Regulatory Influencer: Australia Unveils Two Year Regulatory Reform Plan

In the realm of payment services, the Treasury has proposed a modernised, activity-based licensing framework for payment service providers (PSPs), ensuring that regulatory measures align with the evolving nature of payment systems. The reform will roll out in two tranches: the first tranche will focus on defining the regulatory perimeter and establishing core licensing obligations, while the second will expand the framework to include additional compliance and operational standards. 

An additional priority is the reduction of debit card surcharges, aiming to alleviate financial burdens on consumers and small businesses. This initiative is closely tied to the findings of Phase One of the Reserve Bank of Australia’s review of retail payment regulations. 

Together, these reforms are poised to modernise the financial ecosystem, strengthen consumer protections and promote fairer economic practices across Australia.

Why Should You Care?

The RIG report was created to provide the financial sector with greater transparency of the regulatory landscape by listing material reform priorities and initiatives earmarked over the next two years. Publishing these measures in a single source and in a consistent format gives stakeholders insight into the strategic direction of regulatory reform, whilst encouraging engagement between digital asset providers and relevant regulators, allowing market participants to have a say in regulatory developments. Additionally, the RIG report provides a clear outline of the regulatory direction from the present to the future. 

Digital asset providers and payment service providers (PSPs) should pay particular attention  to the proposed reforms under the Australian Government's RIG report, as these changes will significantly affect their operational and compliance frameworks. The potential obligations under these reforms are designed to create a robust regulatory environment that safeguards consumers, while fostering trust and innovation in the financial ecosystem.

Obligations under the digital asset reforms include:

• Licensing requirements: Digital asset platforms holding assets above specified thresholds (e.g., A$1,500 for individuals or A$5m in aggregate) will need to obtain an AFS License granted by Australian Securities and Investments Commission (ASIC). As of January 2025,  digital asset providers are only required to register with AUSTRAC, and following successful registration they are able to operate without a licensing framework. 
• Compliance obligations: At present, digital asset providers must only comply with anti-money laundering an counter-terrorism financing (AML/CTF) obligations (e.g., customer due diligence, submitting suspicious matter reports) under the Schedule 6 of the Anti-Money Laundering and Counter-Terrorism Financing Amendment bill 2024, which came into effect on December 10, 2024.  Under the proposed reforms, digital asset providers must adhere to general license obligations such as:

1. Operating efficiently, honestly and fairly.
2. Managing conflicts of interest.
3. Establishing robust dispute resolution systems.
4. Meeting financial solvency and reserve requirements.
5. Producing and maintaining detailed financial records.

• Specific digital asset standards: Platforms will need to meet unique obligations, including:

1. Developing standard-form contracts for platform users.
2. Implementing strict standards for token custody and software.
3. Monitoring and disrupting market misconduct.
4. Setting benchmarks for activities such as trading, staking, tokenisation and fundraising.

• Consumer protection and fraud prevention: Enhanced scrutiny of digital asset providers will ensure platforms provide accurate information to consumers. The framework encourages providers to look at who has control over the digital asset rather than who owns the asset. Safeguards will aim to reduce the risks of collapses or scams, ensuring the security of assets held on these platforms. At present, digital asset providers are obligated to comply with existing AML regulations to the extent that they involve the dealings of financial products or financial services. The consumer protection aspect included in the reform develops a more tailored approach in regulating digital asset platforms and making it specific to that sector.  

Obligations under the payment services modernisation reforms include:

• Licensing requirements: PSPs will need to comply with a modernised, activity-based licensing framework under AFS laws. Certain services (such as cross-border payments, payment initiation or facilitation services) will require authorisation as distinct payment functions, which could involve separate licensing for each activity they undertake. Overseas PSPs soliciting business in Australia will need to meet local licensing standards or obtain exemptions for regulated activities. Although there is a licensing framework currently in place, the authorisations do not specify what financial products and services a licensee can provide. As noted above, the regulatory reforms are moving towards a tailored approach to regulating service providers, allowing providers to seek out variation in AFS licence authorisations as they expand to offer more financial services and products. 
• Compliance obligations: PSPs must meet rigorous general obligations, including:

1. Payment initiation services and facilitation services must implement measures to secure customer funds and prevent fraud.
2. Payment technology and enablement services must ensure compliance with cybersecurity, data protection and payment integrity standards.
3. Obligations vary based on the PSP’s role, with higher scrutiny applied to functions involving fund possession.
4. Ensuring data security and operational resilience.
5. Offering dispute resolution mechanisms.

