Cryptoassets are not expressly defined under Australian law and there is no consensus on the meaning of key concepts. For example, the terms “cryptoassets”, “digital currency” and “cryptocurrency” are often used interchangeably. Cryptoassets are not considered fiat currency and Australian regulators do not treat cryptoassets as money.
How cryptoassets are treated from a regulatory perspective generally depends on the intended use, features and rights attached to the relevant asset. For example, cryptoassets that are “financial products” are regulated under Australia’s financial services licensing regime (see below, Questions 2, 3 and 4).
There are numerous recent and ongoing Australian Government (Government) reviews relating to regulating cryptoassets and cryptoasset-adjacent services. In February 2023, the Government released a token mapping consultation paper, which sought to identify the key activities and functions of cryptoassets and map them against existing regulatory frameworks. In December 2023, the Government closed its consultation process on proposals to bring “digital asset facilities” (i.e., multi-function digital asset platforms where the operator holds client assets) within the existing financial services regulatory regime. The consultation uses the term “digital asset” to refer to a token and its associated entitlements, with “token” referring to a record in a token-based system that can be held by a person and is hard to counterfeit. The consultation paper anticipates exposure draft legislation will be released later in 2024 followed by a 12 month transition period.
2. What are the major laws/regulations specifically related to cryptoassets?
Key regulatory bodies
No regulator has been tasked with supervising and regulating cryptoassets. Rather, Australian regulators and agencies are each mandated with administration of laws applicable to a particular industry or legal area, which may capture cryptoassets.
The Australian Securities and Investments Commission (ASIC) is Australia’s corporate, markets, financial services and consumer credit regulator. ASIC is responsible for overseeing licensing, supervision and enforcement of Australian companies, financial markets, financial services organisations (including banks, credit providers, insurers, superannuation providers, funds) and businesses dealing with or advising on investments, superannuation, insurance, deposit- taking and credit.
The Australian Transaction Reports and Analysis Centre (AUSTRAC) is Australia’s financial intelligence agency, responsible for preventing, detecting and responding to criminal abuse of Australia’s financial system. This includes oversight with respect to reporting entities that provide designated services (including DCE providers (see below, Specific crypto related laws), remittance providers, certain financial product issuers and distributors and stored value facility operators) and overseeing reporting and other measures to combat money laundering and terrorism financing.
The Australian Prudential Regulation Authority (APRA) is Australia’s prudential regulator, and administers the banking, superannuation and insurance prudential regimes. APRA is responsible for licensing, supervision and enforcement of authorised deposit-taking institutions (i.e., banks) (ADI) and other purchased payment facility operators, and the creation and administration of prudential standards in relation financial soundness, risk management and governance within such institutions.
The Reserve Bank of Australia (RBA) is Australia’s central bank and payment systems authority, responsible for supervising Australia’s core banking and payment systems. This includes conducting monetary policy, maintaining financial stability, issuing banknotes, supervising payment schemes, as well as clearing and settling transactions between authorised deposit-taking institutions and purchased payment facility operators authorised and supervised by APRA.
Specific crypto related laws
Cryptoasset activity in Australia is subject to anti-money laundering and counter- terrorism financing (AML/CTF) regulation. Entities that exchange fiat currency for digital currency (and vice versa), known as digital currency exchange (DCE) providers, have obligations under the Anti-Money Laundering and Counter- Terrorism Financing Act 2006 (Cth) (AML/CTF Act) and must enrol as a reporting entity and register with AUSTRAC (see below, Question 6).
Crypto related reform
There are many government consultations relevant to cryptoassets and related services.
In 2022, the Treasury consulted on a proposed regulatory framework for cryptoasset secondary service providers. The proposals broadly reflected the regime for financial services providers, with scope for tailored application to address the nuances of cryptoasset services. The consultation coincided with a change of government and the proposals were suspended in favour of a token mapping consultation (see above, Question 1).
