top of page
Search

Regulatory Ready-Reckoner: Asia-Pac

  • Writer: Xelene Aguiar
    Xelene Aguiar
  • Sep 5
  • 19 min read

This Regulatory Read Reckoner is built as a quick reference guide to how key countries in the region are shaping the rules around digital assets. The aim is to give you high-level clarity on how different jurisdictions are steering the future of crypto within their jurisdiction. This is by no means an exhaustive compilation of all regulations and is NOT INTENDED AS LEGAL ADVICE.


Each country entry is organised under the following sub-headings:

  1. Laws / Regulations list

  2. Regulatory bodies with oversight

  3. Licensing / Market access

  4. AML / CFT regulations

  5. Investor protection regulations

  6. Taxation on crypto

  7. Use of crypto as medium of exchange / asset class

  8. Cross-border data reporting

  9. Recent enforcement / market signals


1. Australia

Laws / Regulations list

Primary law: AML/CTF Act 2006 as amended by the AML/CTF Amendment Act 2024.

Government is developing a Digital Asset Platform licensing framework to bring non-financial-product crypto platforms (custody, trading, staking, tokenisation) into the Australian financial services perimeter, with draft legislation slated for public consultation in 2025.


Regulatory bodies with oversight

AUSTRAC (AML/CTF supervision of VASPs),

ASIC (financial services & markets conduct),

Treasury (DAP licensing reforms),

Home Affairs (policy/definitions aligned to FATF).


Licensing / Market access

Digital currency exchange providers and other VASPs must register with AUSTRAC before offering designated services (registration process, information updates and review times apply). Separately, ASIC has signalled that many digital-asset services will fall within existing financial-services licensing (AFSL) obligations (INFO 225 updates / consultation). The Australian Government (Treasury) is also progressing a Digital Asset Platform (DAP) licensing/market-access policy to tighten custody, conduct and licensing rules — firms should expect concurrent AUSTRAC registration plus ASIC/Treasury-driven licensing or AFSL expectations for activities that are financial products.


AML / CFT regulations (including Travel Rule / VASP obligations)

In force: AML/CTF Act (as amended 2024). VASPs must register with AUSTRAC and meet KYC, reporting and program obligations (see AUSTRAC 2025 VASP factsheet).

Forthcoming: DAP reforms are expected to impose licensing and tailored custody obligations through the AFSL regime.


Investor protection regulations

Crypto products that are ‘financial products’ are subject to Australian consumer and financial services laws, including DDO and misleading/deceptive conduct prohibitions. ASIC updated INFO 225 (Dec 2024) and has enforced DDO against providers (e.g., Kraken/Bit Trade case, 2024).


Taxation on crypto (capital gains, income, VAT/GST, staking, airdrops)

ATO: Crypto assets are not a form of money and have no special tax rules—standard principles apply (e.g., CGT on disposals; income for staking rewards/airdrops, June 2025 guidance).


Legal tender status, property classification, regulatory recognition

Crypto is not legal tender in Australia and not money for tax purposes; it’s generally treated as an asset (property) and using it to pay for goods/services is a taxable disposal.


Cross‑border data reporting (CARF, CRS, FATCA or other international reporting frameworks)

Cross-border data reporting: Australia is actively working to implement the OECD Crypto-Asset Reporting Framework (CARF). Treasury ran a public consultation on implementing CARF (Nov 2024–Jan 2025) and options for incorporating CARF into Australian tax law; Australia’s implementation is being planned to align with the OECD timeline/standards and will require reporting by relevant crypto service providers and automatic exchange of crypto transaction data with other tax authorities. Reporting entities and tax/compliance teams should monitor Treasury and ATO rule-making for detailed obligations and timelines.


Recent enforcement / market signals

Digital currency exchange providers and other VASPs must register with AUSTRAC before offering designated services (registration process, information updates and review times apply). Separately, ASIC has signalled that many digital-asset services will fall within existing financial-services licensing (AFSL) obligations (INFO 225 updates / consultation). The Australian Government (Treasury) is also progressing a Digital Asset Platform (DAP) licensing/market-access policy to tighten custody, conduct and licensing rules — firms should expect concurrent AUSTRAC registration plus ASIC/Treasury-driven licensing or AFSL expectations for activities that are financial products.


