Introduction
The era of unregulated crypto exchanges in Australia is ending, as the proposed Corporations Amendment (Digital Assets Framework) Bill 2025 (Cth) is set to bring digital asset platforms under the established Australian Financial Services Licence (AFSL) regime. This reform formally integrates these operators into the existing financial services framework, requiring them to obtain a licence from the Australian Securities and Investments Commission (ASIC) for legal operation.
For founders of currently operating crypto exchanges, the legislation introduces a critical 18-month transition period to move from the current Australian Transaction Reports and Analysis Centre (AUSTRAC)–only model to full AFSL compliance. This window represents a survival runway, not a time to delay, making a strategic approach essential to avoid a forced shutdown and ensure the platform’s future in Australia’s regulated digital assets framework.
Transition Eligibility & Existing Operator Criteria
Who Qualifies as an Existing Operator
The transitional relief is strictly reserved for digital asset exchanges that were operational before the commencement date of the Corporations Amendment (Digital Assets Framework) Bill 2025 (Cth). This “grandfathering” mechanism aims to prevent market disruption for active businesses, while new entrants must be fully licensed from day one.
To be considered an “existing operator,” a platform must demonstrate a genuine history of providing services to Australian clients. Qualification is not simply about having a corporate structure in place. An exchange must prove it was actively engaged in business, which includes:
| Qualification Criteria | Description / Example |
|---|---|
| Live Trading & Custody | The platform must have been actively facilitating trades and holding client crypto assets. |
| Customer Base & Transaction Histories | Must show evidence of real customers and actual transaction records (not just a registered entity). |
| Regulated Business Model | Must operate as a Digital Asset Platform (DAP) or Tokenised Custody Platform (TCP) under new categories. |
Simply holding a registration with AUSTRAC without evidence of active trading volumes or customer accounts is insufficient. Any platform that was dormant or launches after the Bill’s commencement date will not qualify for the transition period and must obtain a full AFSL before beginning operations.
Importance of Pre-Commencement Operations
Documenting historical operations is critical for proving eligibility for the transition period. This evidence serves as your “ticket” to enter the transitional pathway, confirming that your platform was a continuously operating business before the new licensing regime took effect. Without this proof, a regulator like ASIC could classify your exchange as a new entrant, disqualifying you from the grace period.
To substantiate your status as an existing operator, you should be prepared to present a comprehensive record of your activities. Essential evidence includes:
| Evidence Type | Purpose / What It Demonstrates |
|---|---|
| AUSTRAC DCE Registration & Reporting | Shows ongoing regulatory engagement and operational status before new regime. |
| Customer Trading Logs | Confirms active trading, deposits, and withdrawals by real users. |
| KYC Records & Client Agreements | Proves clients were onboarded and agreements were in place before the new law. |
| On-Chain Transaction Patterns | Demonstrates actual use of platform wallets for client transactions. |
| Archived Marketing & Website Records | Provides proof that services were publicly available and operational before the transition date. |
Get Your Free Initial Consultation
Consult with one of our experienced ACL & AFSL Lawyers today.
Registration Phase & Grace Period Activation
Immediate ASIC Registration Requirements
The 18-month transition period is not automatically granted to existing digital asset platforms. To legally activate this grace period, operators must take a crucial first step: formally registering their intent to comply with ASIC. This must be done within the first six months after the new licensing regime commences.
This initial registration, often referred to as a “Notice of Intent” or a transitional application, serves as a declaration to ASIC that your platform is an existing operator and plans to seek a full AFSL application process. The process typically involves lodging key information through the ASIC Regulatory Portal, which may include:
| Required Information | Description / Example |
|---|---|
| Corporate Entity Details & Structure | Legal name, registration number, and ownership structure of the platform. |
| Key Persons (Directors & Responsible Managers) | Names, roles, and relevant experience of individuals responsible for compliance and management. |
| Overview of Services & Products | Summary of the financial services and digital asset products currently offered. |
| Evidence of Pre-Commencement Operations | Documentation proving the platform was active before the new law (see evidence types above). |
This registration is the trigger that defers the full weight of the new obligations. It provides the necessary time to prepare a comprehensive AFSL application.