On 29 March 2023, opposition Senator Andrew Bragg introduced a private member’s bill, Digital Assets (Market Regulation) Bill 2023 (Digital Assets Bill), which proposed regulating digital assets, including by introducing licensing requirements for digital asset exchanges, digital asset custody service providers and stablecoin issuers. Following its consideration by the Senate Economics Legislation Committee, the Digital Assets Bill was rejected in September 2023 on the basis that it lacked sufficient detail and certainty.
On 16 October 2023, the Government released a consultation paper setting out proposals to regulate digital asset intermediaries using the existing financial services licensing framework, a departure from the 2022 consultation. Under the proposals, entities operating and providing financial services in relation to “digital asset facilities” will be required to hold an Australian financial services licence (AFSL), where digital asset facilities are multi-function platforms that hold client assets and allow clients to transact in platform entitlements. The proposals also apply minimum standards for facility contracts and entities that provide “financialised functions” for non-financial product tokens, including token trading, staking, asset tokenisation and funding tokenisation. Should this licensing regime be implemented, it is expected that additional enhanced conduct obligations and consumer protections will also be imposed in respect of digital asset facilities. The consultation process was open until 1 December 2023 and the Government anticipates draft legislation being released in early 2024, with a 12-month transition period to follow. As at the time of writing, there has been no further progress since the consultation process closed.
The Attorney General released proposed reforms to the AML/CTF Act on 20 April 2023 to extend the AML/CTF Act to “tranche-two entities” for the first time, resulting in lawyers, accountants, and other service providers being required to comply with the AML/CTF Act. The proposals also suggest expanding the regulation of digital currency exchanges to include:
exchanges between one or more other forms of digital currency;
transfers of digital currency on behalf of a customer;
safekeeping or administration of digital currency; and
provision of financial services related to an issuer’s offer and/or sale of a digital currency (e.g., initial coin offerings where cryptoassets are sold to investors to raise money for projects).
In addition, the reform package proposes expanding the travel rule to remittance service providers and digital currency exchange providers, in line with international standards. Consultation on the reforms closed on 16 June 2023, and a second consultation paper is expected. As at the time of writing, there has been no further progress on this consultation.
3. How are different types of cryptoassets regulated?
No cryptoassets have been expressly outlawed in Australia.
ASIC has affirmed its view that legislative obligations and regulatory requirements are technology-neutral and apply irrespective of the mode of technology used to provide a regulated service. While legislation to deal with cryptoassets as a discrete area of law is currently under consultation, cryptoassets may be captured within existing regimes under Australian law.
To date, legislative amendments to accommodate the use of cryptoassets have predominantly focused on the transactional relationships (e.g., issuing and exchanging) and activities involving cryptoassets, rather than cryptoassets themselves. The Government has undertaken (and continues to undertake) multiple consultations to clarify the nature of cryptoassets and how the associated risks translate to a regulatory framework for crypto service providers (see above, Question 2).
Financial services regulation
Entities carrying on a financial services business in Australia must hold an AFSL or be exempt from the licensing requirement. Persons providing financial services in relation to cryptoassets that are financial products will trigger the AFSL requirement and associated compliance and disclosure requirements. The definitions of “financial product” and “financial service” under the Corporations Act 2001 (Cth) (Corporations Act) are broad and ASIC has indicated in its information sheet “INFO 225 Crypto-assets” that cryptoassets with similar features to existing financial products will trigger the relevant regulatory obligations.
The legal status of cryptoassets turns on structure and associated rights (which ASIC interprets broadly). Cryptoassets may constitute interests in managed investment schemes, securities, derivatives, or fall into a category of more generally defined financial products, all of which are subject to AFSL requirements. INFO 225 provides high level regulatory signposts for cryptoasset participants to determine whether they have legal and regulatory obligations. These signposts are relevant to cryptoasset issuers, cryptoasset intermediaries, miners and transaction processors, cryptoasset exchanges and trading platforms, cryptoasset payment and merchant service providers, wallet providers and custody service providers, and consumers.
