Australia has taken a decisive step in bringing digital assets into the mainstream of its financial system.
The passage of the Corporations Amendment (Digital Assets Framework) Bill 2025 marks a shift away from years of uncertainty, case-by-case interpretation, and regulatory fragmentation. For an industry that has operated in a grey zone, often navigating guidance, enforcement action, and evolving interpretations, this represents a clear move toward structure.
But while the legislation provides a foundation and some consumer protections, it does not simplify the landscape entirely. In many respects, it reshapes the questions rather than removing them.
What emerges is not just a regulatory milestone, but the beginning of a more nuanced phase, one where legal classification, technical architecture, and commercial design intersect in new ways.
What Has Changed
At its core, the new framework brings certain digital asset activities within the existing financial services regime.
Rather than attempting to define and regulate every form of digital asset, the legislation focuses on platforms and custody-style arrangements, specifically Digital Asset Platforms (DAPs) and Tokenised Custody Platforms (TCPs). These are now treated as financial products, meaning operators will need to consider Australian Financial Services Licence (AFSL) requirements, alongside the broader obligations that come with participating in the financial system.
This is a deliberate policy choice. Instead of building an entirely separate regime for digital assets, the law integrates key parts of the ecosystem into the existing regulatory architecture.
As Chris Frankish, Financial Services Partner at Madison Marcus, notes:
“Digital assets have, for some time, sat in an uncertain position, economically significant, but not always clearly captured within the legal framework. What this legislation does is bring these parts into alignment with the broader financial system, which is a critical step for long-term participation.”
The result is a clearer perimeter around certain business models, particularly those involving the holding or control of assets on behalf of clients.
Why This Matters
The importance of the framework lies less in the technical definitions and more in what it signals.
For digital asset businesses, it provides a pathway toward legitimacy. For financial institutions, it provides some comfort and reduces the friction that has historically made engagement with the sector difficult. And for the broader market, it introduces a level of consistency in how risk, custody, and consumer protection are approached.
Importantly, this is not simply about cryptocurrency exchanges. The framework has direct implications for tokenisation, custody infrastructure, and the emerging convergence between traditional financial assets and blockchain-based systems.
As Mark Monfort, Head of AI & Technology at Madison Marcus and leader of the Australian Blockchain and AI Network, explains:
“What’s often misunderstood is that this isn’t just about ‘crypto’. It’s about how financial infrastructure is evolving. Tokenisation, custody, and settlement are becoming programmable, and this framework is an early step in bringing that into the regulated system.”
In that sense, the legislation is as much about the future of financial services as it is about digital assets themselves.
The Real Fault Lines
While the framework introduces clarity in some areas, it also surfaces a set of more complex questions that businesses will now need to navigate.
A key issue is the concept of control, particularly what it means to hold or control digital assets “for or on behalf of” another person. This distinction becomes critical in determining whether a business falls within the scope of a regulated platform or remains a technology provider.
For infrastructure providers, wallet developers, and firms using multi-party computation or distributed custody models, the difference between enabling control and exercising it is not just technical, it is regulatory.
Mark Monfort highlights this tension:
“The challenge now is not just compliance, it’s architecture. Businesses need to be very clear on whether they are actually controlling assets, or simply enabling systems that do. That distinction will define how they are regulated.”
There are also broader considerations around how the regime interacts with existing financial services laws. Questions remain around potential overlap, classification boundaries, and how different types of digital assets or tokenised structures will be treated in practice.
In addition, the framework grants a degree of flexibility to regulators and policymakers to expand or refine its scope over time. While this allows the regime to evolve alongside technology, it also introduces an element of uncertainty as to how those powers will be exercised.
For smaller or emerging businesses, the move toward licensing and compliance may present new challenges. However, this should not be viewed solely as a barrier.
As Chris Frankish notes:
“Any shift toward a more formal regulatory framework brings additional obligations, and that can be challenging for smaller operators. But it also creates a more credible and stable environment, which ultimately supports sustainable growth and broader participation.”
Tokenisation and the Next Phase of Financial Services
One of the most significant implications of the framework is its relevance to tokenisation.
Tokenised custody platforms, in particular, point toward a future where real-world assets, such as bonds, funds, or other financial instruments, are represented and managed on digital infrastructure.
This is not a theoretical development. It reflects a broader shift toward the digitisation and programmability of financial assets, where ownership, transfer, and settlement can be embedded directly into systems.
Mark Monfort expands on this trajectory:
“The next phase is composability, where payments, assets, and settlement start to converge. The businesses that succeed will be those that design their systems with that in mind from the outset, rather than trying to retrofit compliance later.”
For financial services clients, this creates both an opportunity and a strategic consideration. The question is no longer whether digital assets will intersect with traditional finance, but how and when.
What Businesses Should Be Doing Now
With the framework now in place and the countdown to commencement started, the focus shifts from interpretation to execution.
Businesses operating in or adjacent to the digital asset space should be taking practical steps to understand how the regime applies to them.
This includes mapping their business models against the definitions of DAPs and TCPs, and assessing whether they hold or control assets on behalf of clients in a way that triggers licensing requirements.
Custody arrangements, particularly those involving shared control, third-party infrastructure, or novel technical models, should be reviewed carefully. The legal characterisation of these arrangements will be central to determining regulatory obligations.
At the same time, organisations should consider their broader compliance posture, including AML/CTF obligations, privacy obligations, and the upcoming implementation of the Travel Rule, which will introduce additional requirements around transaction monitoring and counterparty information.
More broadly, businesses should be thinking about how their technology and legal structures align. In a space where architecture and regulation are increasingly intertwined, design decisions made today will have lasting implications.
From Debate to Execution
For years, the digital asset conversation in Australia has been shaped by uncertainty, by questions of classification, jurisdiction, and regulatory intent.
The passage of this framework signals a shift. It does not answer every question, nor does it remove all complexity. But it provides a clearer starting point.
The next phase will be defined not by debate, but by execution.
Businesses that take the time to understand where they sit within the new perimeter, and how their models interact with it, will be better positioned to navigate what comes next.
And for the broader financial system, this marks an important step toward integrating digital assets not as an outlier, but as part of its evolving core.
Mark Monfort: Head of AI & Technology
Mark leads Madison Marcus’ AI and technology strategy, focusing on the practical application of AI within legal and professional services. He works closely with partners and clients to design and deploy systems that improve how work is performed, from automating workflows to building private, secure AI environments.
He also advises clients across various sectors on how to better leverage data and emerging technologies to drive more informed decision-making and operational efficiency.
Christopher Frankish: Partner, Financial Services & Compliance
Christopher is a highly accomplished financial services lawyer with expertise in governance, regulation, insurance, superannuation and dispute resolution. With over a decade of experience, he has led legal teams and major regulatory projects, including work arising from the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry.
CONTACT CHRISTOPHER
