27/10/2020

Global Legal Insights provides an overview of current legal issues, providing expert legal analysis and policy updates from the world’s leading lawyers.

Blockchain & Cryptocurrency Regulation 2021 covers government attitude, cryptocurrency regulation, sales regulation, taxation, money transmission, anti-money laundering, promotion, ownership and licensing, and mining insights with respect to blockchain and cryptocurrency.

The Australia chapter is set out in full below.

Government attitude and definition

The developments in the local financial technology (fintech) landscape have propelled Australia as a leader in this sector. Australia is generally perceived to be a stable jurisdiction that is relatively fintech-friendly and this perception has been facilitated by a broad range of product offerings from the Australian fintech community and the commitment to facilitate growth and innovation in the sector by the Commonwealth Government of Australia (Government). While there has been increased regulatory involvement particularly following the completion of the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry in 2019 (Royal Commission), fintechs have seen a unique opportunity to develop and position themselves in Australia’s economy. In part, the expansion of the sector in Australia has been led by businesses in the payments, lending, investment and custodial services spaces.

To date, the Government has taken a largely non-interventionist approach to the regulation of cryptocurrency, allowing the landscape to evolve at a faster rate than its regulatory response. Australian law does not currently equate digital currency with fiat currency and does not treat cryptocurrency as “money”.

The Governor of the Reserve Bank of Australia (RBA), Australia’s central bank, has confirmed that the RBA has no immediate plans to issue a digital dollar akin to money.  Terming it an “eAUD”, the Governor noted that the rise of new technology associated with cryptocurrencies has the capacity to challenge the role of traditional financial institutions with regard to payments, but that there is currently no public policy case for the RBA  to issue an eAUD. Despite this, the Governor indicated that the RBA remains open to considering wholesale applications for a digital Australian dollar and would be continuing to research this area with ongoing studies of the use of a central bank-issued digital dollar in relation to settlement arrangements.

While the Government has not significantly intervened in cryptocurrencies and related activities, there has been general clarification of the application of Australian regulatory regimes to the sector. For example, the Government passed the Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2017 (AML/CTF Amendment Act), which brought cryptocurrencies and tokens within the scope of Australia’s anti-money laundering regime. This recognised the movement towards digital currencies becoming a popular method of paying for goods and services and transferring value in the Australian economy, but also posing significant money laundering and terrorism financing risks.

Cryptocurrency regulation

While there have been legislative amendments to accommodate the use of cryptocurrencies, these have predominantly focused on the transactional relationships  (e.g.,  the issuing and exchanging process) and activities involving cryptocurrencies, rather than the cryptocurrencies themselves.

Australia’s primary corporate, markets, consumer credit and financial services regulator,  the Australian Securities and Investments Commission (ASIC), has reaffirmed the view that legislative obligations and regulatory requirements are technology-neutral and apply irrespective of the mode of technology that is being used to provide a regulated service. While there has been no legislation created to deal with cryptocurrencies as a discrete area of law, this does not hinder them from being captured within existing regimes under Australian law.

ASIC’s regulatory guidance informs businesses of ASIC’s approach to the legal status of coins (or tokens). The legal status of such coins is dependent on how they are structured and the rights attached, which ultimately determines the regulations with which an entity must comply. For example:

  • Cryptocurrency that is characterised as a financial product under the Corporations  Act 2001 (Cth) (Corporations Act) will fall within the scope of Australia’s existing financial services regulatory regime. This is discussed in more detail under “Sales regulation” below.
  • There has also been a proliferation of lending activities in relation to cryptocurrency. To the extent these lending activities fall within the scope of the credit activities and services caught under the National Credit Consumer Protection Act 2009 (Cth) (NCCP Act), the relevant entities may need to hold an Australian credit licence or be otherwise exempt from the requirement to be licensed.

There are currently no specific regulations dealing with blockchain or other distributed ledger technology (DLT) in Australia. However, in March 2017, ASIC released an information sheet (INFO 219 Evaluating distributed ledger technology) outlining its approach to the regulatory issues that may rise through the implementation of blockchain technology and DLT  solutions more generally.  Businesses considering operating market infrastructure,  or providing financial or consumer credit services using DLT, will still be subject to the compliance requirements that currently exist under the applicable licensing regime. There is a general obligation that entities relying on technology in connection with the provision of a regulated service must have the necessary organisational competence and adequate technological resources and risk-management plans in place. While the existing regulatory framework is sufficient to accommodate current implementations of DLT, as the technology matures, additional regulatory considerations will arise.