Entities dealing in financial product cryptoassets need to comply with the regulatory requirements under the Corporations Act, which generally include product governance, disclosure, registration, licensing and conduct obligations. An entity that facilitates payments by cryptoassets may also be required to hold an AFSL and the operator of a cryptoasset exchange may be required to hold an Australian market licence if the supported assets are financial products.
Cross-border issues
Carrying on a financial services business in Australia requires a foreign financial services provider (FFSP) to hold an AFSL, unless an exemption applies. The Corporations Act may apply to cryptoasset sales regardless of whether they are created and offered from Australia or overseas. Australia’s treatment of regulated offshore entities is currently in a state of flux. Historically, FFSPs regulated in comparable jurisdictions had the benefit of limited licensing relief for financial services provided to wholesale clients. In 2020, this relief was repealed and replaced with a foreign AFSL regime. In 2021, the Government proposed reverting back to the comparable jurisdiction regime (with some amendments). This proposal was put to the Australian parliament in early 2022; however, the proposed legislation lapsed with the change of government. On 7 August 2023, the Treasury consulted on licensing exemptions for FFSPs, which, if passed, will take effect on 1 April 2024. On 30 November 2023, a new bill was introduced to the Australian parliament setting out these FFSP licensing exemptions, but with some changes, including a delay in the commencement date to 1 April 2025 and some amendments to applicability and reporting requirements. The Government referred an amended version of the proposed legislation to the Senate Standing Committee for the Scrutiny of Bills, which is scheduled to release a report on the proposed legislation on 19 April 2024. The licensing exemptions are broadly based on the 2022 legislation and include a professional investor exemption, comparable regulator exemption, market maker exemption and fit and proper person test exemption (the latter being a simplification of the AFSL application process for certain FFSPs). While consultation is ongoing, ASIC has extended transitional relief for FFSPs relying on sufficient equivalence and limited connection relief. Transitional relief expires on 31 March 2025 (previously 31 March 2024). During this period, ASIC will consider new applications for individual temporary licensing relief and new AFSL and foreign AFSL applications from entities that cannot rely on the transitional relief.
Foreign companies taken to be carrying on a business in Australia, including by dealing in cryptoassets, may be required to either establish a local presence (i.e., register with ASIC and create a branch) or incorporate a subsidiary. The greater the level of system, repetition or continuity associated with an entity’s business activities in Australia, the greater the likelihood that registration will be required. Generally, a company holding an AFSL will be carrying on a business in Australia and will trigger the requirement.
Design and distribution obligations and product intervention powers
Since October 2021, issuers and distributors of financial products must comply with design and distribution obligations (DDO), which may impact the way cryptoassets are structured and sales are conducted. Issuers and distributors must implement effective product governance arrangements, which include (among other things) creating and distributing target market determinations in relation to retail clients acquiring the relevant financial products. The DDO aims to ensure that financial products are targeted at the correct category of potential customers, and disclosures regarding the adequacy and suitability of the product for the target market are required to be accurate and timely.
ASIC also has product intervention powers where there is a risk of significant consumer detriment, enabling ASIC to address market-wide problems or specific business models. The power covers products under the Corporations Act, Australian Securities and Investments Commission Act 2001 (Cth) ( ASIC Act ) and the National Credit Consumer Protection Act 2009 NCCP Act ).
Consumer credit regulation
There has been a proliferation of cryptocurrency lending activities in recent years. Where such activities are caught under the NCCP Act, entities may need to hold an Australian credit licence or be otherwise exempt. Credit providers should also be aware of the conduct and disclosure obligations relating to consumer credit, including responsible lending, breach reporting and disclosure.
Prudential regulation
Generally, an entity carrying on a banking business (e.g., taking money on deposit and making advances of money) in Australia is required to be authorised by APRA as an ADI and comply with associated obligations and prudential standards.
Entities that are holders of stored value in connection with a purchased payment facility (PPF) are required to become ADIs authorised by APRA. A PPF is a facility (other than cash) where the customer is able to make payments up to the amount available under the facility and those payments are made by the provider of the facility (or another person acting in accordance with instructions). This may be relevant for providers that offer cryptoasset wallets as a means of payment and storing value for customers.
