Let’s talk about crypto-regulation

Mandatory reporting of data breaches for entities subject to the Privacy Act (1988) begins today.

Today marks the introduction of the Australian government’s compulsory data breach response laws. From February 22, small to medium businesses covered by the Privacy Act will be covered by a legal obligation to report data breaches which have the capacity to cause harm. This applies to cryptocurrency exchanges, brokerages, super funds, and any other businesses handling cryptocurrency.

These new laws increase the legitimacy of cryptocurrency businesses, helping to assure the public of the regulation of this wonderfully volatile new asset class.

Of course, we still have a few naysayers out there; people who insist on repeating bad analogies, such as: “Cryptocurrency is like the wild west- it’s totally unregulated!”

However if we consider that for a moment, we can reassure you that cryptocurrency assets are highly regulated in Australia. Let’s try to understand how…


  1. The ‘SIS’ Act

The Superannuation Industry (Supervision) Act 1993, commonly known as the ‘SIS’ Act, applies to Self-Managed Super Funds. For those wishing to invest the higher-risk portion of their super fund in cryptocurrency, they are still covered by the same compliance regulations as anyone else. This involves ensuring that the investment is authorised under their trust deed and investment strategy, as well as ensuring that they have conducted sufficient research to include this new asset sector in their portfolio.

It’s worth remembering that there are pitfalls for inexperienced players in the SMSF space, particularly in terms of ensuring that investment accounts are set up in the correct trustee name. For those who on-board themselves with an investment platform that only caters to one individual named account (such as a crypto-exchange) this can be a major issue, and potentially, a breach of the SIS Act.


  1. Tax office reporting

Cryptocurrency investments can return huge profits, as many early adopters learned in 2017. With 1031% growth in bitcoin in 2017, anyone who chose to crystalise their investment December investment would have been extremely happy with the result. However, returns can fall under Capital Gains Tax requirements, so in some cases the profits anticipated were essentially halved. The take-home from this parable is that tax reporting is extremely important. If you have fulfilled AML/KYC requirement with an exchange, as well as supplied your banking details, your transactions on the exchange may be reported to the Australian Tax Office.


  1. SMSF Auditing

The major tasks of an auditor are to verify the assets of the super fund at the end of the financial year, and then review the transactions of the fund during the year to ensure the fund has complied with all regulatory obligations. A reputable firm or brokerage like Bitcoin Trader can provide trustees with verification of their cryptocurrency asset holdings at year end, with reference to the relevant wallet addresses on the Blockchain.


  1. AML/KYC – Mandatory Reporting

Although Bitcoin Trader and other cryptocurrency dealers in Australia are not specifically licensed under ASIC, reputable businesses already comply with known AML/KYC (Anti-Money Laundering/Know Your Client) obligations adhered to by other financial institutions (like banks). However, this will change on April 1 this year, meaning that it will be illegal for any cryptocurrency business to allow clients to fly under the radar. We’ve already seen South Korea ‘s snap-implementation of such laws to prevent anonymous crypto trading accounts, however Australia has historically been well in front of such legislative adaptations.


  1. The Privacy Act

New amendments to the Australian Privacy Act (1988) taking effect today mean that all Australian small businesses must report data breaches (that may result in some kind of harm) to the Office of the Australian Information Commissioner (OAIC) and the parties involved. Naturally, cyber security is of the utmost importance in the trade and use of cryptocurrency, so the new amendment requires that any breach of an investor’s data must be reported to that investor as well as the Privacy Commissioner within 30 days. The compromise of sensitive data can include the loss or theft of a device (like a computer, a thumb drive, or even a cold wallet device), the hacking of a database containing personal information, or mistakenly supplying personal information to the wrong person. In staying ahead of these requirements, for example, Bitcoin Trader implemented a clean desk policy in 2017, to better protect clients’ personal information. The company has also employed a Chief Risk Officer to prevent, detect and manage all compliance and regulatory obligations. As such, cryptocurrency clients can be assured of their full privacy, knowing that their information will be handled with the utmost care.



Bitcoin Trader is a personalised cryptocurrency brokerage firm catering to individual, corporate, institutional and SMSF clients. The company is incorporated in Australia, with established global partners providing access to high liquidity and multicurrency settlements. Our core focus is on safe, secure and compliant cryptocurrency investment, divestment and portfolio reallocation.

Disclaimer: This content is for informational purposes only. It does not constitute investment or financial advice. Any information, material or commentary is intended to provide general information only. Information contained in this document has been obtained from sources believed to be reliable, but BT Brokerage Services Pty Ltd trading as Bitcoin Trader, makes no representation as to its accuracy or completeness. Before acting on any information contained in this document, each person should consider its appropriateness having regard to their own or their clients’ individual objectives, financial situation and needs. You should obtain independent taxation, financial and legal advice relating to this information and consider it carefully before making any decision or recommendation.

Leave a Reply