2. Singapore

Singapore’s crypto regime is led by MAS (PSA and now DTSP rules under FSMA). Key DTSP licensing/clarifications came into force 30 June 2025; MAS enforces AML/CFT (Notice PSN02), Travel-Rule expectations, and tightened territorial licensing for overseas operators. Token offerings that are ‘capital markets products’ remain subject to securities laws. IRAS applies existing tax principles (trading/business income taxed; personal capital gains generally not), GST and CARF reporting obligations apply. Expect continued supervisory scrutiny and tighter access for overseas-only platforms.


Laws / Regulations list

Primary law: Payment Services Act 2019 (PSA) (regulates digital payment token services) and the Financial Services and Markets Act (FSMA) 2022 — MAS finalised DTSP (Digital Token Service Provider) rules under the FSMA with key provisions coming into force 30 June 2025; MAS also continues to regulate VASPs under PSA notices where applicable.


Regulatory bodies with oversight

MAS — primary regulator for financial services, DTSP licensing & supervision; IRAS — tax treatment/GST guidance and CARF implementation; Singapore authorities coordinate AML/CFT supervision (MAS-led notices such as PSN02) and implement international reporting (CARF) under IRAS.


Licensing / Market access

MAS requires licensing/registration for providers of digital token services. Since the FSMA/DTSP clarifications, MAS has tightened the territorial scope and required that platforms serving Singapore users must be licensed — MAS gave notice that some overseas-only models will no longer be acceptable without licensing; new DTSP rules took effect 30 June 2025. Non-compliant overseas-only operators have been asked to cease services to Singapore users or secure MAS authorisation.


AML / CFT regulations (including Travel Rule / VASP obligations)

MAS enforces AML/CFT obligations for VASPs via PSA notices (e.g., Notice PSN02) — customer due diligence, transaction monitoring and suspicious transaction reporting are required. MAS expects Travel-Rule compliance and industry implementations; obligations apply irrespective of transaction size for certain data elements and there are enhanced expectations around correspondent VASP relationships and recordkeeping. Supervisory and enforcement scrutiny has increased.


Investor protection regulations

MAS requires DTSPs/DPT providers to implement strong customer-asset safekeeping (segregation or custodial arrangements), operational resilience, disclosure of risks and clear terms of service. DTSP licensing under the FSMA (effective 30 June 2025) embeds conduct and consumer-protection obligations (disclosure, suitability/recordkeeping, safekeeping/audit expectations) for in-scope token services; MAS has also published targeted investor-protection measures for DPT service providers (e.g., safekeeping and custody expectations).


Taxation on crypto (capital gains, income, VAT/GST, staking, airdrops)

IRAS: tax treatment depends on facts — capital/notional gains typically not taxed for personal investors, but trading/ordinary-income activities (including business trading, some staking/airdrops where it is income) are taxable.

GST: supplies of digital payment tokens were treated under the GST rules update (post-Jan 2020 treatment); check IRAS DPT/GST page for specifics.


Legal tender status, property classification, regulatory recognition

Use as medium of exchange: IRAS defines a ‘digital payment token’ as a cryptographically-secured digital representation of value used or intended to be used as a medium of exchange; supplies and uses of DPTs have specific GST and tax treatments per IRAS guidance (see DPT and GST e-Tax guide). MAS has also reiterated that cryptocurrencies are not legal tender in Singapore and warned there is no statutory protection for losses — using crypto to pay for goods/services can be a taxable disposal or supply depending on facts, so firms must consider GST and income tax implications and reporting obligations.


Cross‑border data reporting (CARF, CRS, FATCA or other international reporting frameworks)

Singapore is implementing the OECD Crypto-Asset Reporting Framework (CARF) and will exchange tax-relevant crypto data automatically with other jurisdictions in line with international standards. Firms should prepare for expanded reporting and customer due-diligence needs.


Recent enforcement / market signals

MAS has signalled a tighter stance toward offshore/‘foreign-only’ operators and less reputable entities; since late-2024/2025 MAS has required constrained market access or exit for operators not meeting licensing standards — this has prompted some providers to reassess Singapore operations and heightened industry compliance actions.


3. India

No single VDA law yet—regulation is patchwork. Tax: Section 115BBH (30% flat tax) + Section 194S (1% TDS). AML/registration enforced via FIU-IND (VDASP registration & PMLA powers); RBI remains cautious while SEBI/CBDT play sectoral roles. FIU enforcement (fines/registrations) and planned CARF adoption are reshaping market access.


