Most harm done to consumers in the crypto space has come not from the tokens themselves, but from the platforms handling them — the exchanges, custodians, lenders, and yield services.
That finding sits at the center of a new paper delivered this week by Rhys Bollen, the head of fintech at the Australian Securities and Investments Commission, who argues Australia should stop treating digital assets as something categorically new and start applying the financial laws already on the books.
Regulating What It Does, Not What It’s Called
Bollen made the case at the Melbourne Money and Finance Conference, where he argued that crypto tokens should be judged by their economic function. A token that acts like a security should be treated as one. A stablecoin that moves money should fall under payments law.
Consumer protection rules should pick up whatever else remains. His argument strips away the technological wrapping and asks a simpler question: what does this thing actually do?
Crypto-Specific Law
That framing puts Australia at odds with how other countries have gone about it. The US is pushing the CLARITY Act, a purpose-built crypto framework. The European Union has rolled out its Markets in Crypto-Assets rules, known as MiCA. Both create dedicated regulatory structures for digital assets.
Bollen’s position, by contrast, is that building a separate system from scratch misses the point — and leaves gaps that bad actors will find.
“Opportunities for regulatory arbitrage” is how Bollen describes those gaps. Build a crypto-specific law, and someone will structure a product to fall outside it. Attach crypto to existing law based on what the product does, and that exit shrinks.
Australia Already Writing It Into Law
Australia isn’t waiting on theory. The country’s Digital Asset Framework bill, currently moving through parliament, doesn’t attempt to replace the Corporations Act.
Reports indicate the bill amends it — slotting digital asset platforms into the existing regulatory structure rather than building a lane beside it.
ASIC’s own guidance document, Information Sheet 225, has already confirmed that existing definitions of financial products and services under the Corporations Act can apply to crypto, depending on how a given asset functions.
Bollen was direct about what that means in practice. Regulators, he said, should be focused on intermediaries — the companies sitting between users and their crypto — rather than on the tokens themselves. That’s where the consumer harm has actually shown up.
Featured image from Cyber Security News, chart from TradingView
