Australia Flag

Australia

Updated: 30 Jun, 2026

Australia is overhauling its AML/CTF framework to fully align with the FATF’s standards by introducing broader obligations for virtual asset service providers (VASPs) under the revised definition of “virtual assets.” 

The regime expands regulated services (including wallet custody, virtual asset transfers, and exchange services) and enforces Travel Rule compliance via a new “value transfer chain” concept. Stronger registration, governance, and independent compliance evaluations are required. 

New providers of virtual asset services may enrol and register with AUSTRAC from 31 March 2026, with the deadline for enrolment and registration set for 29 July 2026.

All existing and newly regulated VASPs must comply by 1 July 2026.

Australia Travel Rule Breakdown 21 Analytics
Breakdown of Australia's Travel Rule Regulations


What is the scope of the Travel Rule in Australia?

The Australian Travel Rule applies to all reporting entities providing value transfer designated services. In other words, all originator, beneficiary and intermediary institutions involved in the services explained below must comply with the Travel Rule. 

An originator institution is any person who, in the course of business, accepts an instruction for a transfer of value on behalf of a payer (originator). This includes when the person:

  • Receives value directly from the originator;
  • Holds the value in an account or virtual asset wallet;
  • Is authorised to transfer value from a third-party deposit-taker or credit provider;
  • Arranges a transfer under an offsetting arrangement with a beneficiary institution.

A beneficiary institution is any person who, in the course of business, makes the transferred value available to a payee (beneficiary). This can happen when the person:

  • Provides the value directly, or through an agent;
  • Deposits it into an account or virtual asset wallet;
  • Holds it on deposit;
  • Deposits it with a third-party deposit-taker or credit provider;
  • Arranges availability under an offsetting arrangement with the ordering institution.

An intermediary institution is any person who in the course of carrying on a business, receives and passes on a “transfer message” (containing information relating to the payer’s instruction for the transfer of value) in a value transfer chain.

By definition, an intermediary institution sits between an ordering and beneficiary institution in a value transfer chain.

Download the Australian Travel Rule Overview

Download Now



Who is the supervisory body for VASPs in Australia?

The Australian Transaction Reports and Analysis Centre (AUSTRAC)


What is the Travel Rule threshold in Australia?

The Australian Travel Rule applies to all transactions. Unless an exemption applies.


Obligations of originator virtual asset service providers

Originator VASPs must collect and transmit the following data to the intermediary or counterparty VASP before or alongside each transaction.

  • originator’s full name (if a legal entity, a unique identifier* must be provided), 
  • originator’s date of birth,
  • originator’s full business or residential address (post box is not acceptable),
  • beneficiary's name,
  • beneficiary’s town and country of residence (if a legal entity, the town and country of business operations and any unique identifier* must be provided).

Moreover, the originator VASP must verify the originator’s data before submission and is responsible for sharing tracing information with its counterparty. Tracing information refers to details that enable the originator and the beneficiary to identify the accounts involved in the transaction. 

Depending on the type of transfer, this could be a unique transaction reference number, a destination tag, or a wallet address in the case of self-hosted wallets.

[Part 8. Division 2. 8-6 (1)(2)]

*A unique identifier includes: 

“(a) a unique identifier given to the person by an Australian government body (other than the person’s tax file number within the meaning of section 202A of the Income Tax Assessment Act 1936); or

(b) a unique identifier given to the person by a government body of a foreign country (together with information identifying the body); or

(c) a legal entity identifier given to the person by an organisation accredited by the Global Legal Entity Identifier Foundation (together with information identifying the organisation); or

(d) a connected business identifier code given to the person by the Society for Worldwide Interbank Financial Telecommunication.” 

[Part 1. 1-4]

All data stated above must be collected and, when required, verified, in accordance with the AML/CTF Act and the VASP’s AML/CTF program.

Irrespective of transaction value, the originator VASP must:

  • identify the counterparty VASP,
  • conduct due diligence to ensure the counterparty VASP can safeguard and transmit information and is not a sanctioned entity,
  • complete these checks before the transaction is executed.

If the counterparty VASP cannot meet these requirements, the originator VASP must not proceed with the transfer.


