April 2026 closed a chapter that Australian crypto policy had left open for the better part of a decade. Royal Assent was granted to the Corporations Amendment (Digital Assets Framework) Act 2026 (the DAF Act) on 8 April, and the Australian Securities and Investments Commission (ASIC) released its implementation roadmap less than two weeks later. Read together with the parallel Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) reforms that took effect from 31 March, the three developments mark the point at which Australia stopped extending old financial-services definitions to crypto by analogy and brought platforms inside the statute itself, with custody, conduct, and licensing obligations now anchored in the Corporations Act.
A Decade of Regulatory Drift
For close to a decade, Australian digital assets sat at an awkward regulatory crossroads. They were subject only to AML obligations through Australian Transaction Reports and Analysis Centre’s (AUSTRAC) narrow Digital Currency Exchange (DCE) registration, in place since 2018, and to capital gains and income-tax treatment through the Australian Taxation Office (ATO), with no clear classification of crypto intermediaries or of digital products under the Corporations Act 2001. Whether a platform holding client tokens, a tokenisation service, or a custody provider qualified as a “financial product” was being decided case by case, with regulatory gaps plugged ad hoc through informal guidances, principally ASIC’s Information Sheet 225 (INFO 225) and a class no-action position. That approach left operators without legal certainty and consumers without statutory recourse when platforms collapsed, a vulnerability that Treasury’s 2025 reform roadmap and the FTX-era memory had already flagged.
Building on the Existing Rails
The DAF Act, passed Parliament on 1 April, received Royal Assent a week later, and commences on 9 April 2027 after an 18-month implementation runway. Rather than legislate a standalone statute or stand up a new regulator, Australia has created two new categories within the existing Corporations Act and AFSL licensing architecture – Digital Asset Platforms (DAPs) for exchanges, brokers, and custodians holding client tokens, and Tokenised Custody Platforms (TCPs) for operators issuing redeemable tokens against underlying real-world assets – with proportionality carve-outs for low-risk platforms (under A$5,000 per customer and A$10 million annually), open-source infrastructure, and non-custodial providers. On a parallel track, AUSTRAC’s expanded Virtual Asset Service Provider regime aligns terminology with FATF, with the Travel Rule taking effect later this year.
Analysis
For most of the past decade, Australia’s crypto supervisory architecture rested on a single rail: AML/CTF registration with AUSTRAC and capital-gains treatment by the ATO. That structure had a clear limitation. AUSTRAC could check on money-laundering risk, but it could not authorise an exchange to hold client assets, set custody standards, or step in when a platform failed. ASIC’s role was largely interpretive, dependent on whether a particular token or arrangement happened to fall within the Corporations Act‘s existing financial-product definitions, with INFO 225 doing the heavy lifting through 18 hypothetical worked examples that showed how those definitions might apply to tokens, stablecoins, custody arrangements, and wallets – paired with a class no-action position giving firms until 30 June 2026 to obtain the right AFSL authorisations without facing immediate enforcement. The consequence was a market where exchanges had to run token-by-token classification analyses, consumers had no statutory recourse for custody failures, and the perimeter for offshore platforms serving Australian customers was effectively undefined. FTX, Celsius, and the broader 2022 cycle of collapses turned this from a theoretical gap into a political one.
The DAF Act addresses the classification problem at its root by placing platform-level conduct inside the existing licensing rails rather than alongside them. Three design choices reward attention. By inserting DAPs and TCPs as new financial product categories within the Corporations Act, ASIC inherits its full supervisory toolkit from day one – AFSL conditions, design-and-distribution obligations, statutory compensation – without Parliament having to redraft each for digital assets. The perimeter is custody-anchored, which keeps self-hosted wallets, AMMs, and non-custodial bridges outside scope and avoids the overreach problem that has dogged DeFi-adjacent regulation elsewhere. Proportionality is built in through tiered carve-outs. The design is not friction-free, though: operators will still need token-by-token analysis to classify assets as securities, derivatives, non-cash payment facilities, or DAP-side tokens, and the INFO 225 no-action position lapses on 30 June 2026 – well before the DAF Act commences – leaving a transition window where firms comply with existing financial-services law while ASIC consults on new standards. Stablecoins sit on a separate payments-reform track, which keeps the DAF Act focused but defers a key piece of the regulatory perimeter.
How Australia is moving differs noticeably from how other major jurisdictions have moved. The EU’s MiCA is a standalone harmonised regulation that creates a new licensing category (CASPs) and grants EU-wide passporting, but its prescriptive design took years to negotiate and is now hard to amend without re-opening the legislative process. The UK has chosen a path closer to Australia’s, extending its existing financial-services regulation to cover crypto, with the FCA running parallel consultations on trading platforms, lending, staking, and DeFi through 2025-26. The US, even after the Digital Asset Market Clarity Act (CLARITY Act) cleared the Senate Banking Committee, still has to reconcile House and Senate versions, leaving the SEC-CFTC jurisdictional split unresolved. Australia sits closest to the UK’s extend-the-rails approach and furthest from MiCA’s standalone-statute model – where MiCA prioritises harmonisation across 27 member states and the US remains fragmented across regulators, Australia has picked a single supervisor with a clear mandate and institutional continuity within one jurisdiction.
For India, the choice between these models is a central question rather than an academic one. The VDA conversation is still oscillating between tax-led containment – 30% income tax, 1% TDS- and a discussion-paper-driven licensing framework that has yet to materialise. The Australian model is the most institutionally adaptable because it answers the threshold question first: which regulator, under what statute, without asking Parliament to draft a fresh code. India already has the architecture in SEBI, RBI, FIU-IND, and CBDT, and will complete its CARF integration through amendments to existing tax rules rather than a parallel statute – a sequencing instinct closer to Australia’s than to MiCA’s. What is equally worth borrowing is the iterative posture: scheduled consultations, an industry advisory group, phased standards-setting under named statutory provisions, and a willingness to treat the first 18 months as a tuning period rather than a settled outcome. The temptation to wait for the perfect framework has cost India real time, and Australia’s experience suggests that an extension-and-iterate approach can deliver workable clarity faster than a wait-and-legislate one.
Conclusion
April 2026 will likely be remembered as the month Australia stopped supervising digital assets through analogy and started supervising them through statute. The lessons travel well beyond Canberra: a custody-anchored perimeter draws the regulatory line without overreaching into open-source development, layered AML/CTF and prudential-conduct supervision builds a more resilient architecture than either track alone, and extending existing financial-services law accelerates implementation in a way that a parallel regime cannot. For India, where the regulatory conversation has stalled repeatedly and a comparable institutional architecture already exists, the Australian template offers a credible middle path between MiCA’s prescription and the US’s fragmentation – and whether the right lessons are drawn in the months ahead will shape India’s regulatory trajectory in this sector.
References
- AUSTRAC (Australian Transaction Reports and Analysis Centre) – Australia’s financial intelligence unit and AML/CTF regulator, responsible for supervising reporting entities including banks, remitters, and virtual asset service providers.
- ATO (Australian Taxation Office) – Australia’s principal revenue authority, administering income tax, capital gains tax, and GST, including the tax treatment of digital assets.
- Treasury (The Treasury, Australian Government) – Australia’s central economic policy department, responsible for designing financial-sector reform and drafting legislation such as the DAF Act.