Consumer law
Regardless of whether a cryptoasset sale is regulated under the Corporations Act, it may be subject to other regulation and laws, including the Australian Consumer Law set out at Schedule 2 to the Competition and Consumer Act 2010 (Cth) (ACL), which deals with the provision of services or products to Australian consumers. The ACL prohibits misleading or deceptive conduct in a range of circumstances, including in marketing and advertising. Care must be taken in cryptoasset sale promotional material to ensure that it does not contain false information and that buyers are not misled or deceived. Promoters and sellers are prohibited from engaging in unconscionable conduct and must ensure that the issued cryptoassets are fit for their intended purpose. ACL protections are generally reflected in the ASIC Act, providing substantially similar protection to investors in financial products or services.
ASIC has delegated powers from the Australian Competition and Consumer Commission enabling it to take action against misleading or deceptive conduct in marketing or issuing cryptoasset sales (regardless of whether it involves a financial product). ASIC has indicated that misleading or deceptive conduct in relation to cryptoasset sales may include:
using social media to create the appearance of greater levels of public interest;
creating the appearance of greater levels of buying and selling activity for a cryptoasset by engaging in (or arranging for others to engage in) certain trading strategies;
failing to disclose appropriate information about the sale; or
suggesting that the sale is a regulated product or endorsed by a regulator when it is not.
ASIC has stated that it will use this power to undertake inquiries into cryptoasset issuers and their advisers to identify potentially unlicensed and misleading conduct. A range of consequences may apply for failing to comply with the ACL or the ASIC Act, including monetary penalties, injunctions, compensatory damages and costs orders.
Taxation
The taxation of cryptoassets in Australia has been an area of much debate, despite recent attempts by the Australian Taxation Office (ATO) to clarify the operation of the tax law. The Treasury Laws Amendment (2022 Measures No. 4) Bill 2022 received royal assent on 23 June 2023 clarifying that for income tax purposes, cryptocurrency is an asset that is held or traded and not money or a foreign currency (except for government-issued digital currencies). The tax implications for holders of cryptocurrency depend on the purpose for which the cryptocurrency is acquired or held. The summary below applies to holders who are Australian residents for tax purposes.
Staking cryptocurrency. An entity may hold units of cryptocurrency (i.e., tokens) to validate and verify transactions on a blockchain. The “validator” may be rewarded with additional tokens for its role in this process. Token holders who participate in proxy staking or who vote their tokens in “proof of stake” or other consensus mechanisms may also be rewarded with additional tokens. The value of such tokens should be treated as ordinary income of the recipient at the time they are derived.
Issuers of cryptocurrencies. In the context of an initial coin offering, a coin issuance by an entity that is either an Australian tax resident or acting through an Australian “permanent establishment”, may be assessable in Australia. The current corporate tax rate in Australia is either 25% or 30%, depending on the issuer’s turnover and the extent to which its assessable income consists of specified types of passive income.
Australian goods and services tax (GST). Supplies and acquisitions of digital currency made from 1 July 2017 are not subject to GST on the basis that they will be input-taxed financial supplies. Consequently, suppliers of digital currency will not be required to charge GST on these supplies, and a purchaser would prima facie not be entitled to GST refunds (i.e., input tax credits) for these corresponding acquisitions. On the basis that digital currency is a method of payment, as an alternative to money, the normal GST rules apply to the payment or receipt of digital currency for goods and services. The term “digital currency” in the GST legislation requires that it is a digital unit of value that has all the following characteristics:
it is fungible and can be provided as payment for any type of purchase;
it is generally available to the public free of any substantial restrictions;
it is either:not denominated in any country’s currency; ordenominated in a currency that is not issued by, or under the authority of, any government agency;
not denominated in any country’s currency; or
denominated in a currency that is not issued by, or under the authority of, any government agency;
the value is not derived from or dependent on anything else; and
it does not give an entitlement or privileges to receive something else.
not denominated in any country’s currency; or
denominated in a currency that is not issued by, or under the authority of, any government agency;
In relation to a holder carrying on an enterprise of cryptocurrency mining, whether or not GST is payable by the miner on its supply of new cryptocurrency depends on a number of factors, including its specific features, whether the miner is registered for GST, and whether the supply is made in the course or furtherance of the miner’s enterprise.
