REGULATIONS

Crypto Travel Rule Regulations in

Australia

by

AUSTRAC

🇦🇺
Travel Rule required from
Travel Rule regulation still pending
July 1, 2026
Content last updated

Featured webinar: 

Preparing for Australia’s new crypto regulatory framework

TRM Labs and Notabene brought together industry leaders and experts for a practical walkthrough of what Australia’s new crypto regulatory framework means for your business, and how to prepare before enforcement begins.

→ Watch on demand


Australia has formally incorporated the crypto travel rule into national law through the 2024 Anti-Money Laundering and Counter-Terrorism Financing Amendment Bill (AML/CTF Act), which modernizes the country’s AML/CTF framework and brings it into closer alignment with the most recent FATF Recommendations 15 and 16. The new legislation streamlines the concept of value transfers across financial institutions, remittance providers, and virtual asset service providers (VASPs), and explicitly expands travel rule obligations to include virtual asset transfers for both domestic and cross-border activity.

In the video below, the Notabene team breaks down what this legislation changes in practice, how AUSTRAC is expected to approach implementation and enforcement, and what Australian VASPs should be doing now to prepare.

Read on for more information on the key Australian Travel Rule and AML/CTF developments discussed in the video, outlining how the regulatory framework is evolving and what it means for virtual asset businesses operating in or servicing Australia.

1. Is cryptocurrency legal in Australia?

Yes. Cryptocurrencies are legal in Australia and explicitly recognized in different legal frameworks. For instance, under the country’s tax regime, capital gains generated through the disposal of cryptocurrencies are subject to capital gains tax, and entities carrying out certain cryptocurrency-related activities are covered by the country’s AML/CTF framework.

2. Are there any AML crypto regulations in Australia?

The amendments introduced by the AML/CTF Act broaden the concept of “virtual assets” and bring a much wider range of services into scope. Beyond simple crypto-to-fiat exchange, the new regime will apply to crypto-to-crypto exchange platforms, custodial wallet providers, businesses transferring virtual assets on behalf of customers, and services involved in the offer or sale of new tokens. This expansion aligns Australia’s framework with FATF standards and ensures that a far broader spectrum of digital-asset activity falls within the country’s AML/CTF regulatory perimeter.

These are accompanied by new obligations such as value-transfer rules, including the Travel Rule, which requires originator and beneficiary information to accompany virtual-asset transfers.

As a result, crypto businesses will need to strengthen their compliance programs and ensure they meet Australian Transaction Reports and Analysis Centre’s (AUSTRAC) registration and oversight requirements. 

The AML regulation for crypto in Australia already exists and is entering a new, more comprehensive phase designed to increase transparency, reduce financial crime risk, and bring the sector into line with international expectations.

🔗 View Australian VASPs on the Notabene Network

3. Who regulates cryptocurrency in Australia?

Cryptocurrency in Australia is regulated through a combination of agencies, each responsible for a different part of the digital-asset ecosystem. 

The primary regulator for anti-money laundering and counter-terrorism financing is AUSTRAC, which oversees the registration, monitoring, and compliance of crypto-asset service providers. Any business offering exchange services, transfers, custody, or other in-scope virtual-asset services must register with AUSTRAC and comply with its AML/CTF rules. AUSTRAC’s role will expand further under the new reforms, which widen the definition of virtual-asset services and introduce obligations such as the travel rule.

The Australian Securities and Investments Commission (ASIC) regulates crypto assets when they fall within the definition of financial products or financial services. ASIC supervises conduct, licensing, disclosure, and consumer protection in these areas.

The Australian Taxation Office (ATO) also plays an important regulatory role by defining how digital assets are treated for tax purposes. It sets rules for capital gains, income tax, and goods and services tax (GST), ensuring that individuals and businesses correctly report transactions involving crypto.

4. Who is the Crypto Travel Rule Regulator in Australia?

AUSTRAC is responsible for overseeing compliance with the Travel Rule. 

FATF Travel Rule Requirements in Australia

1. Is the Crypto Travel Rule mandated in Australia?

Yes. Australia has formally mandated the Crypto Travel Rule. The requirements are established in the AML/CTF Act and further detailed in the Anti-Money Laundering and Counter-Terrorism Financing Rules 2025 (“the Rules”), which set out the information that must accompany transfers of virtual assets and the obligations of reporting entities involved in those transfers.

