ICO What Is It? A Legal Guide For Australian Startups And Businesses

Thinking about raising capital or launching a blockchain product in Australia? Initial Coin Offerings (ICOs) can open doors to funding and community-building, but they also come with real legal obligations. In a regulated market like Australia, understanding how ICOs are treated by law is essential before you write a whitepaper or press “launch”.

If you’ve been asking “ICO - what is it and how does it work in Australia?”, you’re not alone. The headlines can be confusing, and the rules don’t always sit neatly in one place. The good news is that with the right structure, documents and compliance plan, an ICO or token sale can be run in a way that aligns with Australian law and supports your long-term goals.

In this guide, we’ll break down what an ICO is, when it may be regulated, the key steps to plan a compliant token sale, and the legal documents you’ll likely need. We’ll also flag special issues like overseas investors, exchange listings and common structuring tools (such as SAFTs) so you can move forward with clarity.

What Is An ICO (Initial Coin Offering)?

An ICO is a way to raise funds by issuing digital “tokens” on a blockchain. Buyers contribute value (often cryptocurrency) and receive tokens that have certain rights or utility in your ecosystem. In practice, those tokens typically fall into three broad buckets:

• Utility tokens: Access, credits or rights to use a platform or service (for example, spendable credits inside an app or membership features).
• Security/financial tokens: Tokens that look more like investments, such as a right to share in profits, revenue or assets, or voting/control rights.
• Asset-backed or stable tokens: Tokens pegged to or backed by real-world assets (e.g. gold, property, or fiat).

Different projects use different labels (you might also hear token generation events, security token offerings or “launches”), but regulators care less about the label and more about what the token does, how it’s sold, and who it’s sold to. That substance-over-form approach is central to working out your obligations in Australia.

Are ICOs Legal In Australia?

Yes - ICOs are not illegal in Australia. However, they sit within Australia’s financial and consumer law framework. Depending on the token’s features and your sale structure, your ICO may be regulated as a financial product under the Corporations Act 2001 (Cth) and laws administered by the Australian Securities and Investments Commission (ASIC).

In simple terms, ask three questions:

• What does the token do? If it confers investment-like rights (profits, assets, control), it may be a security, an interest in a managed investment scheme, a derivative or a non-cash payment facility - all of which are financial products in many cases.
• How is it offered? Public promotions, retail investors and ongoing financial benefits can point toward financial product regulation and trigger licensing and disclosure obligations.
• Who is it offered to? Offers to retail clients have stricter rules than offers limited to wholesale or sophisticated investors.

If your offer involves securities (e.g. shares or debentures) to retail investors, Chapter 6D may require a prospectus. If it involves other types of financial products (for example, interests in a managed investment scheme), Part 7.9 can require a Product Disclosure Statement (PDS). In both cases, you should consider whether an Australian Financial Services Licence (AFSL) is required to issue, deal or provide advice in relation to those products, and whether the Design and Distribution Obligations (DDO) and anti-hawking rules apply.

If your token is genuinely a utility token (access only, no investment qualities) and the offer does not otherwise involve a financial product, financial services laws may not apply. Even then, you must still comply with Australian Consumer Law (for example, you must not engage in misleading or deceptive conduct). ASIC also has powers in relation to misleading conduct in financial services and markets.

Because the analysis turns on fine details, getting a written regulatory assessment before launch is common practice. It demonstrates diligence to investors and exchanges - and it helps you structure the sale correctly from day one.

How Do You Plan And Structure An ICO In Australia?

Planning an ICO is part business strategy, part legal compliance. A clear roadmap will keep your project on track and investor-ready.

1) Build A Clear Business And Token Model

Start with your value proposition and token mechanics in plain English. What problem do you solve? Why use a token at all? How will tokens be used post-sale? Consider:

• Token utility (on-platform usage, access rights, governance, payments).
• Distribution model (allocation to team, treasury, community, vesting/lockups).
• Fundraising goals and use of proceeds.
• Risks and dependencies (technical, regulatory, market, security).

Documenting these foundations early makes legal and technical implementation smoother and helps you answer the questions ASIC and investors will ask.

2) Choose A Business Structure

You can run a blockchain project as a sole trader or partnership, but most serious fundraising is done through a company. A proprietary limited company (Pty Ltd) creates a separate legal entity, which can help with governance, liability and investor expectations.

