1. 0.25 CPD Hours

Digital Asset Regulation in Australia: Where to from here?


Monochrome AI

Disclaimer: Please note that while the AI chatbot is designed to facilitate informative and engaging conversations, it may also produce inaccurate, false or misleading information about people, places or facts due to its reliance on pre-existing data and patterns. Users should always cross-verify critical information from trusted sources and seek independent advice before making financial decisions. Monochrome and its directors and staff disclaim any and all liability for damages, losses or harms of any kind that result from the use of the AI chatbot and/or actions based on the system's outputs. Users of the AI chatbot do so at their own risk. Use of the AI chatbot signifies acceptance of these terms.

Learning Outcomes

This piece will examine various approaches to digital asset regulation as well as the expressed sentiment of regulators to equip the reader with information on the likely path forward in Australian digital asset regulation and the impact that will have on the investability of digital assets. Key issues addressed in this piece include:

  1. The way regulators in Australia and abroad treat digital assets.
  2. The key risks associated with digital assets.
  3. The mechanisms through which Australian regulators might seek to ameliorate these risks.


The unprecedented influx of demand for digital-asset investments has exposed limitations in Australia’s existing regulatory framework. As ASIC, AUSTRAC and the ATO work to implement an appropriate regulatory framework for these new assets, rapid investment continues into a space which is absent of significant regulatory oversight. Monochrome is actively involved in assisting the ongoing consultative processes with Australian regulators, as they seek to understand the nature of digital-assets, their potential value to Australia’s economy, and the various risks they pose to investors. This piece will examine various approaches to digital-asset regulation as well as the expressed sentiment of regulators to discern the likely path forward in Australian digital-asset regulation and the impact that will have on the investability of digital-assets. Key issues arising in this analysis include the way regulators treat digital-assets, the key risks associated with digital-assets, and the mechanisms through which Australian regulators might seek to ameliorate these risks.

How do regulators classify digital assets?

ASIC, AUSTRAC and the ATO are the key regulators in the Australian digital-assets landscape. AUSTRAC is the Australian Government agency responsible for detecting, deterring and disrupting criminal abuse of the financial system to protect the community from serious and organised crime. Whilst this is an important part of the regulatory landscape within digital assets and the financial system more broadly, it is separate to consumer protections found within the Corporations Act 2001 as enforced by ASIC.

There is a notable transition in sentiment that can be inferred through guidance materials and other materials released by these regulators, especially ASIC. Looking first at ASIC, initial guidance released on the classification of digital-assets indicated that they were risky but fell almost entirely outside the mandate of ASIC, the exception being those digital-assets that could be construed as financial products within the meaning of the Corporations Act 2001. This approach can be contrasted against ASIC’s current consultative process in relation to Consultation Paper 343 Crypto-assets as underlying assets for ETPs and other investment products (CP343), where ASIC is actively engaged in a consultative process, seeking industry feedback to develop an appropriate classification system.

Looking next to the ATO, we can see that, based on their most recent guidance, digital-assets are well integrable into Australia’s taxation framework. For general holders of digital-assets, the ATO will treat these as CGT assets. For those who engage in the trading, mining or exchange of digital-assets, the digital-assets will be treated as trading stock and not attract CGT.

What key risks are regulators concerned with?

Key investor risks arising in relation to digital-assets include price volatility, vulnerabilities in the digital currency protocols, the risk of fraud and risks arising out of reliance on intermediary parties necessary to facilitate digital-asset investments, such as the need for intermediary custody providers.

Regulators are well aware of the volatility of digital-assets and have evinced strongly that this is an important risk factoring into regulatory decisions. Notwithstanding this fact, there is a notable shift in the attitude of regulators to Bitcoin which trade in more liquid markets with strong price information mechanisms, and consequently are susceptible to lower volatility than other, less deeply traded, digital-assets.

Vulnerabilities in digital currency protocols refer to inherent weaknesses in the platform on which a digital-asset sits, which are able to be exploited by potential hackers. It is widely acknowledged that widely adopted platforms, such as Bitcoin, have sophisticated, in-built mechanisms which prevent this from happening. However, there is a strong acknowledgement that protocol attacks are a live risk with nascent digital-assets.This risk will likely be addressed by regulators.

The risk of ledger fraud arises purely in relation to those nascent coins which distribute transaction verification responsibilities to a limited pool of actors. Where more established digital assets like Bitcoin distribute verification responsibilities to thousands of nodes operated separately in an international network, newer digital assets may have more centralised verification mechanisms. The key here is that ledger fraud risk arises when over 50% of nodes on the network supporting the asset are controlled by a single actor or a group acting in concert. When this occurs, those in control of the central verification mechanism are able to manipulate the ledger in a fraudulent manner to steal from those holding digital assets on the platform. Those in control are also able to change protocol rules, increasing technical risks associated with those digital assets which are not truly centralised.