2. When is the Crypto Travel Rule enforcement date in Australia?

While the Crypto Travel Rule was initially expected to take effect on 31 March 2026, the AML/CTF transitional rules recently published by AUSTRAC and the Department of Home Affairs defer the Travel Rule specifically for value transfer services involving virtual assets, determining that both existing and newly regulated virtual asset service providers must implement the Travel Rule for virtual asset transfers from 1 July 2026.

3. Does Australia permit a grace period to comply with the Crypto Travel Rule?

Yes. Australia has provided a grace period lasting approximately 15 months, running from 10 December 2024, when the AML/CTF Act received Royal Assent, until 31 March 2026, when the Crypto Travel Rule obligations take effect. This transition window allows reporting entities to update systems, policies, and procedures before compliance becomes mandatory. This initial grace period was further extended for virtual asset transfers under AUSTRAC’s transitional rules, which defer the implementation of the Travel Rule for virtual asset transfers until 1 July 2026.

Complying with the FATF Crypto Travel Rule in Australia

1. What is the minimum threshold for the Crypto Travel Rule in Australia?

There is no minimum threshold. The Travel Rule applies to all virtual asset transfers, regardless of the value of the transaction.

2. What are the PII requirements for the Crypto Travel Rule in Australia?

Under subsection 64(3) of the AML/CTF Act and Section 8-3 of the Rules, the information that ordering institutions must pass on to the next institution in the value transfer chain is defined by the circumstances of the transaction. 

By default, the information required is as follows:

The information requirements for merchant payments and domestic transfers vary from the default set above.

3. What are the obligations for beneficiary VASPs in Australia?

Under 65 of the AML/CTF Act and section 5-18 of the Rules, beneficiary VASPs have the following core obligations:

  1. Monitoring obligations - Beneficiary  must take reasonable steps to monitor:
    1. Whether they have received all information required under the for the transfer of value
    2. Whether the information received about the payee is accurate .
  2. Handling non-compliant deposits -  When the beneficiary VASP detects that it has not received all of the required information and has not otherwise obtained it, or that some or all of the information received or otherwise obtained about the payee is not accurate, it must take action in accordance with its AML/CTF program and perform at least one of the following:
    1. Refuse to make the transferred value available to the payee
    2. Take other appropriate action as determined by the VASP
  3. AML/CTF program requirements - The VASP’s AML/CTF program must explicitly outline:
    1. The steps the VASP will take to conduct the above monitoring;
    2. How the VASP will assess whether to make the value available to the payee in the event of missing or inaccurate information;
    3. How the VASP will determine whether to request further information from another institution in the transfer chain.

6. Are there differences in customer PII requirements for cross-border transfers versus domestic transfers within Australia?

Yes. A transfer is considered domestic when the value is both sent from Australia and made available to the payee in Australia. For these transfers, the Rules require only tracing information—not payer and payee identifying information—to be passed by the ordering institution.   

In the context of virtual assets transferred from and to custodial wallets, tracing information generally consists of:

  • the originator’s wallet address, and
  • the beneficiary’s wallet address. 

In other words, for domestic VASP-to-VASP transfers, entities must exchange only enough technical data to reliably trace the transaction—not personal identifiers, such as names, addresses, or date and place of birth.

7. What are the non-custodial or self-hosted wallet requirements in Australia?

Under Section 5-17(6) of the Rules, the AML/CTF policies of a VASP must set out how due diligence is conducted to determine whether a transaction involves a self-hosted wallet, how the payee/payer will be identified, and what verification steps will be applied to verify the person who controls the wallet. 

Section 8-3 and 8-4 of the Rules clarify that when transacting with self-hosted wallets:

  1. Ordering institutions are required to collect (but are not required to verify) the payee’s full name.
  2. Beneficiary institutions are required to obtain (but are not required to verify) full payer information, which includes the payer’s full name and one of the following:
    • Unique customer identification number, or
    • Unique identifier, or
    • Date and place of birth, or
    • Business or residential address, or

A reporting entity that begins providing a designated service in Australia involving virtual asset transfers to or from a self-hosted wallet whose controller has not been verified under the entity’s AML/CTF program must report the provision of that service to the AUSTRAC CEO within 10 business days.

