ASIC issues sweeping new guidance on digital assets and ‘no-action’ until 2026 for a range of providers

This is a major development for anyone operating in the crypto space or dealing with digital assets in Australia. While INFO 225 does not change the law, the guidance represents ASIC’s most detailed statement yet of how it interprets the existing financial services regime in the context of digital assets. Whilst the guidance provides helpful clarity in some areas, it also raises significant policy and legal questions, including in light of Treasury’s recently released draft legislation for digital asset platforms.

The guidance envisages that most businesses dealing in digital assets will need to take steps to apply for an AFSL with the appropriate authorisations to deal in the tokens which they offer before 30 June 2026 in order to take advantage of no-action relief offered by ASIC while their application is determined. ASIC appears to take the view that only a small number of widely traded tokens, including Bitcoin, some memecoins, and potentially certain asset-referenced tokens are not financial products. Accordingly, crypto businesses will need to undertake a token by token assessment in order to determine the nature of each token which it deals with or custodies in order to identify the authorisations required (a daunting task rife for debate). While ASIC has indicated a willingness to offer regulatory relief in respect of some compliance aspects of the AFSL regime, for the most part, the guidance assumes that existing financial services laws apply to most cryptocurrency related dealings.

Despite Treasury’s publication of its digital asset platform proposal just weeks ago, ASIC’s position would likely render these new authorisations of narrow scope. In ASIC’s view, DAP licensees will likely need to apply for a number of additional financial service authorisations raising the prospect of substantial duplication and complexity.

After reviewing industry feedback for nearly a year, ASIC has now set the industry a challenging task to move into compliance with existing laws in little over 8 months or face potential enforcement action. Unfortunately, the latest guidance doesn’t appear to take into consideration broader policy objectives in regulatory design for the digital economy, international approaches such as MiCA which have trended toward tailored regimes for cryptocurrencies, or the global nature of crypto-asset markets where users can easily self-custody or access offshore unlicensed alternatives.

From crypto-assets to digital assets

ASIC has shifted its terminology from “crypto-assets” to “digital assets”, likely to reflect the broader range of tokenised instruments now in use, or perhaps to align with Treasury’s recently released exposure draft. Although ostensibly just a semantic change, when read in conjunction with the guidance as a whole it arguably signals ASIC’s intention to apply the guidance to a wider spectrum of token types.

Expanded examples and categorisation

The finalised INFO 225 includes 18 worked examples (up from 13 in the draft version), illustrating how ASIC applies financial product definitions to various digital asset use cases. In response to feedback, ASIC has now provided alternative scenarios to further demontrate its approach. These examples are grouped by product type, including:

1. facilities for making financial investments;
2. interests in managed investment schemes;
3. securities (shares and debentures);
4. derivatives; and
5. non-cash payment facilities.

These examples reinforce the regulator’s case-by-case approach – a theme that runs consistently throughout the guidance. This approach necessarily imposes a significant compliance burden on operators. In other jurisdictions, this challenge has been tackled by establishing bespoke regimes and targeted litigation to define the scope of the regulatory framework.

Key takeaways for industry

1. Token-by-token analysis is here to stay

ASIC’s approach confirms that digital assets must be individually assessed to determine whether they constitute financial products. This means businesses will need to undertake a granular legal analysis of each token they issue, or support. For many, this will raise questions such as:

• how do we practically assess each token’s legal characterisation?
• what evidence will ASIC accept to support a non-financial product conclusion?
• will ASIC nonetheless seek to apply penalties despite the participant receiving detailed legal advice? (see the Block Earner case)
• how might future litigation impact the boundaries of ASIC guidance?

This approach is resource intensive and anti-competitive. It will be particularly challenging for local exchanges and DeFi protocols dealing with hundreds or even thousands of tokens. Confirming its previous policy position, ASIC conceded that Bitcoin is unlikely to be a financial product.

2. Staking, yield products and wrapped tokens are in scope

ASIC maintains its position that staking services that abstract or enhance native staking services are likely to be managed investment schemes or financial investments. This includes services that allow users to stake below minimum protocol thresholds, offset instant withdrawal of staked assets, and pool user assets to generate returns. This position conflicts with Treasury’s proposal to offer regulatory relief for licensed digital asset platforms which offer intermediated staking services and similar approaches overseas.

Similarly, yield-bearing stablecoins and asset-linked tokens (such as a ‘gold-linked token’ in Example 7) are likely to be financial products where the issuer pools funds and offers a return.

ASIC remains of the view that wrapped tokens are derivatives based on a broad reading of the Corporations Act. This unfortunately ignores the economic reality of wrapped token and is a fundamental misunderstanding of how wrapped tokens operate and are used, which bears little to no comparison to actual derivatives. Take wrapped ETH (wETH) as an example: it is not a speculative instrument, but a technical mechanism to enable ETH to interact with smart contracts on the Ethereum blockchain. The wrapped token does not introduce leverage or contingent obligations typically associated with derivatives. To characterise such tokens as derivatives is to apply a financial product lens to what is, in reality, a software compatibility layer. This is a view that likely stretches the legislative intent behind the definition of a derivative under the Corporations Act.

