On 25 September 2025 the Commonwealth Treasury released an exposure draft of the Treasury Laws Amendment (Regulating Digital Asset, and Tokenised Custody, Platforms) Bill 2025, together with an explanatory memorandum, fact sheet and consultation materials. The draft would bring operators of digital asset platforms (DAPs) and tokenised custody platforms (TCPs) within Australia’s existing financial services regulatory framework by treating those platforms as new financial products under the Corporations Act 2001 (Cth).

Public consultation on the draft closes on 24 November 2025. Stakeholders intending to provide submissions should prepare and lodge their feedback before this deadline.

Below I summarise the core elements of the draft, explain immediate compliance and commercial implications for market participants, and flag key issues industry and counsel are likely to raise during consultation. All statements that could be time-sensitive are sourced to Treasury and leading legal analyses cited below.

What the draft actually proposes

1. New product categories and AFSL coverage

The draft introduces two new regulated financial product categories:

Statutory Definitions (Simplified)
1. Digital Asset Platform (DAP):
A facility through which customers acquire, hold, or dispose of platform entitlements recorded on a token-based system, where the operator exercises control or provides functions enabling transactions, order-matching, settlement, or related services.

2.Tokenised Custody Platform (TCP):
A service that holds, safeguards, or controls tokenised entitlements or digital asset keys on behalf of clients, including arrangements that maintain records of ownership or control on distributed ledgers.

Where a business’s operations fall within these definitions, the operator will generally require an Australian Financial Services Licence (AFSL) unless an exemption applies. Standard AFSL obligations – including conduct, disclosure, organisational competence, and custody rules – will attach.

2. Tailored minimum standards for tokenised custody

The draft adapts existing custody and holding obligations to tokenised environments by:

  • requiring platforms to maintain segregated client entitlements;
  • mandating operational standards for private key management, backup, and recovery;
  • imposing minimum contract terms where platforms issue token-based entitlements;
  • clarifying how trust/custody concepts apply to tokenised records.

(See Explanatory Memorandum paras. 120–168 for detailed custody requirements.)

These rules aim to address the unique risks of distributed ledgers while retaining the core consumer protections of the Corporations Act.

3. Disclosure, governance and conduct obligations.

Digital asset platform operators would face disclosure obligations and conduct and governance requirements broadly modeled on existing AFSL obligations: obligations to manage conflicts, maintain adequate systems and controls, provide prescribed information to users, and meet prudential-like standards for custody and operational resilience. The draft also contemplates the minister or regulator having designation powers for particular platforms or products where systemic concerns arise.

4. Thresholds and limited exemptions

To avoid over-regulation of micro-operators, the Treasury proposes de-minimis thresholds.

Indicative thresholds (subject to consultation):

  • platforms with < AUD 1 million in assets under custody, or
  • < 100 clients holding platform entitlements, or
  • < AUD 500,000 in annual transactions

may qualify for limited exemptions or scaled obligations.

These numbers may change following consultation.

5. Enforcement and penalties

Breach of the regime exposes operators to the full Corporations Act penalty architecture.

Indicative penalty ranges:

  • civil penalties up to 50,000 penalty units (~AUD 15.6 million for companies),
  • higher penalties available for serious or repeated contraventions,
  • potential criminal penalties for intentional misconduct, and
  • expanded ASIC oversight over custody, settlement, and facility-operation functions.

Practical implications for businesses operating in or into Australia

  1. Exchanges and custodians: Domestic and overseas-based trading venues and custodians that service Australian clients should evaluate whether their business models will fall within the DAP/TCP definitions and, if so, whether current operating models meet the minimum standards for custody, disclosure and systems controls. For many established players this will mean preparing AFSL applications, or teaming with licensed local entities.
  2. On-ramps and tokenisation service providers: Providers that offer token issuance, tokenised asset custody, or ledger infrastructure that gives rise to platform entitlements should map those activities against the draft definitions. The draft focuses on regulating platform functions and custody arrangements rather than the legal nature of every underlying token – but how a token is characterised in practice will materially affect the regulatory outcome.
  3. DeFi and decentralised custody models: Decentralised protocols and non-custodial services need careful analysis. The draft targets platforms that provide custody-like functions or issue platform entitlements; fully permissionless code-only protocols with no identifiable operator present novel questions of perimeter and enforceability. Treasury and stakeholders explicitly invited submissions on these boundary issues during consultation.

    Case Example:
    A liquidity-pool DEX with user custody but an operator controlling the front-end, upgrade keys, and fee mechanisms may be treated as a DAP.
    A purely autonomous contract deployed without an operator may sit outside scope, though Treasury explicitly invites submissions on such boundary scenarios.
  4. Third-party risk and supply chain: Operators that outsource custody, wallet management, or settlement infrastructure will need to ensure contractual and oversight arrangements meet the platform minimum standards (including requirements that assets are held in ways consistent with trust or other acceptable custody models). Contracts, audits, and incident-response protocols will require review and likely upgrades.
  5. Cross-border enforcement and licensing strategy: Offshore platforms that accept Australian users cannot rely on decentralised or foreign structuring to avoid jurisdiction.
  • International comparison:
    • U.S.: moving toward exchange and custody obligations under SEC/CFTC oversight
    • U.K.: UK-FCA bringing cryptoasset activities into regulated market-infrastructure frameworks
    • EU: MiCA regulates custodians, exchanges, and stablecoin issuers holistically under a dedicated regime

Australia differs by inserting new products into its existing AFSL regime, rather than creating a standalone crypto statute.