• Consumer protection measures: PSPs will face heightened obligations to safeguard consumer funds and privacy, ensure transparency in service offerings, and manage customer risks (e.g., fraud prevention and dispute resolution). PSPs must ensure transparency in product offerings, contracts and compliance with an updated ePayments Code. 
• Operational safeguards: For functions involving stored-value facilities or cross-border payments, PSPs must adopt robust mechanisms to handle idle balances and currency exchange risks. This reform is designed to steer away from the general application of the AML/CTF 2006 Act to all institutions that fit the definition of “‘financial services”’ or “‘financial products”’, and instead define the provisions of fraud prevention to tailor to these types of payments. 

When the reforms are in effect, failure to comply could lead to significant legal and operational risks, including penalties, loss of license or reputational damage.

Additionally, the RIG report highlighted reforms that are set to come into place. The Australian Competition and Consumer Commission (ACCC) will have expanded responsibilities as the primary enforcement body from January 1, 2026. Obligations for the ACCC under the government’s attempt to reduce debit card surcharges include:

• Enforcement actions: Utilise $2.1m in new funding to crack down on businesses that engage in illegal or unfair surcharging practices. Proactively monitor and penalise non-compliance, ensuring that businesses adhere to fair surcharging rules.
• Educational campaigns: Implement targeted educational initiatives to inform businesses of their obligations and consumers of their rights under the new framework.
• Collaboration with the Reserve Bank of Australia (RBA): Work alongside the RBA to provide input and enforce policies stemming from the review of merchant card payment costs.

Finally, businesses will also need to comply with reforms while balancing operational costs, through:

• Adopting cost-effective payment systems: Implement payment systems that align with the new rules, ensuring compliance without increasing operational expenses.
• Engaging with RBA consultations: Participate in RBA consultations to highlight the unique challenges faced by small businesses regarding payment costs and surcharges.

Next steps

To prepare for the proposed reforms, PSPs and digital asset providers can take the following proactive measures: 

• Review proposed obligations: Familiarise themselves with the licensing requirements and specific obligations outlined in the AFS framework and relevant reform documents. This includes general obligations, such as operating honestly and fairly; managing conflicts of interest; and ensuring financial solvency and specific requirements like token custody standards, dispute resolution systems and fraud prevention measures.
• Monitor updates: Stay informed about developments and consultation outcomes from the Australian Treasury, ACCC and RBA.
• Assess operational compliance: Review existing systems, processes and policies against the anticipated regulatory standards. Identify gaps in areas like custody solutions, transparency, cybersecurity and fraud prevention.
• Audit financial practices: Evaluate capital reserves, solvency and financial record-keeping to ensure compliance with the proposed obligations. Ensure customer funds are adequately protected.
• Implementing licensing standards: Begin preparations for obtaining an AFS licence if required, including gathering necessary documentation. Ensure systems can meet the operational and reporting requirements tied to the AFS licence framework.
• Improve transparency: Establish robust customer communication protocols to ensure users are well-informed about risks and rights.
• Implement dispute resolution: Create or upgrade a dispute resolution system that complies with regulatory expectations and ensures swift resolution of customer issues.

With the RIG report, the government aims to support more effective engagement between the sector and regulators. The layout of reforms provides clarity in identifying common challenges and risks, and collaborating on priorities. It also supports change management in the financial sector, helping reporting entities to plan and reduce costs of engaging with proposed reforms and regulatory efforts. Through the publication of report, entities are better equipped to manage the changes in the regulatory landscape and minimise negative impacts on their organisations. 

Stakeholder feedback on the RIG report’s design is welcome. Please send your feedback to RIG@Treasury.gov.au. Please indicate in your response whether you agree/do not agree to share the personal data contained in your response (for example, your name and email address) with contributing agencies. Treasury intends to use stakeholder feedback to inform the RIG’s ongoing design and administration.

The Treasury plans to publish the first RIG report update in September 2025. After this, the RIG report will be published twice a year (March and September).