Obligations of beneficiary virtual asset service providers

The beneficiary VASP must comply with AML/CTF Act requirements for verifying the beneficiary’s identity and must implement an AML/CTF program.

For inbound transfers, the beneficiary VASP must monitor that it has received the originator’s information, the beneficiary’s full name and tracing information. 

The beneficiary VASP must also take reasonable measures, such as real-time or post-event monitoring, to detect transfers that lack the required information.

In addition, it must develop a risk-based policy, documented in its AML/CTF program, that determines when to execute, reject, or suspend a transfer that lacks the required information and the follow-up action to be taken in each such case.


Obligations of intermediary virtual asset service providers

Where an intermediary VASP is used, it must ensure that all required originator, beneficiary, and tracing information accompanies the transaction and pass it on to its counterparty.

Like beneficiary VASPs, intermediaries must develop a risk-based policy, documented in their AML/CTF program, which determines:

  • when to execute, reject, or suspend a cross-border crypto transfer that lacks the required information, and
  • what follow-up actions will be taken in each case.


Does Australia’s Travel Rule apply to self-hosted wallets?

If the wallet is self-hosted, there is no obligation to transmit Travel Rule information, but information collection and verification obligations still apply.

An ordering institution transferring virtual assets to a self-hosted wallet must collect and verify payer information, and collect payee and tracing information.

A beneficiary institution receiving virtual assets from a self-hosted wallet must obtain payer and tracing information, and the payee’s full name if it does not already hold it, before making the virtual assets available to the payee.

Businesses will need to maintain appropriate policies and procedures to manage the associated AML/CTF risk.


How to comply with and meet Australia’s AML requirements

Obligations of originator virtual asset service providers

For paragraph 26F(3)(e) of the Act, a reporting (originator) VASP's AML/CTF policies must address specific requirements when the designated service relates to the transfer of a virtual asset. 

These policies must outline how the originator will undertake due diligence to determine, in line with subsection 66A(2) of the Act, whether the destination wallet is custodial or self-hosted, and, if custodial, whether the controlling person is required to be licensed or registered under a law that gives effect to the FATF Recommendations and, if so, whether they hold such a licence or registration. 

Where the wallet controller is licensed, registered, or otherwise not required to be, the policies must explain how the originator will assess whether the beneficiary institution is capable of securely receiving the information that must be passed on under subsection 64(3) of the Act and safeguarding its confidentiality.


Obligations of beneficiary virtual asset service providers

A reporting (beneficiary) entity's AML/CTF policies must also address specific requirements when the designated service involves the transfer of a virtual asset. 

These policies must explain how they will conduct due diligence, for subsection 66A(2) of the Act, to determine whether the wallet from which the virtual asset is being transferred is custodial or self-hosted and, if custodial, whether the person controlling the wallet is required to be licensed or registered under a law that gives effect to the FATF Recommendations and, if so, whether such licensing or registration is in place. 

Where the wallet controller is licensed, registered, or not required to be, the policies must set out how the beneficiary will determine whether the originator and any intermediary institution are capable of securely passing on the information specified in section 8-4 of this instrument relating to the transfer of value. 

Finally, the policies must specify how the beneficiary will manage and mitigate ML/TF risk where the originator or intermediary institution cannot securely pass on the required information.

Become Travel Rule Compliant with 21 Analytics

Request a Demo


When do you need to comply with the Travel Rule in Australia?

1 July 2026.

The Travel Rule commences for VASPs to comply with applicable information-sharing obligations for virtual assets.


Which regulations are applicable to the Travel Rule in Australia?

Anti‑Money Laundering and Counter‑Terrorism Financing Rules 2025

Anti-Money Laundering and Counter-Terrorism Financing Act 2024

Anti-Money Laundering and Counter-Terrorism Financing Act 2006

Written by:
About Nicole
Nicole Giani
Content & Social Media Manager
With an Honours in English Linguistics, Nicole started her career as an educator before transitioning to education management and curriculum development.  Thereafter, she moved to crypto writing - uniting her passion for education with crypto to educate the ecosystem on the Travel Rule.
X
Trust Graphic

New: TRUST Network

Transact with Coinbase, Kraken, Gemini and others.