APRA and AUSTRAC look to simplify the current patchwork of regulation for Australia’s budding crypto industry
Two of Australia’s major regulators have issued guidance on best practices for businesses handling crypto, in a move that advances financial clarity for the country’s burgeoning digital asset industry.
Both the Australian Transaction Reports and Analysis Centre (AUSTRAC) and the Australian Prudential Regulation Authority (APRA) issued statements Wednesday laying out perceived risks and expectations when dealing with the nascent asset class.
Unlike in neighboring jurisdictions, including Singapore, whose rules around digital assets have been well established, crypto regulation in Australia consists of a patchwork of rules drawn from the traditional financial sector.
The latest guidance from the country’s watchdogs marks a major step toward greater clarity for crypto businesses operating in Australia in conjunction with proposed legal frameworks. It follows an earlier policy proposal designed to regulate everything from crypto taxation to digital asset exchange licensing.
AUSTRAC, which is responsible for monitoring and responding to financial crimes, has espoused the well-worn narrative that with increased crypto adoption comes a heightened risk of criminal activity.
“Financial service providers need to be alert to the signs of criminal use of digital currencies, including their use in ransomware attacks,” AUSTRAC CEO Nicole Rose said in a statement.
In its guide on “preventing the criminal abuse of digital currencies in financial crime,” AUSTRAC sets forth instructions for businesses detecting tax evasion, terror financing, scams and money laundering.
AUSTRAC also provides guidance for businesses on how best to identify and prevent instances of ransomware attacks seeking to leverage crypto as a liquid means of extortion.
“Digital currencies such as bitcoin have enabled cybercriminals to request higher ransom amounts and more easily receive payments, increasing the profitability and attractiveness of ransomware,” AUSTRAC wrote.
It also draws upon findings from last year’s Senate Select Committee on “Australia as a Technology and Financial Centre,” which heard de-banking cases from crypto industry participants by the country’s largest financial institutions including from some of Australia’s “big four” banks.
De-banking is an alleged traditional banks practice in which financial institutions terminate the accounts of crypto businesses, often with no cited reason. In one instance, the committee heard the case of Bitcoin Babe founder, Michaela Juric, who had her banking services terminated more than 90 times over the course of her business’ seven-year run.
“AUSTRAC discourages financial institutions from indiscriminate and widespread closure of accounts across entire sectors,” the regulator wrote in its guidance. “De-banking legitimate and lawful businesses can negatively impact individuals and businesses. It can also increase the risks of money laundering and terrorism financing and negatively impacts Australia’s economy.”
AUSTRAC has authority over financial services, including crypto exchange providers, across the country.
Bolstering that guidance, APRA — which supervises banks, credit unions, insurance companies and retirement plans, among others — laid out its expectations for regulated entities to adopt a “prudential approach” when managing associated risks for digital assets.
In its letter, penned by APRA boss Wayne Byres, the regulator asks businesses under its purview to understand and mitigate harm and conduct appropriate “due diligence” all while applying “robust risk management controls.”
“Entities also need to ensure they comply with all conduct and disclosure regulation administered by [the Australian Securities and Investment Commission],” APRA wrote.
Earlier this month, Byres asked Australia’s financial institutions to be careful in their dealings with crypto, foreshadowing the expected letter’s release on Wednesday.
“By all means innovate, but proceed with care and in full knowledge of the risks,” Byres said at the time.
APRA is developing a longer-term framework for crypto activities in Australia and has laid out its three-year plan via a policy roadmap that will first consult then further its efforts to establish new and revised requirements for operational risk management.
The regulator is also seeking potential approaches to the “prudential” regulation of stablecoins — cryptocurrencies whose value is pegged to fiat or commodities — by eventually bringing them into the fold of the regulatory framework governing stored value facilities (SVF).
SVFs refer to payment services that enable customers to store funds in a facility with the intention of conducting future payments.
Subject to the development of the broader legislative and regulatory framework, APRA said it intends to consult on prudential requirements for large SVFs sometime next year.
“APRA will continue to closely monitor industry trends and emerging risks associated with crypto-assets, engage with other regulators domestically and internationally and provide further guidance as required,” it said.