Looking for Crypto Travel Rule Compliance in Australia?

Speak with our Travel Rule compliance experts to learn more about how Notabene’s powerful solutions and active network of over 2,000 regulated entities can help you achieve your business’s unique Travel Rule compliance needs.

{{australia-vasp1="/cta-components"}}

References

Australian Government AUSTRAC| Digital currency exchange providers
Comply Advantage| Cryptocurrency Regulations in Australia
Comply Advantage| AUSTRAC Mulls Adoption of FATF’s Travel Rule
Global Legal Insights| Blockchain & Cryptocurrency Laws and Regulations 2021 | Australia

Notabene's commitment to privacy + security:

Bank-grade security for an insecure world
  • Passed rigorous security reviews by more than 150 institutions, including global banks and top 20 crypto exchanges
  • Annual SOC 2 Type II Audit for Security and Data Privacy Categories
  • Regular penetration testing by security audit leader Cobalt
Industry’s strongest protection for your customer data
  • Industry’s only escrowed exchange of encrypted PII
  • Compliant with EU GDPR, Singapore PDA
  • Plug-and-play Travel Rule end-user data consent component
Enterprise White Glove features
  • 24h/7 days a week uptime
  • Configurable enterprise SLA
  • SOC2 compliant disaster recovery and business continuity plans
Learn more about our commitment to security
related articles
5 Key Observations: FATF’s Second 12-Month Virtual Assets & VASPs Review
FATF Crypto: Summary of the Virtual Assets Guidance - March 2021
Crystal partners with Notabene for Travel Rule solution
This content is provided for general informational purposes only. By using the content, you agree that the information on this content does not constitute legal, financial or any other form of professional advice. No relationship is created with you, nor any duty of care assumed to you, when you use this content. The content is not a substitute for obtaining any legal, financial or any other form of professional advice from a suitably qualified and licensed advisor. The information on this content may be changed without notice and is not guaranteed to be complete, accurate, correct or up-to-date.Help us keep this page up to date! Any comments, corrections or suggestions on this page can be sent to [email protected].
Australia
Grace period ongoing
JURISDICTIONS

Crypto Travel Rule Regulations in Australia

Regulatory authority
AUSTRAC
Travel Rule required from
Travel Rule regulation still pending
July 1, 2026
Content last updated
Download the guide to Travel Rule in
Australia
View all VASPs in
Get Travel Rule Certified for
Australia
Table of contents
Plus button

Featured webinar: 

Preparing for Australia’s new crypto regulatory framework

TRM Labs and Notabene brought together industry leaders and experts for a practical walkthrough of what Australia’s new crypto regulatory framework means for your business, and how to prepare before enforcement begins.

→ Watch on demand


Australia has formally incorporated the crypto travel rule into national law through the 2024 Anti-Money Laundering and Counter-Terrorism Financing Amendment Bill (AML/CTF Act), which modernizes the country’s AML/CTF framework and brings it into closer alignment with the most recent FATF Recommendations 15 and 16. The new legislation streamlines the concept of value transfers across financial institutions, remittance providers, and virtual asset service providers (VASPs), and explicitly expands travel rule obligations to include virtual asset transfers for both domestic and cross-border activity.

In the video below, the Notabene team breaks down what this legislation changes in practice, how AUSTRAC is expected to approach implementation and enforcement, and what Australian VASPs should be doing now to prepare.

Read on for more information on the key Australian Travel Rule and AML/CTF developments discussed in the video, outlining how the regulatory framework is evolving and what it means for virtual asset businesses operating in or servicing Australia.

1. Is cryptocurrency legal in Australia?

Yes. Cryptocurrencies are legal in Australia and explicitly recognized in different legal frameworks. For instance, under the country’s tax regime, capital gains generated through the disposal of cryptocurrencies are subject to capital gains tax, and entities carrying out certain cryptocurrency-related activities are covered by the country’s AML/CTF framework.