A miner will carry on an enterprise where it conducts an activity, or a series of activities, in the form of business or in the form of an adventure or concern in the nature of trade, but it does not include activities conducted for a private recreational pursuit, as a hobby or as an employee. The scope of carrying on an “enterprise” can be broader than carrying on a “business” (as outlined above), and some miners may unintentionally be carrying on an “enterprise” for GST purposes. A supply made in connection with a miner’s enterprise, including the enterprise’s commencement or termination, will generally be “made in the course or furtherance” of their enterprise, and may attract GST should other requirements be satisfied.
The specific features of cryptocurrency include it: being a type of security or other derivative; and being “digital currency” as defined in the GST legislation. If the cryptocurrency is a security, derivative or digital currency, its supply will not be subject to any GST because it will be an input-taxed financial supply (assuming the other requirements are satisfied).
A cryptocurrency miner would generally be required to register for GST if its annual GST turnover is AUD 75,000 or more, excluding the value of its supplies of digital currencies and other input-taxed supplies. However, a miner who does not satisfy this GST registration threshold may nevertheless elect to register for GST to claim from the ATO input tax credits (i.e., GST refunds) for the GST cost of its creditable business acquisitions (noting that acquisitions that relate to the sales or acquisitions of securities, derivatives or digital currencies are prima facie non-creditable).
4. Is there an authorisation/licensing regime applicable to cryptoasset issuers/providers/exchanges and, if so, what are the requirements?
See above, Questions 2 and 3.
Financial services licensing considerations
To obtain an AFSL, applicants must submit an application to ASIC in accordance with the Corporations Act. ASIC undertakes a detailed assessment of the business in relation to the financial services it intends to provide and its ability to comply with financial services laws. The applicant must demonstrate to ASIC that it has:
responsible managers with the knowledge, skills and experience necessary to
provide the relevant financial services;
adequate resources (including human, financial and technological) to provide the relevant financial services; and
adequate arrangements (i.e., compliance and risk management systems) in place to ensure it, and its representatives, comply with the conditions on its AFSL and Australia’s financial services laws.
Applicants must also demonstrate that responsible managers and certain personnel associated with the applicant (e.g., directors, secretaries and controllers) are fit and proper. ASIC aims to finalise at least 70% of new AFSL applications within 150 days and at least 90% of new AFSL applications within 240 days of submission.
AML/CTF considerations
Separate to the AFSL regime, AML/CTF regulation may also apply to entities that exchange fiat currency for digital currency (and vice versa), known as digital currency exchange (DCE) providers and require enrolment and registration with AUSTRAC. Enrolling and registering with AUSTRAC involves submission of an Australian Business Profile Form, which details the activities and personnel associated with the business. The timing for enrolment with AUSTRAC can vary. An entity must receive confirmation of enrolment from AUSTRAC following submission of the entity’s enrolment form. While there is no prescribed timeframe, confirmation generally occurs within two weeks of submission. AUSTRAC has indicated it may take up to 90 days to assess registration applications from DCE service providing reporting entities.
5. Is the promotion of cryptoassets to consumers or investors regulated and, if so, how?
The sale of financial product cryptoassets is regulated under Australia’s existing financial services regulatory regime. Marketing and promotion of financial products is a licensable activity and financial product offers to retail clients (with some exceptions) must be accompanied by a regulated disclosure document (e.g., a product disclosure statement or a prospectus and a financial services guide) that satisfies the content requirements of the Corporations Act and regulatory guidance published by ASIC. Such a disclosure document must set out prescribed information, including benefits and risks of the product, as well as the provider’s fee structure, to assist a client in deciding whether to acquire the cryptoasset from the provider. In some instances, the marketing activity itself may cause the sale to be an offer of a regulated financial product.
