ASIC Publishes Updates to Information Sheet for 2025

Regulators rarely wake up in the morning hoping to become the life of the party. Yet in 2025, the Australian Securities and Investments Commission, better known as ASIC, managed to do exactly that by updating Information Sheet 225, its guidance on digital assets and financial products. For lawyers, exchanges, token issuers, wallet providers, custody platforms, and compliance teams who have spent the last few years playing regulatory dodgeball, this was not a sleepy administrative refresh. It was a loud, practical message: if your digital asset business touches Australian users, the old “we’ll figure it out later” strategy is now about as comforting as a paper umbrella in a thunderstorm.

The updated information sheet matters because ASIC did not wait for a shiny new crypto-only statute to arrive before acting. Instead, it clarified how Australia’s existing financial services laws already apply to digital assets. That means the real story is not just about one document getting a facelift. It is about a regulator telling the market that stablecoins, wrapped tokens, tokenized securities, staking arrangements, and even some wallet functions may already sit inside the current legal perimeter. In plain English, the sign on the door now reads: “Yes, we meant you too.”

For businesses, investors, and compliance professionals, the 2025 ASIC update is a reminder that guidance documents can reshape conduct long before Parliament finishes drafting the next big reform bill. They do not always change the law on paper, but they absolutely change the risk calculus in the boardroom. That is why this update deserves serious attention far beyond Australia. Any company with cross-border digital asset ambitions should treat INFO 225 as a case study in how modern regulators are closing gaps without waiting for perfect legislation to arrive riding a white horse.

What ASIC Actually Updated

The update in question is ASIC’s revised Information Sheet 225, now framed around digital assets rather than the narrower and older “crypto-assets” language. That wording shift is more important than it looks. It reflects a broader regulatory lens that captures not just familiar exchange tokens, but also stablecoins, tokenized real-world assets, wrapped tokens, digital asset wallets, staking models, and services built around them. In other words, the regulator widened the camera angle. The market is no longer being viewed as a pile of coins and memes; it is being treated as financial infrastructure.

The revised guidance followed ASIC’s Consultation Paper 381, released in late 2024, and was finalized in 2025 after extensive industry feedback. The regulator added new practical examples, amended older ones, and expanded its explanations of when a digital asset may be a financial product, when a service provider may be carrying on a financial services business, and when licensing may be required. That combination is what makes the update so significant. It is not abstract theory. It is a field manual.

ASIC also paired the guidance with transitional support, including a class no-action position for certain businesses moving toward licensing. That decision was not just generous housekeeping. It was a tacit admission that the updated guidance could have immediate and meaningful consequences for firms that previously believed they were outside the perimeter. When a regulator offers transition relief, it usually means the message is serious enough that people may need time to catch up.

The Biggest Changes in the 2025 Information Sheet

1. The examples got smarter, broader, and more useful

One of the best parts of the 2025 update is that ASIC leaned into worked examples instead of hiding behind vague legal fog. The final INFO 225 includes 18 examples, expanding on the draft consultation version and refining several areas that industry participants found confusing. That matters because digital asset regulation often falls apart at the sentence, “Well, it depends.” ASIC did not eliminate judgment calls, but it gave the market more concrete ways to think through them.

The new and amended examples tackle issues such as bitcoin, native proof-of-stake staking, managed staking or staking-as-a-service, tokenized real estate, wrapped tokens, digital wallets, yield-bearing stablecoins, and non-interest-bearing stablecoins. This is a practical upgrade, not a cosmetic one. It shows ASIC understands that compliance teams do not need more poetry. They need examples that map onto actual product design choices.

2. Stablecoins are no longer sitting quietly in the corner

ASIC’s 2025 position makes clear that certain stablecoins may be financial products, especially where they function as non-cash payment facilities or, in some structures, interests in a managed investment scheme. That point is especially important because stablecoins are often marketed as the boring adults in the digital asset room. They are supposed to be the ones wearing sensible shoes and talking about settlement efficiency. ASIC’s guidance says sensible shoes do not exempt anyone from financial services law.

The information sheet also gives a practical example of a non-interest-bearing stablecoin marketed as digital cash and redeemable at par. The analysis suggests that such a token may still be a financial product because one of its intended and widespread uses is making payments. For issuers and distributors, the takeaway is obvious: do not assume that a token becomes less regulated just because it is designed to be less volatile.