2. Are there any AML crypto regulations in Australia?

The amendments introduced by the AML/CTF Act broaden the concept of “virtual assets” and bring a much wider range of services into scope. Beyond simple crypto-to-fiat exchange, the new regime will apply to crypto-to-crypto exchange platforms, custodial wallet providers, businesses transferring virtual assets on behalf of customers, and services involved in the offer or sale of new tokens. This expansion aligns Australia’s framework with FATF standards and ensures that a far broader spectrum of digital-asset activity falls within the country’s AML/CTF regulatory perimeter.

These are accompanied by new obligations such as value-transfer rules, including the Travel Rule, which requires originator and beneficiary information to accompany virtual-asset transfers.

As a result, crypto businesses will need to strengthen their compliance programs and ensure they meet Australian Transaction Reports and Analysis Centre’s (AUSTRAC) registration and oversight requirements. 

The AML regulation for crypto in Australia already exists and is entering a new, more comprehensive phase designed to increase transparency, reduce financial crime risk, and bring the sector into line with international expectations.

🔗 View Australian VASPs on the Notabene Network

3. Who regulates cryptocurrency in Australia?

Cryptocurrency in Australia is regulated through a combination of agencies, each responsible for a different part of the digital-asset ecosystem. 

The primary regulator for anti-money laundering and counter-terrorism financing is AUSTRAC, which oversees the registration, monitoring, and compliance of crypto-asset service providers. Any business offering exchange services, transfers, custody, or other in-scope virtual-asset services must register with AUSTRAC and comply with its AML/CTF rules. AUSTRAC’s role will expand further under the new reforms, which widen the definition of virtual-asset services and introduce obligations such as the travel rule.

The Australian Securities and Investments Commission (ASIC) regulates crypto assets when they fall within the definition of financial products or financial services. ASIC supervises conduct, licensing, disclosure, and consumer protection in these areas.

The Australian Taxation Office (ATO) also plays an important regulatory role by defining how digital assets are treated for tax purposes. It sets rules for capital gains, income tax, and goods and services tax (GST), ensuring that individuals and businesses correctly report transactions involving crypto.

4. Who is the Crypto Travel Rule Regulator in Australia?

AUSTRAC is responsible for overseeing compliance with the Travel Rule. 

FATF Travel Rule Requirements in Australia

1. Is the Crypto Travel Rule mandated in Australia?

Yes. Australia has formally mandated the Crypto Travel Rule. The requirements are established in the AML/CTF Act and further detailed in the Anti-Money Laundering and Counter-Terrorism Financing Rules 2025 (“the Rules”), which set out the information that must accompany transfers of virtual assets and the obligations of reporting entities involved in those transfers.

2. When is the Crypto Travel Rule enforcement date in Australia?

While the Crypto Travel Rule was initially expected to take effect on 31 March 2026, the AML/CTF transitional rules recently published by AUSTRAC and the Department of Home Affairs defer the Travel Rule specifically for value transfer services involving virtual assets, determining that both existing and newly regulated virtual asset service providers must implement the Travel Rule for virtual asset transfers from 1 July 2026.

3. Does Australia permit a grace period to comply with the Crypto Travel Rule?

Yes. Australia has provided a grace period lasting approximately 15 months, running from 10 December 2024, when the AML/CTF Act received Royal Assent, until 31 March 2026, when the Crypto Travel Rule obligations take effect. This transition window allows reporting entities to update systems, policies, and procedures before compliance becomes mandatory. This initial grace period was further extended for virtual asset transfers under AUSTRAC’s transitional rules, which defer the implementation of the Travel Rule for virtual asset transfers until 1 July 2026.

Complying with the FATF Crypto Travel Rule in Australia

1. What is the minimum threshold for the Crypto Travel Rule in Australia?

There is no minimum threshold. The Travel Rule applies to all virtual asset transfers, regardless of the value of the transaction.

2. What are the PII requirements for the Crypto Travel Rule in Australia?

Under subsection 64(3) of the AML/CTF Act and Section 8-3 of the Rules, the information that ordering institutions must pass on to the next institution in the value transfer chain is defined by the circumstances of the transaction. 