Laws / Regulations list

No single consolidated VDA law yet—India relies on existing statutes and administrative instruments: the Income-tax Act (new VDA tax provisions introduced in the Finance Act 2022, Section 115BBH/194S), the Prevention of Money-Laundering Act (PMLA) and FIU-IND AML guidance, plus regulatory inputs from RBI, SEBI and Ministry of Finance as policy develops.


Regulatory bodies with oversight

FIU-IND (AML registration & supervision of VDA service providers), CBDT/Income-Tax (taxation & TDS rules), RBI (payments, monetary-stability stance), SEBI (oversight where tokens qualify as securities), and Ministry of Finance/Treasury (policy). These agencies coordinate but no single consolidated VDA regulator currently exists.


Licensing / Market access

India currently requires FIU-IND registration for Virtual Digital Asset Service Providers (VDASPs) as reporting entities under AML rules (FIU circulars & compliance orders have been issued; non-compliant offshore platforms have been fined or blocked). There is no unified VDA licence from a securities/central bank authority yet; market access is operationally driven by FIU registration, banking/PSP relationships and state/agency enforcement.


AML / CFT regulations (including Travel Rule / VASP obligations)

FIU-IND has issued AML/CFT guidance and registration circulars for VDA service providers; reporting and KYC obligations, suspicious-transaction reporting and PMLA powers are being applied to VDAs. India is aligning operationally with international FATF expectations (Travel-Rule style information flows) through FIU action and supervisory orders.


Investor protection regulations

No single consumer-protection code for VDAs—protections are piecemeal: SEBI oversight applies where tokens are securities; exchanges are expected to follow FIU AML/KYC and marketplace conduct via contractual terms and banking arrangements. FIU enforcement and market discipline (banks/payment rails withdrawing services for non-compliant players) are the principal consumer-protection levers in practice.


Taxation on crypto (capital gains, income, VAT/GST, staking, airdrops)

Finance Act 2022 introduced a separate VDA tax regime: Section 115BBH (flat 30% tax on income from transfer of VDAs, limited deductions) and Section 194S (generally 1% TDS on VDA transfers with thresholds). CBDT issued implementation guidance (practical clarifications on withholding & reporting). Tax authorities are actively enforcing compliance.


Legal tender status, property classification, regulatory recognition

Crypto/VDAs are not legal tender in India. They are treated as digital assets/VDAs for tax and enforcement purposes but lack a single statutory ‘asset-class’ status; regulatory treatment depends on context (tax rules apply uniformly for transfers; SEBI may treat some tokens as securities). RBI continues to caution about macro/financial-stability risks.


Cross‑border data reporting (CARF, CRS, FATCA or other international reporting frameworks)

India is moving to adopt international tax-information standards for crypto—authorities have signalled participation in the OECD Crypto-Asset Reporting Framework (CARF) and are planning implementation steps (official timetables point to phased adoption/alignments with OECD timelines). Firms should prepare for increased cross-border exchange and reporting obligations.


Recent enforcement / market signals

FIU-IND has issued compliance orders and fines (eg. actions vs large offshore platforms in 2023–2024) and has stepped up registration drives; major global firms (eg Coinbase) publicly registered with FIU in 2025 while others were fined or blocked. The government continues policy review (inter-agency debates between RBI, SEBI and Finance Ministry), and tax/AML enforcement is actively shaping market structure.


4. Japan

PSA + FIEA interplay—FSA requires VASP registration, strict custody/AML and Travel‑Rule compliance; FSA has signalled plans to amend securities law (FIEA) to clarify when crypto is a financial product (legislative proposal expected 2026).


Laws / Regulations list

Japan's legal framework is led by the Payment Services Act (PSA) and the Financial Instruments and Exchange Act (FIEA) where applicable; the FSA has updated PSA rules (2024–2025) on VASP registration, AML/Travel-Rule implementation and intermediary licensing, and signalled plans to amend the FIEA to clarify when crypto-assets should be treated as financial products (legislative proposal expected 2026).


Regulatory bodies with oversight

FSA is the primary regulator for crypto exchange registration and oversight; J-FSA (local offices) supervise AML compliance; National Tax Agency provides tax guidance; police/public prosecutors enforce criminal AML and fraud prosecutions.