• Sole trader: Quick to start, but you are personally liable for debts and claims.
• Partnership: Shared control and liability; less common for growth ventures.
• Company (Pty Ltd): Separate entity, limited liability, clearer governance - often preferred by investors and service providers.

If you plan to incorporate, you can streamline setup with a Company Set Up, and use a Shareholders Agreement to outline ownership, founder vesting and decision-making rules. If you’ll use a brand that’s different to your company name, keep the distinction between a business name and company name in mind and register the trading name as needed.

3) Map Your Regulatory Position And Licences

Engage an expert to assess whether your token and sale mechanics amount to a financial product. Depending on the analysis, you may need to:

• Prepare a prospectus (Chapter 6D) or PDS (Part 7.9) for retail offers.
• Operate under an AFSL (your own or an authorised representative arrangement) if you issue or deal in financial products.
• Design a target market determination (DDO), implement distribution controls and compliance processes.
• Limit offers to wholesale or sophisticated investors, or to offshore persons in compliant jurisdictions, if that fits your strategy.

If you’ll engage exchanges, payment partners or custodians, they may have their own onboarding requirements (including legal opinions and compliance materials). Start those conversations early.

4) Build Your Legal Pack And Sale Infrastructure

Beyond a whitepaper, you’ll need sale terms, customer agreements, website legal pages and data protection processes. These should be tailored to your token model and the way you’ll onboard buyers (web app, smart contract, custodial vs non-custodial flows).

5) Market Responsibly

All promotions must be accurate and not misleading. This includes your website, whitepaper, social posts, AMAs and investor decks. If your offer is a financial product, financial promotions can be restricted or require specific disclosures. Even for utility tokens, the misleading or deceptive conduct rules apply. Build internal sign-off processes before publishing materials.

What Laws Apply To ICOs And Token Sales?

ICO projects in Australia commonly touch several areas of law. Here’s a high-level tour.

Corporations And Financial Services Law

If your token or sale structure amounts to a financial product, the Corporations Act obligations can include:

• Licensing: AFSL or authorisation for issuing, dealing, or advising in relation to financial products.
• Disclosure: Prospectus (Chapter 6D) for securities or a PDS (Part 7.9) for other retail financial products.
• Conduct rules: DDO, anti-hawking, advertising restrictions and general obligations to act efficiently, honestly and fairly.
• Managed investment schemes: If contributors pool funds and expect benefits produced by others’ efforts, MIS rules may apply (including registration for retail MIS and a responsible entity structure).

Penalties for non-compliance can include stop orders, compensation, enforcement action and personal liability for directors. Taking compliance seriously from the outset is essential.

Australian Consumer Law And Misleading Conduct

Regardless of whether your token is a financial product, you must not mislead or deceive. The Australian Consumer Law (ACL) prohibits false, misleading or deceptive conduct in trade or commerce. ASIC also enforces similar prohibitions in the financial services context. Keep claims conservative, explain risks clearly and don’t promise outcomes you can’t control (such as token price appreciation).

Tax And Accounting

Token sales can be taxable events, and the way you recognise revenue and expenses will depend on your model. Factors include whether you supply a service immediately, defer performance, or issue tokens with future redemption rights. This is an area to obtain specialist tax advice early. Nothing in this guide is tax advice - engage an accountant who understands crypto-asset transactions.

AML/CTF And AUSTRAC

Australia’s anti-money laundering and counter-terrorism financing (AML/CTF) regime applies to “designated services”. If you operate a digital currency exchange (e.g. exchanging fiat for crypto or crypto-to-crypto for customers), you’ll likely be a reporting entity that must register with AUSTRAC and implement an AML/CTF program. If you only issue utility tokens and do not provide designated services (and rely on third-party exchanges or payment processors), you may not be a reporting entity - but you should still assess money laundering and sanctions risks and build appropriate checks.

Privacy And Data Protection

If you collect personal information from buyers or users, consider your obligations under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Many small businesses with annual turnover of $3 million or less are not “APP entities”, but there are important exceptions (for example, certain health service providers, businesses that trade in personal information, or businesses that opt in). Even where the APPs don’t apply by law, many projects publish a transparent Privacy Policy and adopt good data practices because partners, platforms and customers expect it.

Where you use vendors to process data, it’s common to put a Data Processing Agreement in place and ensure international transfers are lawful and secure.