By default, the information required is as follows:

The information requirements for merchant payments and domestic transfers vary from the default set above.

3. What are the obligations for beneficiary VASPs in Australia?

Under 65 of the AML/CTF Act and section 5-18 of the Rules, beneficiary VASPs have the following core obligations:

  1. Monitoring obligations - Beneficiary  must take reasonable steps to monitor:
    1. Whether they have received all information required under the for the transfer of value
    2. Whether the information received about the payee is accurate .
  2. Handling non-compliant deposits -  When the beneficiary VASP detects that it has not received all of the required information and has not otherwise obtained it, or that some or all of the information received or otherwise obtained about the payee is not accurate, it must take action in accordance with its AML/CTF program and perform at least one of the following:
    1. Refuse to make the transferred value available to the payee
    2. Take other appropriate action as determined by the VASP
  3. AML/CTF program requirements - The VASP’s AML/CTF program must explicitly outline:
    1. The steps the VASP will take to conduct the above monitoring;
    2. How the VASP will assess whether to make the value available to the payee in the event of missing or inaccurate information;
    3. How the VASP will determine whether to request further information from another institution in the transfer chain.

6. Are there differences in customer PII requirements for cross-border transfers versus domestic transfers within Australia?

Yes. A transfer is considered domestic when the value is both sent from Australia and made available to the payee in Australia. For these transfers, the Rules require only tracing information—not payer and payee identifying information—to be passed by the ordering institution.   

In the context of virtual assets transferred from and to custodial wallets, tracing information generally consists of:

  • the originator’s wallet address, and
  • the beneficiary’s wallet address. 

In other words, for domestic VASP-to-VASP transfers, entities must exchange only enough technical data to reliably trace the transaction—not personal identifiers, such as names, addresses, or date and place of birth.

7. What are the non-custodial or self-hosted wallet requirements in Australia?

Under Section 5-17(6) of the Rules, the AML/CTF policies of a VASP must set out how due diligence is conducted to determine whether a transaction involves a self-hosted wallet, how the payee/payer will be identified, and what verification steps will be applied to verify the person who controls the wallet. 

Section 8-3 and 8-4 of the Rules clarify that when transacting with self-hosted wallets:

  1. Ordering institutions are required to collect (but are not required to verify) the payee’s full name.
  2. Beneficiary institutions are required to obtain (but are not required to verify) full payer information, which includes the payer’s full name and one of the following:
    • Unique customer identification number, or
    • Unique identifier, or
    • Date and place of birth, or
    • Business or residential address, or

A reporting entity that begins providing a designated service in Australia involving virtual asset transfers to or from a self-hosted wallet whose controller has not been verified under the entity’s AML/CTF program must report the provision of that service to the AUSTRAC CEO within 10 business days.

Looking for Crypto Travel Rule Compliance in Australia?

Speak with our Travel Rule compliance experts to learn more about how Notabene’s powerful solutions and active network of over 2,000 regulated entities can help you achieve your business’s unique Travel Rule compliance needs.

{{australia-vasp1="/cta-components"}}

References

Australian Government AUSTRAC| Digital currency exchange providers
Comply Advantage| Cryptocurrency Regulations in Australia
Comply Advantage| AUSTRAC Mulls Adoption of FATF’s Travel Rule
Global Legal Insights| Blockchain & Cryptocurrency Laws and Regulations 2021 | Australia

Related Articles
5 Key Observations: FATF’s Second 12-Month Virtual Assets & VASPs Review
07 July 2021
FATF Crypto: Summary of the Virtual Assets Guidance - March 2021
24 March 2021
Crystal partners with Notabene for Travel Rule solution
15 October 2021
This content is provided for general informational purposes only. By using the content, you agree that the information on this content does not constitute legal, financial or any other form of professional advice. No relationship is created with you, nor any duty of care assumed to you, when you use this content. The content is not a substitute for obtaining any legal, financial or any other form of professional advice from a suitably qualified and licensed advisor. The information on this content may be changed without notice and is not guaranteed to be complete, accurate, correct or up-to-date.Help us keep this page up to date! Any comments, corrections or suggestions on this page can be sent to [email protected].