The risks associated with reliance on intermediaries are also significant. Particularly, regulators have indicated that they are concerned by risks associated with intermediary custody providers. A significant risk which is not considered by many digital asset investors is that, in the event that their custody provider is compromised, their entire investment may also be compromised. This issue is exacerbated by the opaque nature of custody arrangements often found in the digital-asset space. An example of this risk in practice arises when trading on digital asset exchanges. When investors trade on digital-asset exchanges, that exchange is tasked with custody of those digital-assets unless the investor decides to move their digital-asset to a different location (noting that no digital asset exchanges in Australia currently are, nor are they currently required to be, licensed by our regulators to custody funds on their trading platforms or brokerages). In the event that the exchange is compromised by an internal or external bad actor or procedural deficiency, the assets custodied on that exchange are also potentially compromised. And many investors, both large and small, with assets sitting on exchanges are not aware of this or under-appreciate this risk.

How might Australia address these risks?

Every country in the world which has regulated digital-assets to date has done so through a licensing or registration regime. It is likely that Australia will do the same. This would invariably involve requiring businesses involved in the digital-asset value chain to obtain licences or registrations, which confer a range of obligations designed to secure investor protections. The key question then becomes: what will these obligations look like? It is useful to consider an implemented licence framework as a case study and the structure of obligations found in the New York Codes, Rules and Regulations is instructive:

  • Minimum capital requirements: it is likely that digital-asset businesses will be required to maintain an amount of fiat currency as a percentage of the digital-assets they are holding to secure liquidity. This will likely align with the compliance mandates set out by ASIC’s Regulatory Guide 166.
  • Custody requirements: where a digital-assets business is holding the assets of its users, they will be required to ensure the safe custody of those assets. Licensed custodians currently have to meet the requirements set out in ASIC’s Regulatory Guide 133 and it is expected that digital-assets businesses will have to meet similar requirements.
  • Financial disclosures: it is likely that licensees will have to go above and beyond the disclosure requirements encumbering incorporated entities, providing a range of disclosures including in relation to future financial projections and other key financial metrics.
  • Cybersecurity: this will likely involve licensees being obligated to establish effective cybersecurity controls in relation to identification, protection, response and recovery for relevant cyber threats. This is similar to the cybersecurity compliance measures outlined in ASIC’s Cyber Resilience Good Practices Guidance.
  • Risk management and business continuity measures: these are compliance measures which require licensees to ensure that their business is able to operate through disruptions. This includes plans to ensure that emergencies which are capable of disrupting business operations are unable to compromise data, relevant infrastructure and personnel. This will likely align with the compliance mandates set out by ASIC’s Regulatory Guide 259.

The above is helpful to understand how the key risks associated with digital assets can be effectively mitigated. What can be said with a degree of certainty is that key risks associated with well tenured digital assets can be well mitigated with proper regulatory action. What is less certain is whether risks associated with nascent digital-assets can be effectively addressed, given their multiplicity and variety.


It is expected that Australian regulators will make significant progress over the coming years to develop an appropriate regulatory framework to maximise the protection of retail investors when interacting with digital-assets. Monochrome Asset Management is engaging with regulators to assist in this process. ASIC’s current approach appears facilitative in terms of the larger capitalised and ‘battle-tested’ digital digital-assets with deep liquidity; however, it is unclear whether, and at what pace, regulators will develop an appetite for and therefore be willing to facilitate, more nascent digital-assets that do not trade in deep, liquid markets, lack institutional support and do not have ‘battle tested’ protocols.

Note: This activity meets the guidelines for qualifying CPD, and has been accredited for continuing professional development by the Financial Planning Association of Australia (FPA). This does not constitute FPA's endorsement of the activity.

Important Information: This material has been delivered to you by Monochrome Asset Management Pty Ltd (ABN 80647701246), Corporate Authorised Representative (CAR No. 128 6428) of Non Correlated Capital Pty Ltd (AFSL No. 499882, ABN 99 143 882 562), and has been prepared for general information purposes only and must not be construed as investment advice or as an investment recommendation. This material does not take into account your investment objectives, financial situation or particular needs. This material does not constitute an offer or inducement to engage in an investment activity nor does it form part of any offer documentation, offer or invitation to purchase, sell or subscribe for interests in any type of investment product or service. You should read and consider any relevant offer documentation applicable to any investment product or service and consider obtaining professional investment advice tailored to your specific circumstances before making any investment decision. A copy of the relevant Information Memorandum relating to a Monochrome financial product or service may be obtained by emailing info@monochrome.co or by visiting www.monochrome.co.

Past performance is not necessarily indicative of future results and no person guarantees the future performance of any strategy, the amount or timing of any return from it, that asset allocations will be met, that it will be able to be implemented and its investment strategy or that its investment objectives will be achieved. This material may contain ‘forward-looking statements’. Actual events or results or the actual performance of a Monochrome financial product or service may differ materially from those reflected or contemplated in such forward-looking statements.

This material may include data, research and other information from third party sources. Monochrome makes no guarantee that such information is accurate, complete or timely and does not provide any warranties regarding results obtained from its use. This information is subject to change at any time and no person has any responsibility to update any of the information provided in this material. Statements contained in this material that are not historical facts are based on current expectations, estimates, projections, opinions and beliefs of Monochrome. Such statements involve known and unknown risks, uncertainties and other factors, and undue reliance should not be placed thereon.

Any trademarks, logos, and service marks contained herein may be the registered and unregistered trademarks of their respective owners. This material and the information contained within it may not be reproduced, or disclosed, in whole or in part, without the prior written consent of Monochrome.

Get the latest Monochrome updates direct to your inbox.