If investors are wholesale clients as defined under the Corporations Act, an offer of financial products may not require regulated disclosure.
Marketing financial product cryptoassets to Australian residents from offshore may also still trigger licensing and disclosure requirements. Generally, an offshore service provider may respond to requests for information and issue products to an Australian resident if the resident makes the first (unsolicited) approach and there has been no conduct on the part of the issuer designed to induce the investor to make contact, or activities that could be misconstrued as the provider inducing the investor to make contact. Any marketing and promotion to consumers or investors must be considered against ACL requirements (for non-financial product cryptoassets) and corresponding requirements under the ASIC Act (for financial product cryptoassets).
6. What anti-money laundering requirements apply to cryptoassets?
For the purposes of the AML/CTF Act, cryptoassets do not meet the definition of “money”.
However, reporting entities like DCE providers are required to prepare, adopt and maintain an AML/CTF program, undertake due diligence on customers and comply with numerous monitoring and reporting requirements, as summarised below.
AML/CTF program
Reporting entities must adopt and maintain an AML/CTF program, usually
comprising:
Part A, which identifies, mitigates and manages money laundering and terrorism financing (ML/TF ) risk, including the reporting entity’s ongoing customer due diligence procedures; and
Part B, which establishes a framework and documents customer due diligence procedures in detail.
Annual compliance reports
Reporting entities must lodge annual compliance reports with AUSTRAC. The report outlines the appropriateness of the reporting entity’s ML/TF risk assessments and the effectiveness of its AML/CTF program. A compliance report typically includes information about an entity’s AML/CTF program, its customer identification procedures and reporting obligations. Unless otherwise specified in the AML/CTF rules, the AML/CTF compliance report covers the previous calendar year.
Suspicious matter reports
The obligation to submit a suspicious matter report arises where, in the course of a dealing with a customer, a reporting entity forms a suspicion (on reasonable grounds) that:
the customer is not who they claim to be;
information the reporting entity has may be relevant to investigate or prosecute a person for an evasion of tax law or an offence against a Commonwealth, state or territory law, or of assistance enforcing the Proceeds of Crime Act 2002 (Cth) or corresponding state or territory legislation; or
providing a designated service may be preparatory to committing an offence related to money laundering or terrorism financing or relevant to the investigation or prosecution of a person for an offence related to money laundering or terrorism financing.
The report must include details about the reporting entity’s business, the suspicious matter, the persons to which the matter relates and any related transactions. The report must be submitted within 24 hours after the time the suspicion is formed if relating to terrorism financing. For any other offence, the relevant reporting timeframe is three business days after the day in which the relevant suspicion was formed.
Record keeping and registration
DCE providers are required to keep certain records relating to customer identification and transactions for up to seven years. DCE providers must also renew registration every three years.
7. How is the ownership of cryptoassets defined or regulated?
In Australia, cryptoassets are generally treated as being personal property that can be owned, assigned and transferred. There is debate over whether cryptoassets can be securitised (see below, Question 9).
Control and ownership over cryptoassets are generally determined by whoever holds the private keys. A person can beneficially own cryptoassets, for example, where a person has a custodial wallet in respect of which a third party custodian holds the private keys and legal title to the cryptoassets. This will depend on the relevant terms and conditions (see below, Question 9).
8. How are Decentralised Autonomous Organisations (DAOs) treated?
It is arguable that a DAO may be a partnership or association under Australian law. There is currently no specific registration regime for DAOs.
Consultations have focused on regulating centralised entities rather than individual assets or decentralised (or distributed) structures, so there has been limited development to date on how DAOs should be characterised from a legal or regulatory perspective. The Senate Select Committee on Australia as a Technology and Financial Centre recommended that the Government establish a new DAO company structure as a separate legal identity where DAO token holders are given limited liability, and the Australian Law Reform Commission (ALRC) released a background paper on new business models, technology and practices including consideration of DAOs as part of its inquiry into the financial services legislative framework.