Licensing / Market access

Providers offering exchange services in Japan must register with the FSA (PSA) and meet custody, capital and AML/KYC standards; cross-border service models that target Japanese residents generally require registration or a local presence. The FSA has clarified Travel-Rule expectations and intermediary licensing categories in 2024–2025.


AML / CFT regulations (including Travel Rule / VASP obligations)

Japan enforces FATF-aligned AML/CFT requirements for VASPs (CDD, STRs, record retention) and has implemented Travel-Rule style data-sharing guidance; criminal enforcement for illicit activity remains active.


Investor protection regulations

Consumer protections include strict custody/separation rules, disclosure duties and operational-resilience requirements for registered exchanges; tokens that meet the FIEA definitions are subject to securities law (prospectus/registration and insider-trading prohibitions under proposed 2026 amendments).


Taxation on crypto (capital gains, income, VAT/GST, staking, airdrops)

The National Tax Agency treats crypto as miscellaneous income or business income depending on facts; disposals normally trigger income-tax/CGT consequences. The tax authority has issued iterative guidance; firms should consult the NTA for transaction-specific treatment.


Legal tender status, property classification, regulatory recognition

Crypto is not legal tender in Japan and is treated as a digital asset; classification (property vs financial instrument) depends on features and determines regulatory overlay.


Cross‑border data reporting (CARF, CRS, FATCA or other international reporting frameworks)

Japan participates in international tax‑information exchanges and is aligning domestic reporting to OECD frameworks (CARF/DAC) as they are implemented; firms should prepare for enhanced information reporting.


Recent enforcement / market signals

The FSA's recent activity (2024–2025) shows stronger supervision of exchanges, clearer Travel‑Rule enforcement and preparatory steps to bring certain cryptoassets under the FIEA—market participants should expect legislative changes in 2026 and tighter conduct expectations.


5. Hong Kong (China)

Mandatory SFC licensing for virtual-asset trading platforms (transition completed 2024) with HKMA/stablecoin oversight; strong investor protection and AML expectations; active push to attract institutional crypto activity.


Laws / Regulations list

Hong Kong's SFC has implemented a mandatory licensing regime for virtual-asset trading platforms (transition completed 2024); additional laws on stablecoins and tokenisation are being progressed and the SFC/HKMA continue to publish guidance (licensing process updates Dec 2024–Jun 2025).


Regulatory bodies with oversight

SFC licenses and supervises virtual-asset trading platforms and custodial services; HKMA focuses on payment systems and stablecoin policy; Hong Kong Government and Inland Revenue consider tax treatment and incentives.


Licensing / Market access

Centralised trading platforms must be licensed by the SFC to serve Hong Kong users (post-transition); licensed platforms can passport services subject to local conduct rules; stablecoin issuers and custodians face additional requirements under forthcoming ordinances.


AML / CFT regulations (including Travel Rule / VASP obligations)

Hong Kong enforces FATF-aligned AML/CFT rules for VASPs, including KYC, STRs and Travel‑Rule expectations; SFC guidance requires robust AML controls for licensed platforms.


Investor protection regulations

SFC requires detailed disclosure, custody safeguards and risk warnings for retail access; tokens that are securities fall under existing securities law; market conduct and investor protection are central to licensing decisions.


Taxation on crypto (capital gains, income, VAT/GST, staking, airdrops)

Hong Kong currently taxes crypto profits under ordinary tax rules depending on whether activity is revenue/business or capital in nature; authorities have considered tax incentives for tokenisation and institutional activity.


Legal tender status, property classification, regulatory recognition

Crypto is not legal tender in Hong Kong; it is recognised as a tradeable asset and is subject to regulatory classification (securities vs commodity vs e-money token) depending on features.


Cross‑border data reporting (CARF, CRS, FATCA or other international reporting frameworks)

Hong Kong is implementing CARF-style reporting and aligns with OECD international tax transparency standards; licensed platforms should prepare for expanded transaction reporting.


Recent enforcement / market signals

Hong Kong issued multiple exchange licenses in 2024–2025 and is actively positioning as a regional digital-asset hub—expect continued licensing, tax-incentive discussion and supervisory guidance.