Consequences of Missing the 6-Month Deadline
Failing to lodge the required notification or AFSL application with ASIC within the six-month statutory window has severe consequences. Missing this deadline results in immediate disqualification from the transitional arrangements, meaning the platform forfeits its access to the 18-month grace period.
Once disqualified, the digital asset platform is no longer protected by the transitional relief. It would be considered an unlicensed operator under the Corporations Act 2001 (Cth) and immediately subject to the new regulatory framework.
This exposes the business and its directors to significant legal risks, including:
- Potential enforcement action from ASIC
- Substantial financial penalties
- The possibility of being ordered to cease operations
Speak with an ACL & AFSL Lawyer Today
Request a Consultation to Get Started.
Step-by-Step AFSL Compliance Timeline
Months 1–6: Gap Analysis & Audits
The initial six months of the transition period are dedicated to a forensic gap analysis, which involves a deep audit of your current operations against the AFSL requirements. This phase is critical for identifying foundational compliance weaknesses that must be addressed before an application is submitted to ASIC.
A key workstream is conducting a comprehensive audit of your custody arrangements. This involves:
- Reconciling on-chain holdings with your internal ledgers.
- Assessing your current setup against ASIC’s expectations for asset segregation and client money.
You must also perform a technical gap analysis of your data and systems to determine if your core database can support client-by-client reconciliations and a clear separation of client and firm assets.
Another crucial component is the governance and “Clean Skin” review. This involves:
| Workstream / Task | Objective / Key Considerations |
|---|---|
| Technical Gap Analysis | Determine if databases and systems can support required reconciliations and reporting. |
| Director & Shareholder Background Checks | Identify any individuals who may fail ASIC’s “fit and proper person” test due to past conduct. |
| Regulatory Breach Review | Uncover any history of bans, enforceable undertakings, or significant contraventions among key persons. |
| Board Renewal Discussions | Plan for replacing directors who may jeopardise the AFSL application due to governance concerns. |
By the end of this phase, your exchange should have a written gap analysis report with a clear remediation roadmap and a final decision on any necessary board changes.
Months 7–12: Drafting Proofs & Documentation
This second phase focuses on building the evidence and documentation required for your AFSL application. The objective is to turn the remediation plans from the gap analysis into a comprehensive dossier of “proof documents” that demonstrate your platform’s ability to meet all AFSL general obligations. These documents show ASIC that you can provide services efficiently, honestly, and fairly.
The core proof documents for a crypto exchange typically include:
| Proof Document Type | Key Contents / Purpose |
|---|---|
| Business Plan & Financials | Service descriptions, target market, operational model, audited financials, and projections. |
| Compliance & Risk Management | Custom compliance manual, obligations register, risk frameworks for custody, operations, market, and cyber risk. |
| Custody & Client Money Policies | Wallet architecture, key management, reconciliation procedures, and legal terms for client asset protection. |
| Organisational Competence | Responsible Managers’ qualifications, relevant experience, and role definitions. |
During this period, you must also execute critical technical projects, particularly the data migration from a legacy database to a compliant “Client Money” structure. This involves re-architecting your wallet infrastructure to ensure client assets are legally and technically segregated from the firm’s own funds.
Months 12–18: Lodgement & Assessment
The final six months of the transition period are for lodging your AFSL application and managing the subsequent engagement with ASIC. It is strategically important not to wait until the last minute to file your application. Lodging in months 13 to 15 provides a buffer to respond to any queries from ASIC without risking the expiration of the 18-month window.
Once the application is lodged, you must be prepared to respond quickly and thoroughly to ASIC’s Requests for Information (RFIs), also known as requisitions. These questions often focus on:
- Custody arrangements.
- The fitness of Responsible Managers.
- The robustness of your compliance frameworks.
In parallel with the assessment process, you must develop a contingency plan or “Plan B.” This plan is essential in the event your AFSL application is rejected late in the transition period. It should be a detailed wind-down playbook that outlines how you would manage a forced cessation of services, including:
- The rapid offboarding of all customers.
