How To Apply For An Australian Credit Licence (ACL) In 2026

If you’re planning to offer credit products or credit services in Australia in 2026, getting your licensing right is one of the most important steps you’ll take.

An Australian Credit Licence (ACL) is the legal “permission slip” that allows you to engage in regulated credit activities. Without it (or without being properly authorised under someone else’s ACL), you can be exposed to serious compliance risk - including penalties, reputational damage, and restrictions on operating.

The good news is that applying for an ACL is doable when you approach it methodically. The process isn’t just about filling out a form; it’s about proving you have the right people, systems, governance and compliance culture to operate responsibly.

Below, we’ll walk you through what an ACL is, when you need one, what ASIC will look for, and how to put together a strong ACL application in 2026.

What Is An Australian Credit Licence (ACL) And What Does It Cover?

An Australian Credit Licence (ACL) is a licence issued by the Australian Securities and Investments Commission (ASIC). It authorises a person or business to engage in credit activities that are regulated under Australia’s consumer credit laws.

In practical terms, an ACL may be relevant if you are:

• providing credit (for example, lending money to consumers or offering “buy now pay later” style arrangements that fall within the regime),
• arranging or assisting with credit,
• acting as a credit intermediary or broker,
• suggesting or recommending a credit contract (credit assistance), or
• performing other credit-related services that the law treats as regulated credit activities.

It’s common for founders to assume an ACL is only for “big banks”. In reality, many fintechs, brokers, niche lenders, and platforms operating in credit-adjacent models may be captured, depending on what they do and how their product is structured.

One important tip: the licensing question usually depends on the substance of what you do, not just what you call it in your marketing materials.

ACL vs. Being An Authorised Credit Representative

In some business models, you might not apply for your own ACL straight away. Instead, you may operate as an authorised representative of an existing ACL holder (sometimes called an “authorised credit representative” arrangement).

This can be a practical stepping stone, but it comes with trade-offs:

• You’ll be operating under someone else’s licence conditions and supervision.
• You may have limited flexibility in how you offer services.
• You’ll still need strong compliance processes - and you’ll need to follow the licensee’s requirements.

Choosing between “get our own ACL” vs “be authorised under another licensee” is a strategic decision. If you’re aiming to scale, raise capital, or own your compliance framework long-term, an ACL application may be the right move.

Do You Need An ACL In 2026? Common Scenarios For Businesses

If you’re unsure whether you need an ACL, you’re not alone. Many business owners only discover the licensing requirements after building the product, signing commercial deals, or preparing for launch - which can create delays and rework.

In 2026, you should be thinking about ACL requirements early if you’re in (or near) any of these scenarios:

You’re A Broker Or Introducer In The Credit Space

If your business introduces consumers to lenders, helps them apply, or suggests which product they should take, you may be engaging in credit activities even if you never “touch the money”.

You’re A Fintech Offering Repayments, Instalments, Or “Credit-Like” Products

Some payment or subscription structures can drift into credit territory depending on their terms and how they are implemented. This is where product legal design matters - you want to understand what you’re building before you scale it.

You’re Building A Platform Or Marketplace That Facilitates Consumer Credit

Platforms can still be regulated even if a third party provides the credit contract, depending on your role in the customer journey.

You’re Expanding From B2B Into Consumer Offerings

Some businesses begin with business lending or trade credit and later add consumer features. The consumer credit regime is different and can trigger ACL requirements.

If you’re still shaping your structure, it’s worth checking whether you’ll operate through a company and what governance documents you’ll need. Many ACL applicants run the licensed business through a proprietary limited company, and set it up with a suitable Company Set Up and a fit-for-purpose Company Constitution.

And if you’re bringing in co-founders or investors (which is common in fintech), it’s usually wise to align ownership and decision-making early with a Shareholders Agreement.

Step-By-Step: How To Apply For An ACL In 2026

While the details of each application can vary depending on your business model, there’s a practical roadmap you can follow.

