Australia’s new crypto transfer rules to make exchange withdrawals pass through identity checks

Liam 'Akiba' Wright


Australia’s July 1 AML/CTF deadline has turned regulated crypto transfers into a data workflow for exchanges and other virtual asset service providers.

Users can still hold and move crypto in self-custody. The friction begins when funds pass through a reporting entity, where a transfer instruction can trigger identity, wallet, counterparty, secure-messaging, and record-keeping checks before assets move or become available.

AUSTRAC’s transitional rules deferred some AML/CTF obligations for new registrable virtual asset services until July 1, 2026, including the rules covering transfers of value involving virtual assets.

The agency’s guidance says those deferred services were not required to comply with Travel Rule obligations for virtual asset transfers until that date.

That runway has now closed. For Australian exchanges and other virtual asset service providers, transfer instructions now carry more than an operational request.

They may require identity collection and verification, wallet classification, counterparty checks, secure message handling, and records linking the payer, payee, wallet, and transfer path.

Australian crypto compliance crackdown illustrated with Bitcoin entering a car wash beneath Australian street signsAustralian crypto compliance crackdown illustrated with Bitcoin entering a car wash beneath Australian street signs

How the transfer workflow changes

The sharpest user-facing detail is the absence of a small-transfer carve-out.

AUSTRAC’s guidance on when the Travel Rule does not apply states that there is no minimum amount for a value transfer.

The rule applies to international or domestic value transfers of any amount, unless a specific exception applies.

That turns compliance friction into a question of both transfer type and transaction size. Crypto users often associate additional checks with large withdrawals, suspicious flows, or bank-style thresholds.

Australia’s framework points to a different operating rule. The key question is whether a reporting entity is providing a covered value-transfer service.

For users, that can translate into more prompts, more required recipient or wallet information, and more delays when an exchange needs to classify a destination, resolve missing information, or decide whether the next institution in a transfer chain can receive data securely.

For exchanges, even routine transfers may require systems that consistently collect and route information, rather than relying on manual reviews only for higher-value activity.

The result is as much a privacy-and-friction story as a compliance story. A blockchain withdrawal may still settle on-chain as usual, but the regulated transfer process around it now includes a data layer that must be handled before or alongside the movement of assets.

Infographic showing Australia Travel Rule transfer chain, data layer, self-custody boundary, and practical effects for users and exchanges.Infographic showing Australia Travel Rule transfer chain, data layer, self-custody boundary, and practical effects for users and exchanges.

Australia plans clear crypto laws to boost innovation and investor safetyAustralia plans clear crypto laws to boost innovation and investor safety
Related Reading

Australia plans clear crypto laws to boost innovation and investor safety

Australia’s crypto reforms will tackle debanking issues and assess tokenization laws for the country.

Mar 22, 2025 · Oluwapelumi Adejumo

AUSTRAC’s Travel Rule overview describes a value transfer chain that begins whenever an institution accepts a payer’s instruction to transfer value.

That chain can include an ordering institution, intermediary institutions, and a beneficiary institution.

In plain terms, the exchange that accepts a customer’s instruction may have to collect and verify payer information, collect the payee’s full name, and pass relevant transfer-message information to other businesses involved in the transfer.

A receiving institution may have to check whether information is missing or inaccurate before making the transferred value available.

This is why the July 1 date changes the experience of exchange-linked transfers. The crypto transaction itself is only one piece of the regulated workflow.

The business handling the transfer also needs to understand who is sending, who is receiving, what wallet or account is involved, and whether the information can move safely through the transfer chain.

The framework also makes repeat movements relevant. AUSTRAC says a new value transfer chain begins every time a payer instruction is accepted.

If a customer receives value into an account or custodial wallet and then instructs a separate transfer, that second movement can carry its own Travel Rule obligations.

That structure is likely to push exchanges toward more standardized withdrawal and deposit flows. Platforms need workflows that gather transfer data at the point of instruction and maintain enough information to satisfy both sending and receiving obligations.

What self-custody changes at the exchange boundary

The most important boundary is self-custody.

AUSTRAC’s virtual-asset guidance includes a specific rule for transfers involving self-hosted wallets. A transfer to a self-hosted wallet is exempt from sending Travel Rule information to another business in the transfer chain.

But that still leaves compliance work for the regulated entity handling the transfer.

For an ordering institution sending virtual assets to a self-hosted wallet, AUSTRAC says the business must collect and verify payer information, collect payee information, and collect tracing information.

For a beneficiary institution receiving virtual assets from a self-hosted wallet, the business must obtain payer information and tracing information, and if it does not already hold it, the payee’s full name before making the assets available.

The same guidance also says businesses need policies for determining whether a transfer is to or from a custodial or self-hosted wallet, assessing whether a custodial wallet controller is licensed or registered under laws that give effect to FATF recommendations, and managing risk where a wallet is controlled by a person not required to be licensed or registered.

That is the distinction users will feel. Holding assets in a private wallet remains possible.

CryptoSlate Daily Brief

Daily signals, zero noise.

Market-moving headlines and context delivered every morning in one tight read.