How Australia’s Crypto Laws Shifted From Guidance to Court Penalties

In April 2023, Binance asked the Australian Securities and Investments Commission (ASIC) to cancel its own Australian Financial Services licence rather than face a suspension hearing. Two and a half years later, a Federal Court handed down a $10 million penalty against the same entity. That sequence captures the trajectory of crypto regulation in Australia with precision.

ASIC is no longer issuing guidance documents and hoping industry adapts. It is pursuing civil penalties in the Federal Court, winning them, and doing so against the world’s largest crypto exchange by trading volume. Simultaneously, the Corporations Amendment (Digital Assets Framework) Act 2026 received Royal Assent on 8 April 2026, giving the regulator a purpose-built legislative toolkit to match its enforcement appetite.

What follows explains the full picture: what Binance and Kraken actually did wrong, what the regulatory framework requires of crypto platforms operating in Australia, what the new legislative architecture looks like, and what Australian crypto users and industry participants should understand about where things head from here.

The Binance case shows exactly what “getting it wrong” looks like

This was not a borderline compliance failure. During the period between July 2022 and April 2023, more than 85% of Binance’s Australian client base was incorrectly categorised as wholesale clients rather than retail clients. The mechanism was systemic: the platform’s onboarding process allowed unlimited retakes of its Sophisticated Investor Test questionnaire, accepted self-declarations of “exempt public authority” status without verification, and operated under inadequate compliance oversight that failed to catch the cascading misclassifications.

In total, 524 retail investors were wrongly classified across five investor categories:

• 460 via the Sophisticated Investor Test
• 33 via the Individual Wealth Test
• 26 via the Professional Investor Test
• 4 via the Related Body Corporate Test
• 1 via the Large Business Test

The breadth of that breakdown matters. This was not a single test failing in a single way. It was five distinct classification pathways, all producing the same outcome: retail investors gaining access to high-risk derivative products without the consumer protections they were legally entitled to.

The financial harm was concrete. Those 524 misclassified clients suffered $8.66 million in trading losses and paid $3.89 million in fees, a combined $12 million in direct financial damage.

From quiz loopholes to a $10 million penalty

ASIC commenced a targeted review of Binance’s operations in December 2022. The licence was cancelled on 6 April 2023, after Binance itself requested cancellation rather than face a suspension hearing. Civil proceedings followed in December 2024, and the Federal Court delivered its penalty judgment in 2026.

Binance admitted all violations through a Statement of Agreed Facts. Justice Moshinsky imposed a $10 million penalty and directed Binance to contribute to ASIC’s legal costs. This came on top of $13.1 million in compensation ASIC had already supervised in 2023.

ASIC Chair Joe Longo characterised the case as a direct warning to international financial services firms operating in Australia, signalling that the regulator would hold global entities to the same compliance standards as domestic operators.

Kraken’s Federal Court loss set the precedent Binance had to reckon with

The Binance penalty did not arrive in isolation. Before it, ASIC pursued Bit Trade Pty Ltd, the Australian operator of the Kraken exchange, for failures in meeting design and distribution obligations (DDO) in relation to a margin trading product. The Federal Court ruled in ASIC’s favour (media release 24-186MR), establishing a precedent with direct consequences: Australian DDO rules apply to crypto derivative products.

That ruling removed the credible litigation defence available to any subsequent respondent arguing that crypto products sat outside existing regulatory frameworks. Once the Federal Court confirmed DDO obligations applied, Binance’s decision to submit a Statement of Agreed Facts rather than contest the charges became the strategically rational choice.

The two cases form a deliberate enforcement sequence:

1. Kraken (Bit Trade Pty Ltd): Federal Court ruled DDO obligations apply to crypto derivatives, establishing the legal precedent
2. Binance: Admitted wholesale client classification failures via agreed facts, received a $10 million penalty

ASIC has stated publicly that crypto-related financial services must comply with applicable laws from the outset of operations, not retroactively once enforcement proceedings commence. Two Federal Court wins in succession against two of the world’s largest exchanges make that position more than rhetorical. Australian crypto users should understand that platforms operating without adequate compliance infrastructure face real legal risk, which in turn creates counterparty risk for users holding funds on those platforms.

Federal Court civil penalties have become a consistent enforcement mechanism across Australian financial services, not a tool reserved for major international platforms: the $1.55 million penalty handed to Solvar subsidiary Money3 Loans in April 2026 for National Consumer Credit Act contraventions illustrates that ASIC deploys the same litigation pathway against domestic operators as it does against global exchanges.

What an AFS licence actually requires crypto platforms to do

The four specific obligations Binance admitted breaching are not abstract regulatory categories. Each exists as a consumer protection mechanism, and understanding what they require helps explain why the failures produced real financial harm.

The wholesale versus retail client distinction sits at the centre of all four failures. Wholesale clients are presumed to have the financial sophistication and resources to evaluate complex products independently. Retail clients receive additional protections, including PDSs, TMDs, and access to dispute resolution, precisely because they are presumed to need them. When Binance misclassified 85% of its client base as wholesale, it stripped those protections from investors who were legally entitled to them.

ASIC Information Sheet 225 provides guidance on when digital assets constitute financial products under Australian law, and the same wholesale client classification rules that Binance breached apply to all AFS-licensed financial services providers, not just crypto platforms.

ASIC Information Sheet 225 provides guidance on when digital assets constitute financial products under Australian law. The same wholesale client classification rules that Binance breached apply to all AFS-licensed financial services providers, not just crypto platforms.

What licence cancellation means in practice

Cancellation of an AFS licence does not immediately halt all operations, but it removes the legal basis for continuing to provide financial services to Australian clients. In Binance’s case, the sequence is instructive: ASIC supervised $13.1 million in compensation before the civil proceedings concluded, illustrating how the regulator can deploy multiple enforcement tools simultaneously rather than waiting for a single court process to resolve.

