VASP Registration for Crypto Exchanges

By /

AUSTRAC’s New AML/CTF Draft Rules: What Existing DCEs Must Do to Transition to VASP Compliance

By Robbie Joseph | Licensing Expert

The second draft of AUSTRAC’s 2025 AML/CTF Rules marks a seismic shift in how digital asset businesses are regulated in Australia. These reforms bring Australia in line with the Financial Action Task Force (FATF) standards by creating a dedicated registration regime for Virtual Asset Service Providers (VASPs) with direct consequences for currently registered Digital Currency Exchange (DCE) holders.

As the compliance deadline of 31 March 2026 looms, now is the time for existing DCEs to review their obligations and prepare for transition.

Key Changes Impacting DCE Holders

AUSTRAC will not grandfather existing DCE registrations. All registered DCEs will need to formally re-apply as VASPs under the new regime and meet more stringent compliance requirements.

What’s New?

  • Mandatory VASP Registration: DCEs must apply to join the new AUSTRAC-maintained VASP Register.
  • Broader Scope of Services: Includes not only fiat-to-crypto but also crypto-to-crypto trades, custody of digital assets, and some DeFi activities.
  • Travel Rule Compliance: DCEs must now collect and share information on both the sender and receiver of digital asset transfers.
  • Enhanced CDD Obligations: Greater emphasis on identifying beneficial owners, high-risk jurisdictions, and customer profiling.
  • Increased Regulatory Transparency: VASPs must disclose foreign operations, risk assessments, and the criminal history of key personnel.

What Existing DCEs Must Do: A Compliance Roadmap

Here’s a structured checklist to help DCEs navigate the transition:

Step 1: Readiness Assessment

  • Conduct a compliance gap analysis.
  • Review which of your services now fall within the expanded VASP definition.

Step 2: Upgrade Your AML/CTF Framework

  • Strengthen customer due diligence (CDD) and beneficial owner verification.
  • Implement travel rule systems to collect and transmit transaction data.
  • Update risk assessments, policies, and staff training.

Step 3: Prepare for VASP Registration

  • Gather documentation:
    • Company structure and ownership details.
    • AML/CTF program documentation.
    • Fit and proper declarations for key individuals.
  • Assign a responsible officer to lead the application process.

Step 4: Submit the VASP Application

  • Lodge a formal application with AUSTRAC prior to 31 March 2026.
  • Expect increased scrutiny, especially for entities with foreign connections or prior compliance issues.

Licensing Expert Can Help

With 15 years of experience in financial licensing and AML/CTF compliance—including DCE and crypto onboarding we assist digital asset businesses across Australia to:

  • Navigate VASP registration requirements,
  • Review and upgrade AML/CTF programs,
  • Implement travel rule compliance tools,
  • Liaise with AUSTRAC and respond to regulator queries.

Final Thoughts

The transition from DCE to VASP is not just a rebrand it is a regulatory overhaul. DCE holders who start early and approach compliance strategically will position themselves to thrive in Australia’s evolving digital asset ecosystem.

Contact us –

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top