- The safe return of their assets within a short timeframe, such as 30 days.
Get Your Free Initial Consultation
Consult with one of our experienced ACL & AFSL Lawyers today.
Clean Skin Trap & Governance Risks for Founders
Director Fitness & Proper Person Requirements
The 18-month transition period is not an amnesty for past misconduct. ASIC will heavily scrutinise the history of all directors, major shareholders, and responsible managers as part of the AFSL application process. This evaluation, known as the “fit and proper person” test, is a common reason for application rejection in the digital assets sector.
ASIC’s assessment is retrospective and considers a director’s entire history, not just their conduct after the new regime begins. A history of regulatory issues can “poison” an application, leading to its refusal, and situations where your AFSL application was rejected.Conduct that may cause a director to fail this test includes:
| Governance Risk / Issue | Remediation Strategy / Documentation Required |
|---|---|
| Past Bans or Regulatory Breaches | Replace directors with clean records; document board renewal and background checks. |
| Non-Compliance or Overdue Reports | Strengthen compliance frameworks; implement regular compliance reporting. |
| Misleading Marketing or Controversial Ventures | Appoint independent directors with strong reputations; review and update marketing practices. |
| Personal Insolvency or Dishonesty Convictions | Segregate duties and roles; provide evidence of robust governance and risk oversight. |
Given the high-profile international failures of crypto exchanges, ASIC is expected to be particularly sensitive to the governance quality of digital asset platforms. An assumption that the transition period will cure past misconduct is a significant risk for any crypto exchange.
Board Renewal & Governance Remediation Strategies
For many existing crypto exchanges, the most critical survival strategy may be to reconstitute the board of directors before lodging an AFSL application. This process should begin with formal background checks on every key individual to identify any disclosable issues that could jeopardise the application, particularly in relation to the fit and proper test for an AFSL.
If governance issues are flagged, founders must make a difficult but necessary decision. In some cases, the only viable path to securing a licence will be to replace founders or legacy directors with independent, experienced professionals who have a clean regulatory history in financial services. This is a politically challenging move, but may be the difference between becoming a licensed exchange and facing a forced exit from the market.
This board renewal should be completed early in the transition period, not as a last-minute change. It is also essential to document the governance uplift by creating:
| Governance Risk / Issue | Remediation Strategy / Documentation Required |
|---|---|
| Lack of Board Structure | Establish board charters and committees for risk, audit, and remuneration. |
| Poor Segregation of Duties | Clearly define roles for founders, responsible managers, and independent directors. |
| Inadequate Board Reporting | Implement regular board packs covering compliance, risk, and incident management. |
Speak with an ACL & AFSL Lawyer Today
Request a Consultation to Get Started.
Data Migration & Technical Challenges for Client Money
Migrating Legacy Data to a Compliant Structure
For many existing digital asset platforms, the most significant technical hurdle in transitioning to an AFSL is data migration. Current databases often treat customer balances as simple entries, similar to rows in a standard table, with limited reconciliation to on-chain assets or bank accounts.
These legacy systems typically lack the immutable audit trails required to prove asset ownership at a specific point in the past. Under the AFSL regime, however, a compliant “Client Money” structure is mandatory. This requires a system capable of performing daily reconciliations that map individual client entitlements to balances in segregated trust accounts. There must be a clear and provable connection from on-chain addresses and bank accounts to the platform’s internal ledger and, ultimately, to each individual customer.
The migration process is a major technical project that should be carefully planned and executed. A common strategy involves:
- Deciding on the end-state architecture: Platforms can either refactor their existing system or build a new, compliant core platform and migrate users. The latter is often less risky, as it separates the new environment from legacy technical debt.
- Conducting a historical reconciliation: Before migration, an audit must be performed to identify any deficit between the user liabilities recorded in the database and the actual digital assets held in wallets. Any shortfall must be covered by corporate capital before the AFSL application is lodged.