Australia now has purpose-built legislation for crypto platforms

Until April 2026, ASIC regulated crypto by applying existing financial services laws through analogy: if a digital asset looked like a financial product, it was treated as one under existing frameworks. The Corporations Amendment (Digital Assets Framework) Act 2026 changed that. For the first time, Australian law contains statutory categories designed specifically for crypto platforms.

The Act creates two new regulated categories:

• Digital Asset Platform (DAP): Covers centralised exchanges and trading platforms that facilitate buying, selling, and trading of digital assets
• Tokenised Custody Platform (TCP): Covers custodians holding digital assets on behalf of clients, with specific standards for asset safeguarding and disclosure

An 18-month transition period runs from Royal Assent (8 April 2026), meaning full compliance obligations for DAPs and TCPs are expected by approximately October 2027.

The transition is not open-ended. Under the updated INFO 225 (published 29 October 2025), ASIC granted a sector-wide no-action position running to 30 June 2026. That relief is limited to businesses operating prior to 4 December 2024, and firms must apply for a licence or notify ASIC within six months of the INFO 225 publication to access it.

Running parallel to the ASIC framework, AUSTRAC’s expansion to cover Virtual Asset Service Providers (VASPs) adds a second compliance track. Key dates are set out below.

The BPS Financial penalty of $14 million (Federal Court judgment 27 January 2026) for unlicensed crypto conduct provides an additional data point: enforcement is not pausing during the transition period.

The compliance-first approach is also visible in how newer market entrants are positioning themselves: Klevo Rewards engaged Band 2 Chambers-ranked digital assets lawyers to establish a stablecoin compliance framework before any product launch, a strategy that contrasts sharply with the reactive posture that cost Binance its licence and ultimately produced a $10 million penalty.

How Australia’s approach compares to the UK and Singapore

Australia’s enacted framework does not exist in isolation. Two comparable jurisdictions offer useful reference points for understanding where Australia sits on the regulatory spectrum.

Australia has moved ahead of the UK in terms of legislative certainty: the Corporations Amendment (Digital Assets Framework) Act 2026 is enacted law, while the FCA is still in consultation. Singapore’s regime predates Australia’s by nearly a year, with DTSP licensing enforced since June 2025 and higher barriers for new market entrants.

One boundary condition warrants attention. Australia’s current framework captures centralised exchanges and custodians but does not yet extend licensing requirements to decentralised protocols. Pure DeFi remains outside the licensing scope pending further review, a gap that both the UK and Singapore are also still working through. For global crypto platforms making jurisdictional licensing decisions, Australia’s combination of enacted legislation, active Federal Court enforcement, and a defined transition window positions it as a serious regulatory environment rather than a permissive one.

What this regulatory trajectory means for Australian crypto users

ASIC’s enforcement posture is not theoretical, and it is not slowing. Deputy Chair Sarah Court has described the regulator’s focus as deterring “cynical calculations” in which platforms weigh potential penalties against profits and conclude that non-compliance is commercially rational. The $10 million penalty against Binance, the $14 million penalty against BPS Financial, and the Kraken DDO ruling are designed to shift that calculation.

ASIC’s 2024-2025 priorities generated 84 additional investigations, and 2026 has been signalled as a year of further enforcement acceleration. For Australian crypto users, this enforcement pipeline creates a practical due diligence imperative.

Three questions are worth asking about any platform holding client funds:

1. Does the platform hold an Australian Financial Services Licence, or has it applied for one within the no-action relief window that expires 30 June 2026?
2. Has the platform provided a Product Disclosure Statement for any derivative or complex product it offers?
3. Does the platform maintain a compliant internal dispute resolution mechanism, connected to an external dispute resolution scheme?

ASIC Chair Joe Longo has called for a proactive “culture of compliance” across the financial services industry, signalling that the regulator expects firms to anticipate obligations rather than wait for enforcement to compel them.

A platform that loses its AFSL or faces civil penalty proceedings creates real uncertainty for users holding funds on that platform. These are not abstract compliance questions. They are practical due diligence for anyone with capital deployed on an Australian crypto exchange.

Australia’s crypto regulatory moment is here, and it has penalties attached

Australia has moved from regulatory analogy to purpose-built statute, from guidance documents to Federal Court penalties, and from warning to enforcement acceleration. The regulatory architecture now operates on two parallel tracks: AFSL-based licensing under the DAP and TCP framework (supervised by ASIC) running alongside AUSTRAC’s AML/CTF obligations for VASPs.

The 18-month transition period running to approximately October 2027 is the window in which the shape of Australia’s crypto industry will be determined. Platforms that engage constructively with ASIC and meet the new statutory requirements are positioned differently from those that do not. The enforcement record to date suggests the regulator intends to make that distinction material.

The regulatory clarity created by the Corporations Amendment (Digital Assets Framework) Act 2026 is already reshaping where capital flows within the sector: DigitalX’s $30 million pivot toward digital asset infrastructure, with specific focus on regtech and compliance platforms that generate recurring revenue, reflects a calculation that compliant infrastructure businesses are structurally better positioned than exchanges operating in regulatory grey zones.

Readers seeking to track the evolving framework should monitor ASIC’s media releases and INFO 225 updates directly, and verify whether platforms they use disclose their AFSL status and dispute resolution processes.

This article is for informational purposes only and should not be considered financial advice. Investors should conduct their own research and consult with financial professionals before making investment decisions.

Forward-looking statements regarding regulatory timelines and enforcement activity are subject to change based on legislative developments and regulatory priorities.