6. South Korea

VAUPA (effective July 19, 2024) is the primary law—strong user-protection, custody, reserve and disclosure rules; AML/Travel‑Rule enforcement is robust and cross‑border services must satisfy local licensing or cease targeting Korean users.


Laws / Regulations list

The Virtual Asset User Protection Act (VAUPA) (effective July 19, 2024) is now the central statute governing VASP conduct and user protections; other laws (P2P/AML statutes) remain relevant.


Regulatory bodies with oversight

FSC leads policy and rulemaking for VAUPA; FSS and the Financial Intelligence Unit (FIU Korea) coordinate on supervision/AML; prosecutors and police remain active on enforcement.


Licensing / Market access

VASPs must satisfy VAUPA licensing/registration and strong custody/reserve rules; privacy‑coin restrictions and issuer obligations apply; cross‑border services targeting Korean users face licensing requirements and tight local‑partner/KYC expectations.


AML / CFT regulations (including Travel Rule / VASP obligations)

Korea enforces FATF‑aligned AML/CFT requirements with mandatory KYC, STRs and Travel‑Rule style data flows; FIU and banking partners actively screen crypto flows and take action on non‑compliant providers.


Investor protection regulations

VAUPA introduces strict user-protection measures (asset segregation, reserve requirements, detailed disclosure obligations and dispute-resolution frameworks); securities regulation applies where tokens are securities.


Taxation on crypto (capital gains, income, VAT/GST, staking, airdrops)

Korea taxes crypto gains depending on nature (business vs private). The tax authority and amendments post‑2023/2024 have clarified reporting obligations and treatment of transaction income; firms should follow National Tax Service guidance.


Legal tender status, property classification, regulatory recognition

Crypto is not legal tender in Korea; tokens are treated variably (property, financial instrument) depending on features and are regulated accordingly under VAUPA or securities law.


Cross‑border data reporting (CARF, CRS, FATCA or other international reporting frameworks)

Korea participates in OECD discussions and is preparing to implement CARF/DAC-style information exchange; reporting obligations for exchanges and intermediaries are being aligned to international standards.


Recent enforcement / market signals

Since VAUPA's effective date (July 19, 2024) enforcement and supervisory activity have increased—expect stricter licensing enforcement, higher AML scrutiny and clearer user-protection-driven conduct rules.


7. Malaysia

SC-regulated DAX marketplace with RMO and DAC frameworks active since 2019; 2025 proposals streamline listings while bolstering governance, custody, and reserve requirements. AML, taxation, and enforcement (e.g., Bybit cessation) are firmly in place. Long-term holding remains tax-free; active trading and mining are taxable. OECD CARF compliance upcoming.


Laws / Regulations list

Malaysia regulates digital assets under the Capital Markets & Services Act, via the 2019 Prescription Order for digital currency and token classes, with DAX (Digital Asset Exchange) and DAC (Digital Asset Custodian) frameworks in place. In 2025, the SC issued a consultation to enhance DAX governance, client safeguards, and listing rules in response to a surge in trading.


Regulatory bodies with oversight

The Securities Commission Malaysia (SC) leads regulation for exchanges, asset issuers, custodians, and DAX frameworks. Bank Negara handles broader financial system coordination, while tax and AML bodies inform compliance and enforcement policies.


Licensing / Market access

Operators must register as an RMO-DAX (exchange) or DAC (custodian) with the SC. In 2025, proposed reforms aim to allow licensed DAXs to list certain assets autonomously (if security-audited and FATF-compliant), but increased governance, resilience, asset segregation (90% offline cold wallets), and qualified senior management requirements are critical.


AML / CFT regulations (including Travel Rule / VASP obligations)

AML/CFT obligations align with SC and national frameworks—exchanges must ensure KYC, STRs, and robust monitoring. Enforcement actions, including "Ops Token" and mining crackdowns, reinforce compliance expectations.


Investor protection regulations

Investor protections include mandatory governance, whitepapers, client asset segregation (cold/warm wallets), and 1:1 reserve requirements. Exchanges may operate only as recognized market operators and must meet high governance and operational-resilience standards.


Taxation on crypto (capital gains, income, VAT/GST, staking, airdrops)

Malaysia currently has no capital gains tax on crypto for long-term holders. Profits from trading, mining, staking, or business-like activity are taxed as ordinary income. The Inland Revenue enforces reporting under "Ops Token." Individuals file taxes via standard forms; businesses are subject to corporate rates (15–24%).