9. Are there any particular laws or rules which apply in the event of the crypto bankruptcy or insolvency?
In Australia, there is currently no specific insolvency regime for digital asset intermediaries and therefore the general insolvency regime under the Corporations Act and common law will apply.
Treatment of cryptoassets
Generally, property held on trust or as custodian by an insolvent company will not be available for distribution to the general creditors of the company. At the time of writing, Australian courts are yet to consider the treatment of cryptoassets in an insolvency context. There is currently no decision by an Australian court which expressly deals with:
whether cryptoassets are “property” which can be the subject of a trust/custody arrangement; and
if cryptoassets are “property” in the legal sense, whether cryptoassets held in an omnibus (or pooled) fashion are capable of being held on trust/under a custody arrangement so as to give users a proprietary right to the digital assets, rather than a mere contractual right.
The New Zealand case of Ruscoe v. Cryptopia Ltd (in Liquidation) [2020] NZHC 728 (Cryptopia) is likely to be instructive to Australian courts. The court in Cryptopia held, relevantly for common law jurisdictions such as Australia, that cryptocurrencies satisfy the common law definition of “property” and are capable of forming the subject matter of a trust.
The treatment of cryptoassets in an insolvency of an Australian crypto exchange from the customers’ perspective would largely depend on the user terms and conditions and treatment of the assets in practice by the parties. Where the terms provide (and the assets are treated on the basis) that the cryptoassets are held by the exchange on trust or as custodian for the user, the user would likely have proprietary rights in the assets. Alternatively, where the terms provide (and the assets are treated on the basis) that the exchange holds the cryptoassets on terms which are in the nature of a contractual (rather than proprietary) relationship with respect to the user (such as where only the exchange has access to the private keys required to deal with the cryptoassets) the user would likely only have contractual rights in respect of the assets.
If the user has proprietary/ownership rights in the cryptoassets, then in the event of insolvency of the exchange, the user would likely be entitled to those assets to the exclusion of the exchange’s general creditors (noting that any such entitlement would depend on several factors, including whether the user has made any required registrations in respect of its interests to ensure that priority in insolvency is maintained). On the other hand, if the user only has contractual rights in respect of the assets, they would likely be treated as a general unsecured creditor of the exchange with no proprietary interest in, or direct recourse to, the cryptoassets, which would be available for realisation by the company’s external administrator for the benefit of creditors as a whole. This lack of protection for users in an insolvency of a crypto exchange (and the importance of users to opt for platforms which adopt a custodian/trust structure) was evident in the 2022 voluntary administration of Digital Surge Pty Ltd (which became insolvent as a result of the FTX bankruptcy) in which the cryptoassets were found to be the property of the company (based on the user terms and conditions of that platform) and users were unsecured creditors with no proprietary rights.
Taking security
The process for taking security over cryptocurrency in Australia is not yet settled because Australian courts are yet to consider the treatment of cryptoassets in an insolvency context and whether they are a form of “property”.
Under Australia’s Personal Property Securities Act 2009 (Cth) (PPSA), a security interest in “personal property” will only be effective if the secured party has perfected the interest by possession or control of the personal property, or by registration on the Personal Property Securities Register. As a party seeking to take security over cryptoassets would generally not have possession or control of the assets, the interest would need to be registered.
Relevantly, there must be “property” within the meaning of the PPSA to which the security interest attaches. While there remains uncertainty as to the type of personal property that properly defines cryptoassets, anecdotally insolvency practitioners are generally proceeding on the basis that a user’s third party holding or direct holding is a form of personal property for the purposes of the PPSA until such time as court directions on this subject are provided and/or the law is clarified by the legislature.
10. Is a smart contract enforceable as a legal contract?
Smart contracts (including self-executing contracts) are permitted in Australia under the Electronic Transactions Act 1999 (Cth) (ETA) and equivalent Australian state and territory legislation. The ETA provides a legal framework to enable electronic commerce to operate in the same manner as paper-based transactions. Under the ETA, self-executing transactions are permitted in Australia so long as they meet all traditional elements of a legal contract, including an intention to create legally binding obligations, offer and acceptance, certainty and consideration.