1. Clarify Exactly What “Credit Activities” You Will Provide

Start by mapping your product and customer journey:

• What will you say in your marketing?
• What will your staff or platform actually do for the customer?
• Who is the lender / credit provider?
• Are you suggesting products, collecting information, arranging applications, or handling repayments?

This step matters because your ACL permissions (and your compliance obligations) depend on what activities you conduct.

2. Decide Your Licensing Path: Own ACL vs. Authorised Representative

This is where strategy meets compliance.

Applying for your own ACL often makes sense if:

• you want control of your compliance framework,
• you’re building a brand where trust and regulatory maturity matter,
• you plan to scale nationally,
• you want clearer commercial leverage with partners, or
• you’re preparing for investment and due diligence.

Operating under another licensee might make sense if you’re validating a concept or launching a lean MVP. But you’ll still need to build strong compliance habits from day one.

3. Build Your “Responsible Manager” And Competency Approach

ASIC will want to see that the people responsible for your credit activities are competent and appropriately experienced.

In many cases, this involves nominating appropriately skilled individuals (often referred to in the industry as “responsible managers”) who can demonstrate relevant experience and oversight.

If you’re a founder-led business, this is often the point where you need to ask:

• Do we have the right experience in-house?
• Do we need to hire for compliance and credit expertise?
• Do we need external support while the business matures?

Getting this wrong is a common reason applications are delayed or challenged.

4. Prepare Your Compliance Framework And Core Policies

ASIC will expect you to have systems and processes to comply with your obligations, not just good intentions.

Depending on your model, this can include:

• compliance and risk management processes,
• hardship and dispute resolution pathways,
• training and supervision procedures for staff and representatives,
• record-keeping and audit trails,
• privacy and data handling systems, and
• outsourcing / vendor oversight processes.

Because many credit businesses collect and use personal information (identity documents, income details, bank statements, credit history indicators), your privacy settings need to be solid. If you collect personal information, a properly drafted Privacy Policy is usually a baseline requirement for customer-facing operations.

5. Get Your Commercial Documents Ready (Before You Scale)

A strong ACL application isn’t only about regulators - it’s also about running a sustainable business with the right risk controls.

Common documents credit businesses may need include:

• Customer terms (including platform/app terms if you operate online),
• Referral or broker terms (if you work with introducers),
• Outsourcing agreements (if you rely on third-party providers for onboarding, identity verification, or collections), and
• Employment contracts for staff who will be dealing with consumers, sales, or compliance.

If you’re building a team, a clear Employment Contract can help set expectations around confidentiality, compliance responsibilities, and performance requirements from the start.

6. Submit The ACL Application And Respond Promptly To ASIC Queries

Once your structure, people, and documents are in place, you can prepare and lodge the application through the ASIC process.

In 2026, you should expect that ASIC may request clarification or additional information. The best way to handle this is to:

• keep your supporting materials organised,
• respond promptly and consistently, and
• make sure your answers align with your actual operations (including your website/app and customer messaging).

If you’re unsure how to position the application, or you’re juggling licensing alongside fundraising and launch deadlines, it can help to get advice from a Regulatory Compliance Lawyer early, rather than trying to patch gaps later.

What ASIC Will Focus On In An ACL Application (And What You Should Prepare)

When ASIC assesses an ACL application, the theme is consistent: are you fit to engage in credit activities responsibly?

That question is usually tested through a few practical lenses.

People And Competence

ASIC will want confidence that the people running the credit function understand the legal and operational responsibilities - including how to handle customers fairly.

Organisational Capacity

ASIC may consider whether you have the operational capability to actually deliver compliant services, including:

• adequate resourcing,
• training and supervision,
• systems for record keeping, and
• controls for outsourced providers.

Compliance Culture (Not Just Paperwork)

Policies matter, but ASIC also cares about how your business will apply them in real life.

A useful self-check question is: If ASIC asked you tomorrow to show evidence of how you comply, could you do it? For example, could you show training logs, scripts, dispute handling records, and a clear escalation process?