3. Wallet providers should stop pretending they are just software companies

Another headline change is the sharper focus on digital asset wallets. ASIC’s guidance indicates that both custodial and some non-custodial wallet arrangements may involve non-cash payment facilities where users can send tokens to third parties, including through “pay anyone” functionality. That is a major deal because many wallet products have historically been described as neutral tools. ASIC is effectively saying that if your product helps users make payments, the label on the marketing page may not save you.

This does not mean every wallet is automatically regulated the same way. It does mean product teams should stop thinking about wallet design as a purely technical issue. Buttons, flows, payment messaging, redemption features, and customer-facing functionality can all shape regulatory classification. Compliance is now living inside the user experience.

4. Staking got the regulatory spotlight it has been expecting

Staking has spent years bouncing between innovation story and regulatory headache, often on the same afternoon. ASIC’s updated guidance deals more directly with staking arrangements, especially managed models and staking-as-a-service offerings. The regulator’s view is that some arrangements may amount to a facility for making a financial investment or an interest in a managed investment scheme, particularly where providers add value, manage the process, pool arrangements, or create an expectation of returns.

That nuance matters. Passive protocol mechanics are one thing. A commercial business wrapping staking in product promises, operational management, and return expectations is another. The lesson is simple: the more your service looks like a managed offering and the less it looks like bare technology, the more likely a regulator will care.

Why This Update Matters to the Market

At first glance, INFO 225 is just guidance. No fanfare, no dramatic legislative trumpet, no giant statute rolled down a red carpet. But in practice, guidance like this changes how firms build, market, and risk-assess products. It tells boards what questions to ask. It tells counsel what red flags to circle. It tells founders that “we are just a platform” is no longer a sufficient bedtime story.

The update also reinforces a broader regulatory reality: many jurisdictions are moving toward functional analysis. Regulators are looking less at what a product calls itself and more at what it actually does. If it stores value, facilitates payments, creates rights resembling securities, offers pooled exposure, or delivers managed returns, authorities are increasingly willing to regulate it under existing frameworks. Australia is not alone in that trend, but ASIC’s 2025 update is a particularly crisp example of it.

For cross-border firms, there is another crucial point. ASIC expressly warns that offshore or decentralized structures do not magically avoid Australian law where products are promoted or sold in Australia, or where services are provided to Australian users. That is a big flashing sign for global exchanges, wallet providers, token projects, and DeFi-adjacent businesses. Geography, in the internet age, still matters. The law has noticed.

The Transitional Relief Is Helpful, but It Is Not a Hall Pass

Alongside the updated guidance, ASIC issued a sector-wide class no-action letter to support transition into licensing. That relief gives eligible businesses time to assess the new guidance and move toward the necessary authorizations, including an Australian Financial Services license in relevant cases. The key date is June 30, 2026, which is not exactly tomorrow, but it is also not “someday in the distant future when everyone finally reads the compliance memo.”

The no-action position is helpful because it acknowledges the practical reality that some firms may need time to lodge applications, meet membership requirements, and adjust operations. But it is not an amnesty. ASIC carved out important exclusions, including crypto lending or earn products, many digital-asset-linked payment arrangements other than certain stablecoins, and most digital asset derivatives other than wrapped tokens. The regulator also made clear that egregious conduct, consumer harm, fraud, or serious misconduct remain squarely in enforcement territory.

That distinction is vital. A no-action letter is a transition tool, not a get-out-of-jail-free card laminated in corporate colors. Businesses relying on it should be able to show active, documented progress toward compliance, not vague optimism and a well-organized Slack channel.

What Businesses Should Do Next

Reclassify products before regulators do it for you

The first practical step is to review products by function, not branding. A token described as “community access,” “payments utility,” or “platform infrastructure” may still be regulated if its actual features support investment-like rights, payment use, custody, or managed returns. Businesses should revisit white papers, terms of use, wallet features, yield mechanics, and customer-facing language with fresh eyes.

Map the licensing perimeter across the whole customer journey

Many firms only assess the issuance stage and ignore everything around it. That is a mistake. INFO 225 signals that advice, dealing, custody, market operation, and payment functionality can each trigger regulatory analysis. A product may cross the line not only when it is created, but when it is distributed, recommended, stored, or used.

Treat custody and recordkeeping as front-page issues

ASIC’s related consultation on stablecoins, wrapped tokens, and omnibus account structures shows that custody is no longer a side conversation. If your business holds client assets or controls access to them, operational discipline matters. Reconciliation procedures, clear asset segregation logic, internal controls, disclosures, and governance are not glamorous, but neither is receiving a letter from a regulator that begins with “We refer to your recent conduct.”

