Australia: Thorough Analysis, Slow Legislation, and the ASIC Enforcement Gap

Australia has spent several years producing some of the most thoughtful analytical work on crypto regulation in any English-speaking jurisdiction, and rather less time implementing the conclusions of that work in legislation. This is not unusual for complex financial regulation — the European Union itself took years from MiCA’s first drafts to its enforcement date — but the Australian gap between analytical sophistication and legislative action has been wide enough to create its own policy problem. In the absence of tailored legislation, the Australian Securities and Investments Commission (ASIC) has continued enforcing the Corporations Act 2001 against crypto businesses using legal theories developed for managed investment schemes and financial products that predate blockchain by decades.

The Regulatory Architecture

Australia’s financial regulatory structure involves multiple agencies with distinct mandates. ASIC regulates financial markets and services — corporations, financial advisers, and investment products. The Australian Prudential Regulation Authority (APRA) supervises deposit-taking institutions, insurers, and superannuation funds. AUSTRAC, the Australian Transaction Reports and Analysis Centre, is the financial intelligence agency and AML/CTF regulator. The Reserve Bank of Australia (RBA) oversees payment systems and monetary policy.

For crypto, ASIC has been the primary point of regulatory engagement, because many crypto activities touch on financial product and service definitions in the Corporations Act. AUSTRAC has exercised jurisdiction over digital currency exchanges for AML/CTF registration purposes since 2018 — this was relatively early for a major jurisdiction and gave Australia more regulatory visibility into crypto exchange operations than comparable countries. But AUSTRAC registration is an AML measure, not a comprehensive licensing regime. It tells regulators who is operating; it does not comprehensively govern how.

The Token Mapping Exercise

In February 2023, the Australian Treasury released its token mapping consultation paper — a document that attempted to classify crypto assets according to their legal and economic characteristics and determine which existing regulatory frameworks applied to each type. The exercise was genuinely sophisticated. It distinguished between:

Crypto assets as financial products: Tokens that represented interests in managed investment schemes, or that functioned as financial products under existing definitions, were already regulated by existing law. The question was not whether to regulate them but whether ASIC was applying the law correctly.

Crypto assets as non-financial products: Tokens that were purely utility in nature — providing access to a network or service — fell outside existing financial product definitions. These required new legislative categories if they were to be regulated.

Network tokens: Assets like Bitcoin and Ether, which function as native assets of decentralised networks, posed the most challenging classification questions. Neither clearly financial products nor purely utility tokens, they occupied regulatory space that existing law did not address cleanly.

The token mapping concluded that a fit-for-purpose licensing regime for digital asset platforms — operating alongside rather than replacing existing financial services licensing — was needed. Treasury proposed a “digital asset facility” licence category that would cover the operation of platforms trading crypto assets, with requirements tailored to the specific risks of the sector.

ASIC’s Enforcement of Existing Law

While the legislative process for new licensing categories has proceeded slowly, ASIC has continued enforcing existing law against crypto businesses. The central legal theory is that certain crypto products — particularly structured token offerings and yield-bearing products — constitute interests in managed investment schemes under the Corporations Act. A managed investment scheme that is offered to more than 20 investors or is advertised to retail investors must be registered with ASIC, governed by a licensed responsible entity, and administered according to a compliant constitution and product disclosure statement.

ASIC has issued multiple infringement notices, brought court proceedings, and issued stop orders against crypto offerings it has characterised as unregistered managed investment schemes. Several of these cases have resulted in the withdrawal of products from Australian retail investors. The legal framework has proven more adaptable than critics suggested — the Corporations Act’s broad definitions have accommodated crypto — but its application creates uncertainty for operators who cannot get clear guidance on whether their product is a managed investment scheme until ASIC decides to act.

The Proposed Licensing Framework and Political Delays

The proposed digital asset facility licence has been through multiple consultation rounds without reaching legislative enactment. The Albanese Labor government, which came to power in May 2022, approached crypto regulation cautiously. The FTX collapse in November 2022 — coming months into the new government’s term — reinforced caution. FTX Australia, the local subsidiary, held an Australian Financial Services Licence, meaning its collapse involved an Australian-licensed entity and Australian retail customers losing funds. The political lesson drawn was that licensing did not prevent failure, and that the case for a tailored regime needed to overcome the scepticism generated by that experience.

The Treasury and ASIC have remained committed to the licensing reform in principle, but the legislative timeline has repeatedly extended. Industry estimates of when comprehensive legislation might be enacted have been revised outward multiple times. As of early 2026, the digital asset licensing framework remains in development, with no enacted legislation.

The FTX Australia Case Study

FTX Australia’s collapse is the most significant Australian crypto regulatory event of the past decade. FTX’s Australian subsidiary had an Australian Financial Services Licence, which it had obtained through the acquisition of an existing AFSL-holding entity. The AFSL allowed FTX Australia to provide certain financial services. When the FTX group collapsed globally in November 2022, FTX Australia immediately suspended trading, and ASIC moved to cancel or restrict the AFSL.

The case demonstrated several things simultaneously. First, that an AFSL could be obtained by a crypto exchange — so the existing licensing framework was not entirely ill-suited to the sector. Second, that the AFSL requirements as applied to FTX Australia were insufficient to prevent the kinds of governance failures that occurred — customer funds were not adequately segregated, and the global parent company’s insolvency wiped out Australian customer assets. Third, that ASIC’s response — swift suspension and cancellation of the AFSL — was legally effective but did not restore customer funds.

Comparison With New Zealand

Australia and New Zealand share a legal tradition, extensive economic integration, and broadly similar financial regulatory frameworks. New Zealand’s Financial Markets Authority (FMA) has taken a different path on crypto: less formal consultation, more flexible application of existing financial markets legislation, and somewhat faster engagement with industry on specific products. New Zealand’s smaller market means the regulatory stakes are lower, but its willingness to work pragmatically with crypto businesses within existing frameworks — rather than waiting for purpose-built legislation — contrasts with Australia’s more procedurally extensive approach.

Australia’s crypto regulatory story is ultimately one of analytical capacity exceeding legislative velocity. The intellectual work has been done. The question is whether the political conditions for comprehensive legislation arrive before the regulatory uncertainty causes more market damage — and before competitor jurisdictions attract the Australian crypto industry that cannot wait indefinitely for rules that remain forthcoming.