Various cryptocurrency networks have also implemented “smart” or self-executing contracts. These are permitted in Australia under the Electronic Transactions Act 1999 (Cth) (ETA) and the equivalent Australian state and territory legislation. The ETA provides a legal framework to enable electronic commerce to operate in the same way as paper-based transactions. Under the ETA, self-executing contracts are permitted in Australia, provided they meet all the traditional elements of a legal contract.

Sales regulation

The sale of cryptocurrency and other digital assets is regulated by Australia’s existing financial services regulatory regime. Core considerations for issuers are outlined below.

Licensing

Of particular concern to those dealing with cryptocurrencies is whether a cryptocurrency (including those offered during an initial coin offering (ICO)) constitutes a financial product and therefore triggers financial services licensing and disclosure requirements. Entities carrying on a financial services business in Australia must hold an Australian financial services licence (AFSL) or be exempt. The definitions of “financial product” or “financial service” under the Corporations Act are broad and ASIC has indicated in its information sheet, INFO 225 Initial coin offerings (INFO 225), that cryptocurrency with similar features to existing financial products or securities will trigger the relevant regulatory obligations.

In INFO 225, ASIC indicated that the legal status of cryptocurrency is dependent upon the structure of the ICO and the rights attaching to the coins or tokens. ASIC has also indicated that what is a right should be interpreted broadly. Depending on the circumstances, coins or tokens may constitute interests in managed investment schemes (collective investment vehicles), securities, derivatives, or fall into a category of more generally defined financial products, all of which are subject to the Australian financial services regulatory regime. In INFO 225, ASIC has provided high-level regulatory signposts for crypto-asset participants to determine whether they have legal and regulatory obligations. These signposts are relevant to crypto-asset issuers, crypto-asset intermediaries, miners and transaction processors, crypto-asset exchanges and trading platforms, crypto-asset payment and merchant service providers, wallet providers and custody service providers, and consumers.

Broadly, entities offering coins or tokens that can be classified as financial products will need to comply with the regulatory requirements under the Corporations Act which generally include disclosure, registration, licensing and conduct obligations. An entity that facilitates payments by cryptocurrencies may also be required to hold an AFSL and the operator of a cryptocurrency exchange may be required to hold an Australian market licence if the coins or tokens traded on the exchange constitute financial products.

Generally, ASIC’s regulatory guidance is consistent with the position of regulators in other jurisdictions. ASIC has also recommended that companies wishing to conduct an ICO or other token sale seek professional advice, including legal advice, and contact its Innovation Hub (discussed in detail below, “Promotion and testing”) for informal assistance. This reflects its willingness to build greater investor confidence around cryptocurrency as an asset class.  However, ASIC has emphasised consumer protection and compliance with the relevant laws and has taken action as a result to stop proposed ICOs targeting retail investors due to issues with disclosure and promotional materials (the requirements of which are discussed below) as well as offerings of financial products without an AFSL.

In 2019, the Treasury consulted on ICOs and the relevant regulatory frameworks in

Australia; however, no outcomes of this consultation have been reported to date.

Marketing

ASIC’s recognition that a token sale may involve an offer of financial products has clear implications for the marketing of the token sale. For example, an offer of a financial product to a retail client (with some exceptions) must be accompanied by a regulated disclosure document (e.g., a product disclosure statement or a prospectus and a financial services guide) that satisfies the content requirements of the Corporations Act and regulatory guidance published by ASIC. Such a disclosure document must set out prescribed information, including the provider’s fee structure, to assist a client to decide whether to acquire the cryptocurrency from the provider. In some instances, the marketing activity itself may cause the token sale to be an offer of a regulated financial product.

Under the Corporations Act, depending on the minimum amount of funds invested per investor and whether the investor is a “sophisticated investor” or wholesale client, an offer of financial products may not require regulated disclosure.