A similar critique applies to the ATO’s position that wrapping a token constitutes a CGT event. This approach treats a purely technical conversion, often involving no change in economic exposure or beneficial ownership, as a taxable CGT disposal. This not only creates unnecessary tax friction but also fails to reflect the fundamental reality of how users interact with decentralised protocols. From this perspective, both regulatory and tax frameworks should be technologically neutral and grounded in substance, not form.

In this respect, the guidance reflects the danger of regulation by read-across (rather than reasoned policy formulation), discourages innovation and would introduce substantial friction in the development of tokenised markets.

Moreover, the policy rationale for regulating a company involved in the development of smart contracts which allow a user to issue a wrapped token permissionlessly is not clear. In this context, the issuance process does not operate like a typical intermediary or custodial arrangement as the underlying asset is locked and redeemed programatically (not by the smart contract developer) which is an essential benefit of the technology. The regulation of this activity risks stifling the development and benefits of new technology by applying traditional policy paradigms where they do not fit.

3. Non-custodial wallets and stablecoins under scrutiny

In the authors’ view, one of the more contentious aspects of INFO 225 is ASIC’s treatment of non-custodial wallets (see Example 17, Scenario 2). The guidance suggests that wallet providers may be offering non-cash payment facilities, and therefore financial services and require an AFSL, even where they do not hold customer assets or private keys or have any ability to effect payments on behalf of the user (i.e. all assets are controlled by the user who initiates all payments).

In this scenario, the essential purpose of regulation is to address the risk of theft or fraud by the intermediary where they control and can divert customer assets. While smart contracts introduce software and security risks, the traditional policy rationale for regulating intermediaries does not apply. The premise that anything which can be used as a means of payment (e.g. shells, cigarettes or software) should be regulated is open to challenge.

This raises a series of difficult questions for infrastructure providers:

• when does software become a financial service?
• can a software developer rely on the incidental exemption?
• what if we facilitate payments but don’t control the tokens?

In this regard, INFO 225 offers little comfort for developers building tools that enable users to interact with public blockchains.

The guidance also deems non-yield bearing stablecoins as likely to be financial products in the form of a non-cash payment facility. However, ASIC is proposing to expand existing transitional relief to distributors dealing in stablecoins issued by an AFS licensed issuer or foreign exempt issuer subject to conditions. Some wrapped tokens would obtain similar relief. A draft statutory instrument implementing this regime has been published for comment until 12 November. The proposed relief will apply only until 1 January 2029.

4. Market entry

INFO 225 reinforces that businesses offering digital asset services in Australia will likely need an AFSL. Given the breadth of the guidance and the token-by-token approach, the guidance presents a complicated roadmap for Australian market entry for overseas operators. Some digital asset businesses will need an AFSL with multiple authorisations, including dealing, custody, market making and advice in relation to several categories of financial products on top of the new digital asset platform authorisation which would have little work to do. Perversely, this could operate as a disincentive for overseas operators to seek licensing onshore.

The guidance warns that operating a market dealing in just one financial product among many tokens will require markets and potential clearing and settlement licences. This raises the prospect of dual licensing or mandate substantial changes to the business model of some operators in order to achieve compliance.

In addition, licensees will need to grapple with how to apply disclosure and design and distribution obligations in respect of hitherto unregulated globally traded assets.

5. Policy tensions and industry implications

For many industry participants, it is likely that the release of INFO 225 raises more questions than it answers. The guidance applies existing financial product definitions to a wide range of digital asset activities, often in ways that appear to stretch the statutory language. This creates a regulatory environment where businesses must navigate complex, and at times inconsistent, expectations, particularly when Treasury’s (arguably) conflicting draft legislative reforms were released just weeks ago.

The practical effect of this is a heightened sense of uncertainty. Without clear legislative authority or judicial endorsement, ASIC’s expansive interpretation of the law risks imposing a degree of regulatory complexity that operates as a “shadow ban” on innovation at a time when other markets are racing ahead to revisit traditional policy parameters as technology develops and unlocks new opportunity. Projects may be forced to choose between undertaking costly and uncertain licensing processes or shifting activity and business offshore, particularly for early-stage projects.

For many, the key question may no longer be “how do we comply?”, but rather “can we even afford to operate in Australia at all?” The lack of a consistent policy approach between Treasury and ASIC leaves businesses in a holding pattern, unsure whether to rely on the promise of future reform or navigate the steep challenge of seeking to achieve compliance under the existing regulatory framework.

Additionally, existing licensees may benefit from transitional relief, while new entrants face full licensing requirements, raising questions about competitive fairness and market access.

Looking ahead

The latest version of INFO 225 has wide ranging implications for anyone operating in the digital asset industry. It provides important insight into ASIC’s thinking and will shape how businesses structure their offerings in the near term. Given the short timeline to compliance, businesses will need to act quickly to assess their options and regulatory strategy.

However, INFO225 also highlights the urgent need for legislative clarity. Without a coherent and coordinated approach between Treasury and ASIC, Australia risks falling behind other jurisdictions that have adopted tailored frameworks that offer a clear pathway to compliance focusing on consumer outcomes.

The next six to twelve months will be critical in determining whether Australia can deliver on its ambition to become a global leader in digital asset regulation, or whether regulatory fragmentation will drive innovation elsewhere.