Legal tender status, property classification, regulatory recognition

Crypto is not legal tender in Malaysia. It’s recognized as a digital asset or token under securities law, with trading permitted only via licensed DAXs. Users and firms must transact through regulated platforms.


Cross‑border data reporting (CARF, CRS, FATCA or other international reporting frameworks)

Malaysia is preparing for international tax transparency via the OECD’s CARF/DAC8 framework; while not yet implemented, platforms should be ready for future digital-asset-focused tax reporting.


Recent enforcement / market signals

2024–2025 enforcement has been active—Bybit was ordered to cease operations for being unregistered. The SC also introduced its 2025 DAX consultation to modernise the framework. Pulse of institutional interest continues to grow, with reforms signalling a move toward a vibrant but regulated market.


8. Thailand

SEC-led digital-asset regime with strengthened licensing (including extraterritorial rules under Royal Decree No.2), FATF-aligned AML/Travel-Rule expectations, and investor-protection measures for portals/exchanges. The government added USDT/USDC to approved lists, launched TouristDigiPay pilots, and introduced a temporary capital-gains tax exemption (2025–2029) for trades on licensed platforms to encourage market growth. Expect strict supervision alongside targeted incentives.


Laws / Regulations list

The Digital Asset Business Decree and related SEC implementing rules remain the backbone, updated by Royal Decree No. 2 (B.E. 2568 / 2025) which clarifies extraterritorial application to foreign platforms targeting Thai users. SEC rulemaking in 2024–2025 also expanded approved token lists (e.g., USDT/USDC) and tightened licensing criteria for portals and exchanges.


Regulatory bodies with oversight

SEC Thailand leads digital-asset licensing and supervision; Bank of Thailand (BOT) oversees payment-system implications; the Anti-Money-Laundering Office (AMLO) and Ministry of Finance coordinate on AML, tax and cross-agency policy (notably for TouristDigiPay and payment-rail safeguards).


Licensing / Market access

Thailand requires local licensing for digital asset business operators and — under the 2025 Royal Decree clarifications — applies extraterritorial licensing where foreign operators actively target Thai users (Thai-language sites, local payment rails, local marketing). Foreign platforms that wish to serve Thai customers must obtain SEC approval or partner with licensed local entities. Approved token lists and stricter portal requirements have been rolled out in 2024–2025.


AML / CFT regulations (including Travel Rule / VASP obligations)

Thailand enforces FATF-aligned AML/CFT rules for VASPs — mandatory KYC/CDD, STR filing and transaction-monitoring. The SEC, BOT and AMLO coordinate on supervisory checks and travel-rule-style data sharing; licensed portals are being held to higher AML screening and recordkeeping standards.


Investor protection regulations

SEC licensing imposes disclosure (whitepaper) requirements, custody/segregation rules for client assets, and operational-resilience expectations for portals and exchanges. The SEC has restricted high-risk products (certain derivatives/DeFi offerings) and enforces strict marketing rules to protect retail investors. Tokens that qualify as securities remain subject to securities-law obligations.


Taxation on crypto (capital gains, income, VAT/GST, staking, airdrops)

Thailand introduced a temporary policy incentive in 2025 — a five-year personal capital-gains tax exemption (2025–2029) for trades conducted on licensed Thai exchanges/portals to stimulate market activity. Otherwise, taxable treatment depends on whether activity is business/revenue in nature; businesses remain subject to corporate tax and VAT rules where relevant. Taxpayers should follow Revenue Department guidance for transactional details.


Legal tender status, property classification, regulatory recognition

Crypto is not legal tender in Thailand. Digital assets are recognised as tradable digital assets under the SEC regime; use as a payment instrument is limited and mediated through regulated portals and pilot initiatives (e.g., TouristDigiPay) that convert crypto to baht for merchant settlement. Classification (security vs commodity vs payment token) drives the applicable regulatory overlay.


Cross‑border data reporting (CARF, CRS, FATCA or other international reporting frameworks)

Cross-border reporting: Thailand is aligning with OECD tax-transparency standards (CARF/DAC8) and is preparing domestic reporting rules for digital-asset transaction data; platforms should expect expanded international information exchange obligations in line with OECD timelines.