Key legal and policy issues open to consultation

  • Definitions and perimeter. How the Treasury defines “digital asset platform” and “tokenised custody platform” will determine who is regulated. Industry respondents will press for clarity about the scope (for example, where custodial duty begins and ends, and whether certain middleware or protocol service providers are in or out).
  • Interaction with existing financial product law. The reform preserves the existing Corporations Act framework where tokens are financial products, but also introduces tailored measures for tokenised entitlements. Stakeholders will examine how overlap, duplication or gaps with other regimes (payments law, AML/CTF, consumer law) will be resolved.
  • Practical compliance costs vs consumer protection. Smaller entrants will argue that heavy licensing burdens risk reducing competition and innovation; regulators will emphasise consumer protection and market integrity. The consultation process is likely to focus on proportionality and transitional relief.
  • Treatment of stablecoins and tokenised fiat. The draft sits alongside ongoing work on payments and stablecoin policy. The interaction between tokenised custody rules and any separate stablecoin-specific regulation will be a live issue for token issuers and payment infrastructure providers.

What counsel and in-house teams should do now

  1. Map business activities to the draft definitions. Create a succinct compliance map showing where core services (matching, custody, settlement, issuance, staking, lending, liquidity provision) may trigger AFSL obligations. Use that map to quantify the number and type of Australian customers affected.
  2. Gap assessment against custody and operational minimums. Review custody models, segregation of client property, backup/keys procedures, and facility contract terms against the draft’s tailored custody standards. Identify systems/controls gaps and remediation steps.
  3. Consider licensing, partnerships or structural changes. For firms that will be captured, assess AFSL application readiness, options to partner with licensed intermediaries, or structural changes that limit exposure to Australia (bearing in mind that providing services to Australians from offshore may still attract obligations).
  4. Prepare submission for consultation. If your business has concerns about definitions, thresholds or practical compliance burdens, prepare a targeted submission to Treasury during the consultation window. Submissions that include specific drafting alternatives and measured policy arguments are typically most effective.

How this fits into the global regulatory trend

Australia’s draft follows a broader international movement toward bringing crypto intermediaries within established financial-services frameworks (U.S., U.K., EU initiatives and supervisory guidance), while attempting to tailor obligations to token-specific risks. The draft emphasises custody, disclosure and operational resilience – the same regulatory themes appearing in leading markets – but does so by inserting two new product buckets into an existing statute rather than building a wholly separate siloed regime. Legal advisers are widely treating the package as a market-stabilising step that trades faster legal clarity for increased compliance obligations.

Limitations and what to watch next

The draft is consultation material, not law. Details (definitions, thresholds, transitional arrangements and enforcement calibrations) are subject to change through consultation and drafting before a Bill is introduced to Parliament. Watch for Treasury’s consultation responses, any amending exposure drafts, ASIC guidance updates, and parallel work on payments/stablecoin regulation. The Treasury consultation page and official media releases are the authoritative sources for textual changes.

Recommended next steps for Australian market participants and international firms with Australian exposure

  • Complete a mapping and gap-analysis exercise within 30–60 days.
  • Review custody contracts, insurance and incident response arrangements.
  • Decide on AFSL application strategy or local partnership approach.
  • Prepare targeted consultation submissions (if you have concerns about definitions, thresholds, or unintended perimeter effects).

If you’d like, our team at Cryptoverse Lawyers can:

  • perform a tailored DAP/TCP exposure assessment for your platform or service model;
  • draft an AFSL readiness plan and prepare compliance policies (custody, disclosure, AML/CTF alignment); and
  • prepare a consultation submission or regulatory representation to Treasury and ASIC.

Contact us for a confidential scoping call to determine whether your platform will be captured and what an efficient compliance path looks like.

Sources

  • ASIC recent guidance and enforcement posture on digital assets (updated guidance outlining application of Australian law to crypto activities).
  • TreasuryRegulating digital asset platforms – exposure draft legislation (exposure draft and consultation materials).
  • Treasury media release (25 Sept 2025)Consulting on laws for an innovative digital asset industry.
  • Allens / King & Wood Mallesons / other firm briefings on the Draft Bill (analysis of AFSL capture, custody standards and obligations).

Frequently Asked Questions

1. What is Australia’s proposed digital asset platform legislation?

The 2025 draft legislation introduces new rules under the Corporations Act for digital asset platforms and tokenised custody platforms. These operators would fall under AFSL obligations, including custody, disclosure, conduct standards, and operational controls.

2. Who will be required to hold an AFSL under the new draft?

Any operator that meets the statutory definitions of a Digital Asset Platform (DAP) or Tokenised Custody Platform (TCP) would generally need an AFSL, unless they fall within limited exemptions for small-scale operators.

3. Do these rules apply to overseas exchanges serving Australian users?

Yes. Offshore exchanges and custodians that accept Australian clients may be captured. Treasury and ASIC emphasise that providing services to Australians triggers obligations, even when infrastructure is based offshore.

4. How will custodial obligations change for crypto businesses?

The draft introduces tailored custody standards for tokenised records, including segregation of client assets, minimum contract terms, secure key management, and operational resilience expectations.

5. Are decentralised (DeFi) protocols covered under the draft?

It depends. Protocols with identifiable operators that provide custody-like functions or issue platform entitlements may fall in scope. Fully permissionless, non-custodial systems remain uncertain and are an open consultation issue.

6. Are there any exemptions for small operators?

The draft includes indicative de-minimis thresholds based on customer numbers, assets under custody, and transaction volumes. These thresholds aim to reduce obligations for micro-platforms but are still subject to consultation.

Newer Commodity Futures Trading Commission Chair Nominee Signals Shift in U.S. Crypto Oversight 
Back to list
Older Why AI Tokens Are Emerging as a High-Conviction Investment Theme in 2025