payment Gateway for Merchants
A platform that enables merchants to accept stablecoin payments and receive settlement in fiat currency must navigate several regulatory layers. This model typically involves the platform converting the stablecoin to Australian dollars on behalf of the merchant. Such a structure triggers obligations under both ASIC and AUSTRAC.
The likely licensing and regulatory requirements include:
| Regulatory Requirement | Explanation for Model A |
|---|---|
| AFSL | The stablecoin is likely classified as a non-cash payment (NCP) facility or a Stored-Value Facility (SVF), requiring the operator to hold an AFSL to facilitate payments. |
| AUSTRAC Registration | Exchanging stablecoin for fiat currency on behalf of a merchant is a Digital Currency Exchange (DCE) service, requiring AUSTRAC registration and a compliant AML/CTF program. |
| Governance of Reserves | If issuing the stablecoin, the platform must ensure robust governance, including 1:1 backing with high-quality liquid assets, holding reserves in segregated trust accounts, and conducting regular independent audits. |
Model B: A P2P Crypto Wallet with Fiat On & Off Ramps
A peer-to-peer (P2P) wallet that holds both cryptocurrency and fiat balances for users presents a complex compliance structure. Such a model allows users to transfer crypto to one another and also convert their digital assets into Australian dollars for withdrawal to a bank account. This combination of custody and payment functionality means the service is regulated as a financial product.
The compliance structure for this model would likely require:
| Compliance Area | Requirement for Model B |
|---|---|
| AFSL for Custody and Payments | Holding digital tokens for clients classifies the service as a Digital Asset Platform (DAP), requiring an AFSL. A ‘pay anyone’ feature may also classify it as an NCP facility, also triggering AFSL requirements. |
| AUSTRAC Registration | The fiat on- and off-ramps constitute a DCE service, mandating registration with AUSTRAC, implementation of a full AML/CTF program, and Customer Due Diligence (CDD) processes. |
| Client Money Handling | Any Australian dollar balances held for users must be managed under client money rules, typically requiring funds to be held in segregated trust accounts separate from company operational funds. |
Model C: Cross-Border Remittance Using Tokenised Deposits
A service that uses tokenised assets for international settlement must comply with a dual regulatory framework covering both financial services and specialised anti-money laundering rules. In this model, a customer’s funds are converted into a tokenised asset, transferred across borders via blockchain, and then converted back into the local currency for the recipient.
The regulatory requirements for this model include:
| Regulatory Area | Requirement for Model C |
|---|---|
| AFSL for the Payment Service | The arrangement facilitating the cross-border transfer of value is likely considered an NCP facility or another financial product, requiring the operator to hold an AFSL. |
| Dual AUSTRAC Registration | This model requires registration as both a remittance service provider (for transferring value overseas) and a DCE provider (for converting fiat to a tokenised asset and back). |
| Complex AML/CTF Obligations | The service is subject to heightened AML/CTF scrutiny, including compliance with the “Travel Rule,” which requires collecting, verifying, and sharing originator and beneficiary information for transfers. |
Speak with an ACL & AFSL Lawyer Today
Request a Consultation to Get Started.
Conclusion
Australia’s regulatory landscape for crypto and blockchain payment services is solidifying, bringing many platforms under the AFSL and AUSTRAC regimes. Understanding when a service becomes a financial product, navigating the new licensing frameworks for digital asset platforms, and integrating core compliance obligations is essential for structuring a compliant payment model.
To navigate this evolving financial system, contact our expert AFSL application lawyers at AFSL House today for tailored solutions and expert guidance. Our specialised services are designed to turn these complex regulatory challenges into strategic opportunities, securing your platform’s future in Australia’s modernising payment ecosystem.