Cross-border issues

Carrying on a financial services business in Australia will require a foreign financial services provider (FFSP) to hold an AFSL, unless relief is granted. Entities, including FFSPs, should note that the Corporations Act may apply to an ICO or token sale regardless of whether it was created and offered from Australia or overseas. Currently, Australia has a foreign AFSL (FAFSL) regime for FFSPs regulated in certain jurisdictions that enables FFSPs regulated in those jurisdictions to provide financial services in Australia without holding an AFSL. To be eligible, the FFSP must be authorised under an overseas regulatory regime that ASIC has assessed as sufficiently equivalent to the Australian regulatory regime (currently including Denmark, France, Germany, Hong Kong, Luxembourg, Ontario in Canada, Singapore, Sweden, the United Kingdom, and the United States of America). However, holding a FAFSL will only cover the provision of services to wholesale clients (similar to the concept of an accredited investor under US law), and the FFSP must only provide the services it is authorised to provide in its home jurisdiction. The FAFSL regime replaces the previous passporting arrangements Australia had in place (though FFSPs already relying on passport relief may do so until 31 March 2022).

Foreign companies taken to be carrying on a business in Australia, including by issuing cryptocurrency or operating a platform developed using ICO proceeds, may be required to either establish a local presence (i.e., register with ASIC and create a branch) or incorporate a subsidiary. Broadly, the greater the level of system, repetition or continuity associated with an entity’s business activities in Australia, the greater the likelihood that registration will be required. Generally, a company holding an AFSL will be carrying on a business in Australia and will trigger the requirement.

Promoters should also be aware that if they wish to market their cryptocurrency to Australian residents, and the coins or tokens are considered a financial product under the Corporations Act, they will not be permitted to market the products unless the requisite licensing and disclosure requirements are met. Generally, a service provider from outside of Australia may respond to requests for information and issue products to an Australian resident if the resident makes the first (unsolicited) approach and there has been no conduct on the part of the issuer designed to induce the investor to make contact, or activities that could be misconstrued as the provider inducing the investor to make contact.

Design and distribution obligations and product intervention powers

The Treasury Laws Amendment (Design and Distribution Obligations and Product Intervention Powers) Act 2019 (Cth) (DDO PIP Act) and Corporations Amendment (Design and Distribution Obligations and Product Intervention Powers) Regulations 2018 may also impact the way cryptocurrencies are structured and token sales are conducted in the future. The DDO PIP Act introduces new design and distribution obligations in relation to financial products and provides ASIC with temporary product intervention powers where there is a risk of significant consumer detriment. The new arrangements aim to ensure  that financial products are targeted at the correct category of potential investors. ASIC  has released regulatory guidance on its product intervention powers, stating that the power enables ASIC to address market-wide problems or specific business models and deal with “first mover” issues causing consumer detriment. The power covers financial products under the Corporations Act and Australian Securities and Investments Commission Act 2001 (Cth) (ASIC Act) and credit products under the NCCP Act. These powers are highly likely to impact marketing and distribution practices in the cryptocurrency sector where cryptocurrencies fall within the remit of the powers.

Consumer law

Even if a token sale is not regulated under the Corporations Act, it may still be subject to other regulation and laws, including the Australian Consumer Law set out at Schedule 2 to the Competition and Consumer Act 2010 (Cth) (ACL) relating to the offer of services or products to Australian consumers. The ACL prohibits misleading or deceptive conduct in a range of circumstances, including in the context of marketing and advertising. As such, care must be taken in token sale promotional material to ensure that buyers are not misled or deceived and that the promotional material does not contain false information. In addition, promoters and sellers are prohibited from engaging in unconscionable conduct and must ensure the coins or tokens issued are fit for their intended purpose.

The protections of the ACL are generally reflected in the ASIC Act, providing substantially similar protection to investors in financial products or services.

ASIC has also received delegated powers from the Australian Competition and Consumer Commission to enable it to take action against misleading or deceptive conduct in marketing or issuing token sales (regardless of whether it involves a financial product). ASIC has indicated misleading or deceptive conduct in relation to token sales may include:

  • using social media to create the appearance of greater levels of public interest;
  • creating the appearance of greater levels of buying and selling activity for a token  sale or a crypto-asset by engaging in (or arranging for others to engage in) certain trading strategies;
  • failing to disclose appropriate information about the token sale; or
  • suggesting that the token sale is a regulated product or endorsed by a regulator when it is not.