The pre-determined and self-executing form of smart contracts creates difficulties where there is a required element of discretion by either party, particularly relating to dispute mechanisms (e.g., arbitration and mediation) and non-deterministic provisions. There has been very little case law on the subject.
11. What recourse does a victim of crypto fraud have?
A victim of crypto fraud may be able to pursue civil actions in relation to the fraud including claims for breach of contract, breach of trust, contractual misrepresentation and damages, and potentially tortious claims such as conversion and detinue. Fraud is also a crime in all Australian states and territories. A person may also be guilty of an offence if they deal with the fraudulently obtained crypto in circumstances where they are found to have reasonable grounds to suspect the crypto is a proceed of crime.
A victim of crypto fraud may be able to apply to the court for interim as well as final relief to try to protect the cryptoassets that they allege have been fraudulently obtained. Courts in all Australian states and territories have the power to grant various orders including injunctions and orders for the preservation of property.
All Australian states and territories have specific rules regarding the service of civil proceedings, including civil claims said to arise as a result of crypto fraud. As to the jurisdiction for claims arising in relation to cryptoassets, it will be important for victims of crypto fraud to consider governing law clauses in any agreements governing their purchase of cryptoassets that may be prescriptive as to the laws governing disputes arising in relation to the cryptoassets.
12. Are there any other ongoing legal or regulatory consultations or other legal frameworks in the pipeline relating to cryptoassets?
See above, Questions 1 and 2.
Australia is also experiencing reform in the payments and stored value facility sector as well as the broader financial services landscape, as follows:
On 11 October 2023, Treasury released a draft bill and explanatory memorandum for industry comment on proposals to update the Payment Systems (Regulation) Act 1998 (Cth), which captures PPFs. Among the proposals are changes to update the definition of “payment system” to cover payment systems that use cryptoassets and the definition of “participant” to capture all entities in the payments value chain, including payments made using cryptoassets. The consultation process closed on 1 November 2023.
On 7 June 2023, the Government released its Strategic Plan for Australia’s Payments System (Strategic Plan) , outlining the Government’s policy objectives and priorities for reform in payments. Notably, this includes updating the payments regulatory framework by implementing changes to stored value legislation and introducing a new payments licensing framework. Treasury released a consultation paper proposing graduated regulatory obligations based on the risk profile associated with each payment function (e.g., issuer, payment initiation services, payment facilitation, authentication, authorisation and processing, clearing and settling, and money transfer). The Strategic Plan will be reviewed on an 18 month review cycle to allow the Government to report on its progress against its objectives and priorities.
On 8 December 2023, Treasury released a consultation paper relating to an enhanced regulatory framework for payment service providers. Among other proposals, the paper seeks to capture specific arrangements under a new “payment product“ definition (including traditional stored value facilities, payment stablecoins and payment facilitation services) and enhance the prudential regime for different types of stored value facilities. Consultation closed 2 February 2024.
The ALRC has been conducting an inquiry into simplifying Australia’s overarching financial services regulatory framework to make it “more adaptive, efficient and navigable for consumers and regulated entities”. As part of the inquiry, the ALRC has provided interim reports on three areas, being the design and use of definitions in corporations and financial services legislation, the regulatory design and hierarchy of laws, and the potential to reframe or restructure financial services laws. A consolidated report was due on 30 November 2023, however it remains to be seen if any proposals will address crypto as an asset class. On 18 January 2024, the final report of the ALRC’s review of the legislative framework for corporations and financial services regulation was tabled in Australian parliament. The final report found the current legislative framework is overly complex and had made 58 recommendations to streamline financial services legislation. The report acknowledges the importance of an adaptive legislative framework that accommodates future policy initiatives, such as the regulation of cryptoassets. The Government is now considering the ALRC’s final report and recommendations.