Financial And Risk Management Approach

Depending on your business model, you may need to demonstrate you can manage financial risks and operate sustainably.

Even where you partner with other lenders or platforms, your risk responsibilities can still be significant, especially if customers perceive you as the “provider” or rely on your guidance.

What Happens After You Get An ACL? Ongoing Obligations In 2026

Getting your ACL is a major milestone, but it’s not the finish line. Your compliance obligations continue throughout the life of the business.

In 2026, you should plan for ongoing obligations such as:

Maintaining Your Compliance Systems

ASIC will expect that your compliance framework remains active and updated as your business changes. That includes expanding products, changing your onboarding flow, hiring new staff, or introducing new third-party providers.

Training, Monitoring And Supervision

If you have employees, brokers, or representatives engaging with consumers, you’ll need ongoing training and supervision - especially for sales practices, disclosure, and hardship handling.

Dispute Resolution And Complaint Handling

Credit businesses need a clear and accessible process for handling complaints and disputes. This includes internal processes and (in many cases) external dispute resolution membership requirements depending on your model.

Marketing And Customer Communications

What you say publicly matters. Your advertising and sales scripts should be reviewed through a compliance lens to avoid creating misleading impressions about credit suitability, approvals, or obligations.

Privacy And Data Protection

Credit services often rely on sensitive personal information. In practice, your privacy obligations are not just “legal wording” - they affect how you collect, store, use, and disclose data, and how you respond to incidents.

As your business grows, this is often the point where founders decide to formalise privacy governance, update their Privacy Policy, and ensure internal processes match what the policy says.

What Documents And Legal Building Blocks Should You Have In Place?

When you’re operating in a regulated space, good documentation isn’t just a “nice to have” - it’s part of your risk controls and your operational foundation.

Not every credit business will need every document below, but these are some common building blocks to consider as you prepare for licensing and beyond.

• Company Constitution: sets out the rules for how your company is governed internally, which can be particularly relevant when you add investors or restructure. Many founders put this in place early with a Company Constitution.
• Shareholders Agreement: helps co-founders (and later investors) align on decision-making, exits, and ownership. This is often crucial in fintech and lending ventures using a Shareholders Agreement.
• Employment Contracts: set clear expectations with staff, especially where roles involve customer-facing credit assistance, sales conduct, or compliance oversight. A tailored Employment Contract can also help with confidentiality and compliance responsibilities.
• Privacy Policy: explains how your business handles personal information and supports your broader privacy compliance posture, particularly if you operate online. This is commonly addressed with a properly drafted Privacy Policy.
• Customer Terms / Platform Terms: sets rules for how customers use your platform, what your service includes (and doesn’t), fees, limitations, and dispute processes.
• Supplier / Outsourcing Agreements: important if third parties support onboarding, identity verification, credit assessment tools, customer support, or collections. These agreements should clearly allocate responsibilities and include service levels, security expectations, and reporting.

It’s also worth making sure your legal set-up matches how you plan to grow. For example, if you’re currently operating as a side project but plan to raise funds and apply for an ACL, you may want to start with a clean Company Set Up and scalable governance from the outset.

Key Takeaways

• An Australian Credit Licence (ACL) is required for many credit and credit-assistance activities in Australia, including broking, arranging credit, and some fintech models.
• In 2026, the ACL application is as much about your people, systems and compliance culture as it is about the form you lodge with ASIC.
• Before applying, you should clearly map your customer journey to confirm what regulated credit activities you will (and won’t) provide.
• Strong governance and documentation - including your business structure, privacy settings, and customer-facing terms - can make licensing and scaling significantly smoother.
• After you obtain your ACL, ongoing compliance obligations continue, including training, supervision, dispute handling, and privacy/data protection processes.
• Getting advice early can help you avoid delays, rework, and compliance gaps that can become expensive once you’ve launched.

If you’d like a consultation on applying for an Australian Credit Licence (ACL) in 2026, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no-obligations chat.