ASIC has stated that it will use this power to issue further inquiries into token issuers and their advisers to identify potentially unlicensed and misleading conduct.

A range of consequences may apply for failing to comply with the ACL or the ASIC Act, including monetary penalties, injunctions, compensatory damages and costs orders.

Taxation

The taxation of cryptocurrency in Australia has been an area of much debate, despite recent attempts by the Australian Taxation Office (ATO) to clarify the operation of the tax law. For income tax purposes, the ATO views cryptocurrency as an asset that is held or traded (rather than as money or a foreign currency).

Holders of cryptocurrencies

The tax implications for holders of cryptocurrency depends on the purpose for which the cryptocurrency is acquired or held. The summary below applies to holders who are Australian residents for tax purposes.

If a holder of cryptocurrency is carrying on a business that involves transacting in a cryptocurrency, the cryptocurrency will be held as trading stock.   Gains on the sale of the cryptocurrency will be assessable and losses will be deductible (subject to integrity measures and “non-commercial loss” rules). Examples of relevant businesses include cryptocurrency trading and cryptocurrency mining businesses

Whether or not a taxpayer’s activities amount to carrying on a business is a question of fact and degree, and is ultimately determined by weighing up the taxpayer’s individual facts and circumstances. Generally (but not exclusively), where the activities are undertaken for a profit-making purpose, are repetitious, involve ongoing effort, and include business documentation, the activities would amount to the carrying on of a business.

Even if a holder of cryptocurrency did not invest or acquire the cryptocurrency in the ordinary course of carrying on a business, profits or gains from an “isolated transaction” involving the sale or disposal of cryptocurrency may still be assessable where the transaction was entered into with a purpose or intention of making a profit, and the transaction was part of a business operation or commercial transaction.

If cryptocurrency is not acquired or held in the course of carrying on a business, or as part of an isolated transaction with a profit-making intention, a profit on sale or disposal should be a capital gain. In this regard, the ATO has indicated that cryptocurrency is a capital gains tax (CGT) asset. Capital gains may be discounted under the CGT discount provisions, so long as the taxpayer satisfies the conditions for the discount (that is, the cryptocurrency is held for at least 12 months before it is disposed of ).

Although cryptocurrency may be a CGT asset, a capital gain arising on its disposal may be disregarded if the cryptocurrency is a “personal use asset” and it was acquired for A$10,000 or less. Capital losses made on cryptocurrencies that are personal use assets are also disregarded. Cryptocurrency will be a personal use asset if it was acquired and used within a short period of time for personal use or consumption (that is, to buy goods or services).

Note that the ATO’s views on the income tax implications of transactions involving cryptocurrencies is in a state of flux due to the rapid evolution of both cryptocurrency technology and its uses.

Issuers of cryptocurrencies

In the context of an ICO, a coin issuance by an entity that is either an Australian tax resident, or acting through an Australian “permanent establishment”, may be assessable in Australia. The current corporate tax rate in Australia is either 26% or 30%. However, if the issued coins are characterised as equity for tax purposes or are issued in respect of a borrowing of money, the ICO proceeds may not be assessable to the issuer.

Australian Goods and Services Tax (GST)

Supplies and acquisitions of digital currency made from 1 July 2017 are not subject to GST on the basis that they will be input-taxed financial supplies. Consequently, suppliers of digital currency will not be required to charge GST on these supplies, and a purchaser would prima facie not be entitled to GST refunds (i.e., input tax credits) for these corresponding acquisitions. On the basis that digital currency is a method of payment, as an alternative to money, the normal GST rules apply to the payment or receipt of digital currency for goods and services.

The term “digital currency” in the GST legislation requires that it is a digital unit of value

that has all the following characteristics:

  • it is fungible and can be provided as payment for any type of purchase;
  • it is generally available to the public free of any substantial restrictions;
  • it is not denominated in any country’s currency;
  • the value is not derived from or dependent on anything else; and
  • it does not give an entitlement or privileges to receive something else.