Recent enforcement / market signals

2024–2025 regulatory activity is pro-growth but tightly supervised — the SEC added USDT/USDC to its approved tokens list, rolled out stricter portal licensing and extraterritorial rules (Royal Decree No.2), and the Government announced TouristDigiPay (pilot) while temporarily exempting capital gains on licensed-platform trades through 2029 to spur adoption. Enforcement actions and portal inspections continue, signalling ‘regulated expansion’ rather than laissez-faire access.

9. Indonesia

Laws / Regulations list

OJK Regulation (POJK) No. 27 of 2024 on the implementation of digital financial asset trading (covering crypto assets) — issued under Law No. 4/2023 (Financial Sector Development & Strengthening) and supplemented by SEOJK guidance. This marks a formal shift of supervisory responsibility from Bappebti to OJK for digital financial assets.


Regulatory bodies with oversight

OJK is now the primary regulator for digital financial assets (including crypto trading platforms) following POJK 27/2024. Bank Indonesia (BI) retains payments/systemic oversight; Ministry of Trade/Finance, tax authorities and AML units coordinate on tax, AML/CFT and market-integrity issues. Bappebti’s prior crypto list remains temporarily in effect until OJK finalises asset lists.


Licensing / Market access

Licensing/market access: POJK 27/2024 requires Digital Financial Asset Trading Organisers (exchanges), custodians and clearing entities to obtain OJK licences/authorisations and meet capital, governance, fit-and-proper and technology-resilience standards. Foreign platforms targeting Indonesian users should expect to obtain local authorisation or partner with licensed local entities; the Crypto Asset List transition period obliges exchanges to adopt OJK’s asset-listing process.


AML / CFT regulations (including Travel Rule / VASP obligations)

OJK’s framework integrates FATF-aligned AML/CFT expectations — exchanges and custodians must perform KYC/CDD, STR filing, transaction monitoring and record retention. Regulatory guidance expects Travel-Rule style data flows and coordination with national AML bodies; supervisors will use on-site checks and tech controls to enforce compliance.


Investor protection regulations

POJK 27/2024 imposes custody/separation requirements, disclosure/whitepaper standards, governance and incident-reporting obligations for trading organisers. OJK expects strong operational resilience, client asset segregation (clear custody rules) and enhanced disclosure for listed digital financial assets; tokens that resemble securities remain subject to securities-law treatment.


Taxation on crypto (capital gains, income, VAT/GST, staking, airdrops)

Indonesia treats crypto as a digital financial asset for tax purposes and has revised transaction taxation in 2025 — domestic trades face a transaction tax (0.21% as of Aug 1, 2025) while trades on overseas platforms face higher withholding/fee rates (1%); VAT on buyers was removed and mining VAT/tax treatment updated. Tax treatment for income (staking, business trading) follows ordinary income/corporate tax rules; taxpayers must follow Finance Ministry notices.


Legal tender status, property classification, regulatory recognition

Crypto is not legal tender in Indonesia. Under POJK 27/2024 crypto is formally classified as Digital Financial Assets, aligning them with financial-asset regulation rather than commodity treatment — trading is permitted via licensed platforms, while payment-use remains restricted under BI policy.


Cross‑border data reporting (CARF, CRS, FATCA or other international reporting frameworks)

Cross-border reporting: Indonesia is aligning with OECD transparency standards and is preparing to implement CARF/DAC-style reporting for crypto transaction data; OJK and tax authorities will coordinate on data collection and exchange obligations for licensed platforms. Firms should ready systems for enhanced transaction reporting and international information exchange.


Recent enforcement / market signals

The transfer of oversight to OJK (POJK 27/2024, Dec 2024 announcement) is a major policy shift that tightens prudential, governance and investor-protection expectations. In mid-2025 Indonesia updated crypto transaction taxes (higher rates for offshore trades effective Aug 1, 2025) to protect revenue and incentivise local licencing. Expect active licensing rounds, tightened oversight of foreign platforms, and phased enforcement during 2025–2026.


Others

China (Mainland)

Mainland China maintains a prohibitionary approach: since the PBOC-led joint notice (Sept 2021) crypto trading, exchanges and mining are banned and subject to enforcement; there is no on-shore licensing pathway and AML/tax action is implemented via criminal/administrative enforcement. China is focused on e-CNY development while Hong Kong SAR follows a separate, licensing-friendly path.