Intellectual Property

Your brand, token name and platform assets are valuable. Consider protecting your brand by filing a trade mark for your name and logo and setting clear IP ownership among founders and contractors. For brand protection, many businesses file early through a service like Register Your Trade Mark to deter copycats and support exchange listings and partnerships.

What Legal Documents Will You Need For An ICO?

Your document suite should match your token model and sale mechanics. Common documents include:

• Whitepaper or Offer Document: A clear, balanced description of the project, token mechanics, tokenomics, roadmap and material risks. If your offer is a financial product, this will sit alongside or be replaced by a prospectus or PDS (as required).
• Token Sale Terms: Contract terms governing the sale (eligibility, purchase process, delivery, restrictions, lockups, risk disclosures, disclaimers, refund policy, governing law). For retail sales of non-financial products, these function like Terms of Sale.
• Platform/User Terms: If tokens unlock a service, your user agreement should set the ground rules for using the product, acceptable use, suspension, and IP rights.
• Website Terms And Conditions: Rules for website use, IP ownership and liability protections, typically published alongside your privacy page. See Website Terms and Conditions.
• Privacy Policy: Explains what personal information you collect, why, how you store it, and how users can exercise rights. Many projects publish a clear Privacy Policy from day one, even where not strictly required.
• Security And Bug Bounty Terms: If you’ll run audits or a bug bounty, set eligibility and safe-harbour rules.
• Shareholders Agreement: If you have co-founders or investors, a Shareholders Agreement helps manage ownership, vesting, governance and exits.
• Employment/Contractor Agreements: Set ownership of IP, confidentiality, and post-employment restrictions for developers, marketers and community managers.
• Non-Disclosure Agreement (NDA): Use an NDA when sharing confidential details with advisors, exchanges and vendors before launch.

No two token sales are identical. An early legal scoping discussion will help you prioritise the right mix of documents and avoid over- or under-engineering your setup.

Special Considerations For Australian ICOs

Overseas Investors And Jurisdictional Risks

If you market or sell outside Australia, foreign laws may apply. For example, US securities laws can capture offers that reach US persons, even from abroad. Many projects geoblock certain jurisdictions, tailor sales to wholesale/sophisticated investors only, or run phased launches. Get jurisdiction-specific advice before opening the sale globally.

Exchange Listings And Custody

Centralised and decentralised exchanges have listing criteria, including legal opinions, token distribution data, lockups and compliance confirmations. If you plan custodial solutions (holding user assets), consider licensing, custody standards, and security controls. Third-party providers will expect robust legal terms and risk frameworks.

Using SAFTs/SAFEs

Some teams raise with Simple Agreements for Future Tokens (SAFTs) or Simple Agreements for Future Equity (SAFEs). These are contract tools for sequencing a raise, not a way to bypass regulation. Whether you use a SAFT/SAFE or a direct sale, the underlying token and offer must still comply with Australian law. Get a lawyer to tailor any pre-sale or bridge documentation to your actual model and investor base.

Security, Audits And Incident Response

Smart contract and infrastructure security are business-critical. Budget for independent audits and build an incident response plan covering comms, temporary safeguards (pauses if available), and legal escalation. Clear disclosures in your sale terms about technical risks and upgrade processes help set realistic expectations.

Governance And Transparency

If governance features (voting, treasury control) are part of your token, publish how decisions are made and who controls upgrade keys and treasuries at launch and over time. Transparent vesting and disclosure about related-party transactions build trust and reduce regulatory risk.

Key Takeaways

• An ICO is a token-based fundraising method - in Australia, whether it’s regulated depends on the token’s features, how the sale runs, and who you sell to.
• If your token or sale is a financial product, expect AFSL, disclosure (prospectus or PDS), conduct rules and DDO to apply; purely utility tokens can still trigger consumer law obligations.
• Set up the right structure, usually a company, and lock in founder governance with a clear Shareholders Agreement and cap table discipline.
• Your core legal pack typically includes a whitepaper or offer document, Token Sale Terms, user/platform terms, Website Terms and Conditions, a transparent Privacy Policy, and well-drafted team and NDA documents.
• Assess AML/CTF, privacy, IP protection and tax early; many projects are not AUSTRAC reporting entities unless they provide designated services, but risk controls are still essential.
• International offers, exchange listings and pre-sale instruments (SAFT/SAFE) add complexity - tailor your approach and get advice before launch.

If you would like a consultation on launching an ICO or token sale for your Australian startup, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no-obligations chat.