In relation to a holder carrying on a business of cryptocurrency mining, whether or not GST is payable by the miner on its supply of new cryptocurrency depends on a number of factors, including its specific features, whether the miner is registered for GST, and whether the supply is made in the course of the miner’s enterprise.

The specific features of cryptocurrency include it: being a type of security or other derivative; being “digital currency” as defined in the GST legislation; or providing a right or entitlement to goods or services. If the cryptocurrency is “digital currency”, its supply will not be subject to any GST because it will be an input-taxed financial supply (assuming the other requirements are satisfied).

A cryptocurrency miner would generally be required to register for GST if its annual GST turnover is A$75,000 or more, excluding the value of its supplies of digital currencies and other input-taxed supplies. However, a miner who does not satisfy this GST registration threshold may nevertheless elect to register for GST in order to claim from the ATO full input tax credits (i.e., GST refunds) for the GST cost of its business acquisitions (but acquisitions that relate to the sales or acquisitions of digital currencies are prima facie non- creditable or non-refundable).

Enforcement

The ATO has created a specialist task force to tackle cryptocurrency tax evasion. The ATO also collects bulk records from Australian cryptocurrency designated service providers to conduct data matching to ensure that cryptocurrency users are paying the right amount of tax. With the broader regulatory trend around the globe moving from guidance to enforcement, it is likely that the ATO will also begin enforcing tax liabilities more aggressively.

Money transmission laws and anti-money laundering requirements

In 2017, the Government passed the AML/CTF Amendment Act, which brought cryptocurrencies and tokens within the scope of Australia’s anti-money laundering and counter-terrorism financing (AML/CTF) regulatory framework. The amendments came into force on 3 April 2018 and focus on the point of intersection between cryptocurrencies and the regulated financial sector, namely digital currency exchanges (DCEs).

Broadly, DCE providers are now required to register with the Australian Transaction Reports and Analysis Centre (AUSTRAC) to operate, with a penalty of up to two years’ imprisonment or a fine of up to A$111,000, or both, for failing to register. Registered exchanges will be required to implement know-your-customer processes to adequately verify the identity of their customers, with ongoing obligations to monitor and report suspicious and large transactions. Exchange operators are also required to keep certain records relating to customer identification and transactions for up to seven years.

Promotion and testing

Regulators in Australia have generally been receptive to fintech and innovation and have sought to improve their understanding of, and engagement with, businesses by regularly consulting with industry on proposed regulatory changes. While there are no programmes specifically promoting research and investment in cryptocurrency, both ASIC and AUSTRAC have established Innovation Hubs designed to assist fintech businesses more broadly in understanding their obligations under Australian law. ASIC has also entered into a number of cooperation agreements with overseas regulators, which aim to further understand the approach of fintech businesses in other jurisdictions (as discussed below).

ASIC Innovation Hub

The ASIC Innovation Hub is designed to foster innovation that could benefit consumers by helping Australian fintech start-ups navigate the Australian regulatory system. The Innovation Hub provides tailored information and access to informal assistance intended to streamline the AFSL process for innovative fintech start-ups, which could include cryptocurrency-related businesses.

In December 2016, ASIC made certain class orders establishing a fintech licensing exemption allowing fintech businesses to test certain financial services, financial products and credit activities without holding an AFSL or Australian credit licence by relying on the class orders (referred to as the regulatory sandbox). There are strict eligibility requirements for both the type of businesses that can enter the regulatory sandbox and the products and services that qualify for the licensing exemption. There are restrictions on how many persons can be provided with a financial product or service, and caps on the value of the financial products or services that can be provided.

In 2020, the Government introduced an “enhanced regulatory sandbox”, which expands the scope of ASIC’s regulatory sandbox to test a broader range of financial services and credit activities for up to 24 months. This is intended to better support innovation in the sector. The enhanced regulatory sandbox has two eligibility tests that must be satisfied and there are caps on the value of financial services and exposure provided.