Vietnam

Regulatory position evolving—State Bank prohibits crypto as payment but MOF and SBV were directed in 2025 to propose a legal framework; trading/ownership sit in a grey zone pending formal law.


Taiwan

FSC progressing VASP registration and AML rules; VASP Association formed and draft VASP rules/registration frameworks were active in 2024–2025 requiring registration, AML/KYC and local presence for operators.


New Zealand

No bespoke crypto law but AML/CFT, FMA and DIA oversight applies; recent 2025 AML updates increase marketplace obligations and transparency; tax treated under ordinary income/capital rules.


Know Your Acronym

Australia

  • AML/CTF Act — Anti-Money Laundering and Counter-Terrorism Financing Act

  • AUSTRAC — Australian Transaction Reports and Analysis Centre

  • ASIC — Australian Securities & Investments Commission

  • AFSL — Australian Financial Services Licence

  • DCE — Digital Currency Exchange

  • INFO 225 — ASIC Information Sheet 225 (guidance reference)

  • ATO — Australian Taxation Office

  • CGT — Capital Gains Tax


Singapore

  • MAS — Monetary Authority of Singapore

  • IRAS — Inland Revenue Authority of Singapore

  • PSA — Payment Services Act (2019)

  • DTSP — Digital Token Service Provider

  • DPT — Digital Payment Token

  • PSN02 — MAS Notice PSN02 (AML/CFT notice)


China

  • PBOC — People’s Bank of China

  • e-CNY — Electronic Chinese Yuan (CBDC)

  • NDRC — National Development and Reform Commission


India

  • FIU-IND — Financial Intelligence Unit — India

  • PMLA — Prevention of Money Laundering Act

  • CBDT — Central Board of Direct Taxes

  • RBI — Reserve Bank of India

  • SEBI — Securities and Exchange Board of India

  • VDA — Virtual Digital Asset

  • VDASP — Virtual Digital Asset Service Provider

  • Section 115BBH — Income-tax Act provision on VDA taxation

  • Section 194S — TDS provision on VDA transfers


Japan

  • FSA — Financial Services Agency

  • PSA — Payment Services Act

  • FIEA — Financial Instruments and Exchange Act

  • NTA — National Tax Agency


South Korea

  • VAUPA — Virtual Asset User Protection Act

  • FSC — Financial Services Commission

  • FSS — Financial Supervisory Service

  • FIU Korea — Financial Intelligence Unit (Korea)

  • NTS — National Tax Service


Hong Kong (SAR)

  • SFC — Securities and Futures Commission

  • HKMA — Hong Kong Monetary Authority


Thailand

  • SEC Thailand — Securities and Exchange Commission Thailand

  • BOT — Bank of Thailand

  • AMLO — Anti-Money Laundering Office (Thailand)

  • TouristDigiPay — Government pilot program


Philippines

  • BSP — Bangko Sentral ng Pilipinas

  • SEC Philippines — Securities and Exchange Commission (Philippines)

  • BIR — Bureau of Internal Revenue (Philippines)

  • DOF — Department of Finance (Philippines)


Indonesia

  • OJK — Otoritas Jasa Keuangan (Financial Services Authority)

  • POJK — Peraturan OJK (OJK Regulation)

  • BI — Bank Indonesia

  • Bappebti — Commodity Futures Trading Regulatory Agency


Malaysia

  • SC — Securities Commission Malaysia

  • BNM — Bank Negara Malaysia (Central Bank)

  • RMO — Recognised Market Operator

  • DAX — Digital Asset Exchange

  • DAC — Digital Asset Custodian


Generic / Recurring Acronyms (all jurisdictions)

  • AML — Anti-Money Laundering

  • CFT — Countering Financing of Terrorism

  • KYC — Know Your Customer

  • CDD — Customer Due Diligence

  • STR — Suspicious Transaction Report

  • FATF — Financial Action Task Force

  • OECD — Organisation for Economic Co-operation and Development

  • CARF — Crypto-Asset Reporting Framework

  • CRS — Common Reporting Standard

  • FATCA — Foreign Account Tax Compliance Act

  • CBDC — Central Bank Digital Currency

  • VASP — Virtual Asset Service Provider

Comments

bottom of page