Prepare for law reform without waiting for it

The 2025 update sits alongside broader proposed reforms for digital asset platforms and payments. That means businesses should not choose between current-law compliance and future-law readiness. They need both. The smart move is to build operating models that can survive present guidance and adapt to legislative change later. Waiting for a perfect final framework is how firms end up sprinting in dress shoes.

Why This Matters Beyond Australia

Even for readers outside Australia, ASIC’s 2025 information sheet update is worth studying because it captures a pattern regulators everywhere are increasingly using. Instead of freezing until bespoke digital asset legislation is complete, they are applying existing rules to new products based on economic reality. That has consequences for multinational fintechs, exchanges, token issuers, and investors who operate across borders and assume regulatory fragmentation will buy them time.

It probably will not. The more mature digital asset markets become, the less patience regulators have for clever labeling. The message from ASIC is that if a product walks like a financial product and monetizes like a financial product, it may well be regulated like one too. It is not a revolutionary insight, but in 2025 it became a far more detailed one.

Final Takeaway

ASIC’s 2025 update to Information Sheet 225 is one of those regulatory moments that looks modest until you read it closely. Then the scope becomes obvious. The guidance broadens the conversation from old-school “crypto” to a wider digital asset ecosystem, adds sharper examples, raises the compliance temperature for stablecoins, wallets, staking, and tokenized products, and gives firms a transition window without pretending risk has disappeared. It is a practical roadmap wrapped inside a warning label.

The biggest lesson is not that every digital asset product is suddenly doomed to licensing. The lesson is that classification now depends more heavily on substance, product design, customer use, and business model reality than on slogans. That is healthy for investor protection, uncomfortable for lazy operators, and very relevant for any serious company building in this space. In other words, the 2025 ASIC update did what good regulatory guidance is supposed to do: it made the gray areas smaller, even if it did not make them disappear.

Practical Experiences Teams Can Expect After an Update Like This

When a regulator publishes an update like ASIC’s 2025 revision to INFO 225, the real experience inside a company is rarely dramatic at first. No one usually runs through the office yelling, “The wallet feature has become a legal issue!” Instead, the shift starts quietly. Product counsel highlights a few passages. Compliance builds a spreadsheet. The operations team asks whether existing onboarding flows are still appropriate. Marketing suddenly learns that words like “safe,” “simple,” and “digital cash” may have more legal weight than anyone originally thought. Then, over a few weeks, the organization realizes the update is not a side note. It is a roadmap for what regulators are likely to ask next.

In practice, teams tend to experience three phases. The first is confusion. That phase is normal. People want a neat yes-or-no answer about whether a token, wallet, staking program, or platform feature is regulated. But guidance like this usually forces companies to confront a more uncomfortable truth: the answer depends on details they may not have documented properly. How is the product marketed? What rights are created? Who controls the assets? What exactly happens when the user presses the button? Suddenly, things that looked like engineering choices become legal facts.

The second phase is inventory. This is where mature teams start earning their coffee. They map every product feature, every customer promise, every revenue stream, and every dependency on third-party providers. They compare terms of service against app screens. They review whether staff are giving anything that might look like financial product advice. They identify whether custody practices, payment features, redemption rights, or pooled arrangements create a different regulatory outcome than expected. This part is tedious, but it is also where risk gets reduced. Most compliance trouble grows in places where nobody thought to compare the brochure with the backend reality.

The third phase is redesign. This is where the experience becomes genuinely strategic. Some businesses decide to pursue licensing. Others narrow products, change customer flows, soften claims, remove features, restructure custody, or geo-limit distribution. Strong teams do not treat regulatory change as a funeral for innovation. They treat it as product architecture with legal consequences. That mindset matters because the firms that survive tougher guidance are usually not the ones with the loudest branding. They are the ones willing to redesign before they are forced to.

There is also a human lesson here. Updates like ASIC’s have a way of exposing whether legal, product, compliance, and engineering teams actually talk to each other or merely exchange calendar invitations. If they collaborate early, the business can adapt intelligently. If they operate like separate planets, the result is delay, frustration, and a last-minute scramble featuring too many meetings and not enough sleep. So yes, the 2025 information sheet update is about regulation. But it is also about operational maturity. The companies that respond well are the ones that understand a regulator’s guidance is not just something to read. It is something to build around.