Cross-border business

Beyond this, ASIC has engaged with regulators overseas to deepen its understanding of innovation in financial services, including in relation to cryptocurrencies. In particular, ASIC and the United Kingdom’s Financial Conduct Authority have signed an Enhanced Cooperation Agreement, which allows the two regulators to, among other things, information-share, refer innovative businesses to each regulator’s respective regulatory sandbox, and conduct joint policy work. ASIC also currently has either information- sharing or cooperation agreements with regulators in jurisdictions such as Canada, Hong Kong, Indonesia, Kenya and Singapore. These arrangements facilitate the cross-sharing of information on fintech market trends, encourage referrals of fintech companies and share insights from proofs of concepts and innovation competitions.

ASIC is also a signatory to the IOSCO Multilateral Memorandum of Understanding, which has committed over 100 regulators to mutually assist and cooperate with each other, particularly in relation to the enforcement of securities laws.

ASIC has committed to supporting financial innovation in the interests of consumers by joining the Global Financial Innovation Network (GFIN), which was formally launched in January 2019 by a group of financial regulators across 29 member organisations. The GFIN is dedicated to facilitating regulatory collaboration in a cross-border context and provides more efficient means for innovative businesses to interact with regulators.

In 2019, a group of fintech associations formed the Asia-Pacific  FinTech  Network,  which is designed to facilitate greater collaboration, cooperation and innovation across the region. The network will focus on sectors including RegTech, Blockchain, Payment Systems, Artificial Intelligence and Financial Inclusion and is expected to accelerate fintech development and lower financial costs both domestically and internationally.

AUSTRAC Innovation Hub

AUSTRAC’s Fintel Alliance is a private-public partnership seeking to develop “smarter regulation”. This includes setting up an innovation hub targeted at improving the fintech sector’s relationship with the Government and regulators. The hub will provide a regulatory sandbox for fintech businesses to test financial products and services without risking regulatory action or costs.

Ownership and licensing requirements

At the time of writing, there are currently no explicit restrictions on investment managers owning cryptocurrencies for investment purposes. However, investment managers may be subject to Australia’s financial services regulatory regime where the cryptocurrencies held are deemed to be “financial products” and the investment managers’ activities in relation to those cryptocurrencies are deemed to be the provision of financial services.

For example, investment managers providing investment advice on cryptocurrencies held that are financial products will be providing financial product advice under the Corporations Act and must hold an AFSL or otherwise be exempt from the requirement to be licensed. ASIC has provided significant guidance in relation to complying with the relevant advice, conduct and disclosure obligations, as well as the conflicted remuneration provisions under the Corporations Act. Further, investment managers may be required to hold an AFSL with a custodial or depository authorisation or be exempt from this requirement if investment managers wish to custody cryptocurrencies that are financial products on behalf of clients.

Australia has also seen a rapidly rising interest in robo-advice or digital advice models. The provision of robo-advice is where algorithms and technology provide automated financial product advice without a human advisor. For investment or fund businesses seeking to operate in Australia by providing digital or hybrid advice (including with respect to investing in cryptocurrencies), there are licensing requirements under the Corporations Act. ASIC has released Regulatory Guide 255: Providing digital financial product advice to retail clients, which details issues that digital advice providers need to consider generally, during the AFSL application stage and when providing digital financial product advice to retail clients. It is intended to complement ASIC’s existing guidance including Regulatory Guide 36: Licensing: Financial product advice and dealing. Financial product advisers also need to consider their conduct and disclosure obligations. ASIC has released Regulatory Guide 175: Licensing: Financial product adviser – conduct and disclosure with respect to this.

Mining

At the time of writing, there are no prohibitions on mining Bitcoin or other cryptocurrencies in Australia.

Cryptocurrency mining taxation

As above, the taxation of cryptocurrency and associated activities in Australia has been an area of much debate, and this has extended to taxation relating to mining cryptocurrency. See “Taxation” above for further information.

Cybersecurity

More generally, with the rise of cloud-based Bitcoin mining enterprises in Australia, mining businesses should carefully consider cybersecurity issues in relation to mining activities.

In its Corporate Plan 2020 to 2024, ASIC stated that a key priority was to improve management of key risks and that, partly as a result of the COVID-19 pandemic, entities “without appropriate systems in place are increasingly vulnerable to cyber attacks, data breaches, technology failures and system outages”. CERT Australia (now part of the Australian Cyber Security Centre) noted that there has been an increase in cryptomining malware affecting businesses’ resources and processing capacity.