- Executing the migration in phases: To minimise disruption, the process can be staged. This might involve running a “shadow ledger” in parallel to identify and fix data issues before a controlled cutover during a low-volume period.
Implementing Segregated Accounts & Trust Structures
A fundamental requirement of the AFSL regime is the legal and technical separation of client assets from the digital asset platform’s own corporate funds. This marks a shift away from the common practice of using commingled omnibus wallets, where firm and client assets are held together. The new structure is designed to protect client funds in the event of the platform’s insolvency.
Implementing this segregation involves significant changes to both legal and operational frameworks. Legally, client assets must be held in trust, which requires establishing formal trust deeds or bailee arrangements that are clearly documented in the platform’s terms of service. This ensures that client entitlements are not treated as general liabilities of the exchange.
Technically, this means moving custodial holdings into segregated accounts, which may require an AFSL provider for custodial or depository services. This can be achieved through several methods, including:
| Segregation Method / Requirement | Legal / Technical Purpose |
|---|---|
| Unique On-Chain Wallets per Client | Ensures legal and operational separation of client assets from platform assets. |
| Robust Internal Sub-Ledgers | Provides verifiable 1:1 mapping between client liabilities and held assets. |
| Automated Reconciliation & Proof-of-Reserves | Demonstrates ongoing solvency and compliance with AFSL requirements. |
If an exchange uses third-party custodians, it must ensure that the legal agreements with these providers meet Australian sub-custodian standards. Simply using a custodian’s API is not sufficient; the arrangement must comply with ASIC’s outsourcing and asset-holding requirements.
Get Your Free Initial Consultation
Consult with one of our experienced ACL & AFSL Lawyers today.
Risk of Rejection & Contingency Planning for Exchanges
Understanding the Forced Wind-Down Process
The transitional grace period for obtaining an AFSL does not guarantee ultimate approval. If your application is refused by ASIC, withdrawn under regulatory pressure, or approved with conditions your platform cannot meet, your legal basis for operating in Australia is immediately lost—similar to situations when and why ASIC can cancel your AFS licence.
Upon rejection, your platform’s transitional permission to provide financial services ceases. Continuing to trade or hold customer assets would be considered unlicensed activity under the Corporations Act 2001 (Cth), exposing your business and its directors to significant civil and criminal penalties.
ASIC will expect a controlled and orderly wind-down, requiring you to:
- Cease all regulated services
- Return client assets within a very short timeframe, often as little as 30 days
Plan B for Rapid Customer Offboarding
Assuming your AFSL application could be rejected late in the transition window is a necessary part of strategic planning. A documented “Plan B” is not optional and should be developed to manage a scenario where you must offboard tens of thousands of customers within a month.
A comprehensive wind-down playbook should be prepared in advance and include several key components:
| Wind-Down Component | Key Actions / Considerations |
|---|---|
| Customer Communication Plan | Prepare templates and FAQs for all channels (email, app, social); clarify withdrawal deadlines and asset safety. |
| Operational Offboarding Mechanics | Suspend deposits, prioritise withdrawals, minimise extra KYC checks for swift fund release. |
| Liquidity & Asset Management | Maintain reserves for withdrawals and operational expenses; pre-arrange custodial partnerships. |
| Data & Record Retention | Ensure all transaction logs and records are securely stored for compliance and audit. |
Speak with an ACL & AFSL Lawyer Today
Request a Consultation to Get Started.
Conclusion
The introduction of the AFSL regime for digital asset platforms marks a fundamental shift for the Australian crypto industry, offering a finite 18-month transition for existing operators to achieve AFSL compliance or face shutdown. Successfully navigating this period requires immediate ASIC registration, proactive governance remediation, complex data migration to compliant client money structures, and robust contingency planning for the risk of rejection.
Navigating these new requirements demands specialised expertise to ensure your crypto exchange meets ASIC’s stringent standards from day one. To leverage our trusted expertise and turn these regulatory challenges into strategic opportunities, contact AFSL House’s AFSL application lawyers for a consultation today and secure your platform’s future in Australia’s regulated digital asset landscape.