ASIC has also released regulatory guidance to help firms improve their cyber resilience, including reports, articles and practice guides. Most recently, ASIC has released Report 651 Cyber Resilience of firms in Australia’s financial markets: 2018–19, which identifies key trends in cyber resilience practices and highlights existing good practices and areas for improvement. ASIC has previously provided two reports, namely Report 429 Cyber resilience: Health check and Report 555 Cyber resilience of firms in Australia’s financial markets, which examine and provide examples of good practices identified across the financial services industry. The reports contain questions that board members and senior management of financial organisations should ask when considering cyber resilience.

Border restrictions and declaration

There are currently no border restrictions or obligations to declare cryptocurrency holdings when entering or leaving Australia.

The Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act) mandates that both individuals and businesses must submit reports where physical currency in excess of A$10,000 (or foreign currency equivalent) is brought into or taken out of Australia. This requirement is restricted to “physical currency”, which AUSTRAC has defined as being any coin or printed note of Australia or a foreign country that is designated as legal tender, and is circulated, customarily used and accepted as a medium of exchange in the country of issue. Although market commentary indicates that some governments have created or are attempting to issue official cryptocurrencies, the intangible nature of cryptocurrency remains a bar to cryptocurrency being captured by declaration obligations under the AML/CTF Act for the time being.

It should be noted that the AML/CTF Act was amended to address some aspects of cryptocurrency transfer and exchange; however, this amendment did not see the scope of AML/CTF regulation widen the border restrictions. At the time of writing, there appears to be no indication that any such further amendment to include border restrictions is being contemplated.

Reporting requirements

The AML/CTF Act imposes obligations on entities that provide certain “designated services” with an Australian connection. Generally, the AML/CTF Act applies to any entity that engages in financial services or credit (consumer or business) activities in Australia, including the provision of DCE services. These obligations include record-keeping and reporting requirements.

For example, the AML/CTF Rules outline reportable details for matters including, but not limited to, threshold transaction reports (TTRs). TTRs will be required to be submitted where transactions over A$10,000 have occurred. Reportable information includes, among other details, the denomination or code of the digital currency and the value of digital currency expressed in Australian dollars (if known), a description of the digital currency including details of the backing asset or thing (if known), the Internet Protocol address information, email address, mobile phone and social media identifiers of the payee and recipient, name of the recipient, address and date of birth of the recipient (if known), and the unique identifiers relating to the digital currency wallet of the payee and recipient as well as the unique device identifiers of the payee and recipient.

In April 2016, the Report on the Statutory Review of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 and Associated Rules and Regulations (AML/ CTF Report), which contained 84 recommendations to improve Australia’s AML/CTF regime, was released. The AML/CTF Report contemplated two phases of consultation and implementation, with Phase 1 including priority projects completed in 2017, while Phase  2 progresses major, long-term reforms. These reforms should, among other things, clarify record-keeping requirements and reporting obligations for reporting entities.

Estate planning and testamentary succession

To date, there has been no explicit regulation or case law surrounding the treatment of cryptocurrency in Australian succession law. Generally, if estate plans do not cater for the specific nature of cryptocurrency and steps are not taken to ensure executors can access a deceased’s cryptocurrency (e.g., by accessing the private key), it may not pass to the beneficiaries.

A will should be drafted to give the executor authority to deal with digital assets. It may be helpful to select an executor with some knowledge of or familiarity with cryptocurrencies. As cryptocurrencies are generally held anonymously, a will should also establish the existence of the cryptocurrency as an asset to be distributed to beneficiaries. A method must also be established to ensure passwords to digital wallets and external drives storing cryptocurrency are accessible by a trusted representative. Unlike a bank account which can be frozen upon death, anyone can access a digital wallet, so care should be taken to ensure external drives and passwords are not easily accessible on the face of the will. This may include providing a memorandum of passwords and accounts to the executor to be placed in a safe custody facility which remains unopened until a will is called upon.

There may also be tax implications arising for the beneficiaries of cryptocurrencies, which are similar to the tax implications for cryptocurrency holders. See “Taxation” above for further details.

Expertise Area
""