Australia’s Buy Now Pay Later & Payment Systems Reform: New Credit Licensing Rules17 min read

Introduction

Australia’s financial sector has undergone a significant reform impacting both payment systems and consumer credit providers. New legislation modernised the regulatory framework, bringing previously unregulated services like Buy Now Pay Later (BNPL) under the credit licensing rules of the National Consumer Credit Protection Act 2009 (Cth).

This article explains these dual reforms for non-bank lenders, fintech companies, and Buy Now Pay Later providers to help them understand their new and ongoing compliance obligations. It outlines the key changes to payment systems regulation and the credit licensing requirements that providers must now follow to operate legally.

Interactive Tool: Check If Your BNPL & Payment Business Needs a Licence

Understanding the Dual Reform Landscape for Payments & Credit

Modernising Australia’s Payment Systems Framework

The Australian government has initiated a significant reform to update the country’s payments regulatory framework, a complex area where businesses often require legal advice on regulatory compliance. This is being implemented through the Treasury Laws Amendment (Payments System Modernisation) Bill 2025, which expands the regulatory scope of the Payment Systems (Regulation) Act 1998. Ultimately, the changes are designed to ensure the law keeps pace with the evolving landscape of funds transfers and addresses emerging risks.

A key aspect of this reform is the broadening of two central definitions, as follows:

• Payment System: The definition now covers a wider range of arrangements. It includes systems that facilitate payments, even if they do not process the payment themselves, such as those that transmit messages to enable or sequence a payment. Furthermore, this captures new technologies like non-monetary digital assets and closed-loop systems.
• Participant: This term has been redefined to include all entities within the payments value chain. As a result, the expanded definition now covers providers of buy now pay later products, digital wallet services, and services that facilitate crypto assets, treating even indirectly connected entities as participants.

Bringing Buy Now Pay Later Under Credit Licensing Laws

Separate from the payment systems reform, another legislative change specifically targets the buy now pay later sector. Amendments to the National Consumer Credit Protection Act 2009 (Cth) now classify buy now pay later products as ‘credit contracts’.

Consequently, this change means that buy now pay later providers are subject to the same laws that govern other consumer credit providers. A major consequence of this reform is the requirement for these businesses to obtain an Australian Credit Licence from the Australian Securities and Investments Commission (ASIC) to continue offering their products, reflecting broader regulatory changes affecting non-bank lenders.

Key Changes for Non-Bank Lenders & Fintech Credit Providers

Newly Defined Financial Products & Stored Value Facilities

The payment systems reform introduces new categories of regulated financial products, requiring providers to hold an Australian Financial Services (AFS) licence. A key change is the formal definition of a Stored Value Facility (SVF) as a financial product. An SVF is a facility where funds can be held without an immediate instruction for onward payment, and a person has a right to redeem those funds.

Furthermore, the legislation defines a Tokenised Stored Value Facility (Tokenised SVF) to cover products like stablecoins. This is an SVF where the right to redeem a fixed amount of currency is tied to a digital token. It is important to note that the stablecoin token itself is not the financial product; rather, the facility that issues the token and provides the redemption right is the regulated product.

Newly Regulated Payment Services & What They Cover

The reform now classifies three specific types of ‘payment services’ as financial services, bringing them under the AFS licensing regime. These services are distinct in their operation but are now regulated collectively, as follows:

• Payment Facilitation Services (PFS): This service involves a provider receiving funds from a payer with the instruction to transfer them to a payee, covering activities like merchant acquiring services and remittance services.
• Payment Initiation Services (PIS): A provider offers this service when they initiate a non-cash funds transfer on behalf of a customer from an account held with a different institution, including services like ‘PayTo’ and direct debit arrangements.
• Payment Technology and Enablement Services (PTES): This category includes services that enable non-cash payments, such as digital wallets or payment gateways.

In addition, the PTES definition covers actions like verifying a person’s identity or transmitting payment instructions. However, it excludes purely ‘back-end’ providers who only facilitate transfers for other payment service providers without engaging directly with the payer or payee.

How the Reform Affects Credit Distribution Models & Partner Agreements

A significant change under the Treasury Laws Amendment (Payments System Modernisation) Bill 2025 is the expanded definition of a ‘participant’ in a payment system. Previously, this term was interpreted narrowly, but it has been broadened to include all entities involved in the payments value chain. As a result, this new definition now captures businesses that may only be indirectly connected to a payment system.

For example, providers of buy now pay later products or digital wallet services that facilitate payments through major schemes are now considered participants. Ultimately, this change means that intermediaries and partners in credit distribution and payment models are brought into the regulatory perimeter. Therefore, this requires a thorough review of existing partner agreements to ensure compliance with the new framework.

The New Credit Licensing Obligations for BNPL Providers

The Transition to the Credit Licensing Regime

Buy now pay later (BNPL) providers are now required to hold an Australian Credit Licence to operate. This requirement followed a transitional period that concluded in mid-2025, which allowed existing providers to apply for a licence while continuing to offer their services.

During that transition, providers had to submit a complete application to the Australian Securities and Investments Commission (ASIC) by a set deadline. Those who met this requirement could continue operating while their application was assessed. Any provider that failed to lodge an application by the cut-off date was required to cease offering BNPL products until a licence was formally granted.

Complying with Responsible Lending & Disclosure Obligations

As BNPL arrangements are now classified as ‘credit contracts’ under the National Consumer Credit Protection Act 2009 (Cth), providers must adhere to the full suite of Australian credit laws. This aligns them with other consumer credit providers and introduces significant ongoing responsibilities.

Key compliance duties for BNPL providers now include:

• Responsible Lending: Providers have an obligation to make reasonable inquiries into a consumer’s financial situation and assess whether a BNPL contract would be unsuitable for them.
• Disclosure Requirements: They must provide clear, accurate, and timely information to consumers about the terms and conditions of the credit being offered.
• General Conduct Obligations: Licensees must have adequate business systems in place to ensure compliance, manage risks, handle disputes through a formal process, and address instances of financial hardship.

Practical Next Steps for Your Compliance & Strategy

Perimeter Mapping to Identify Your Regulated Activities

The first step for any business in the payments or credit sector is to conduct a detailed review of all products and services. This process, known as perimeter mapping, involves comparing your current operations against the new definitions introduced by the recent reform. Ultimately, this helps determine which activities now require an Australian Financial Services (AFS) licence or an Australian Credit Licence.

You should assess whether your offerings fall into the newly defined categories of financial products and services, including:

• Stored Value Facilities (SVFs): Facilities that hold customer funds without an immediate instruction for onward payment.
• Tokenised Stored Value Facilities (Tokenised SVFs): A type of SVF, like a stablecoin, where the right to redeem a fixed amount of currency is linked to a digital token.
• Payment Facilitation Services (PFS): Services such as merchant acquiring or remittance that involve receiving and transferring funds on behalf of a payer or payee.
• Payment Initiation Services (PIS): Services that initiate a non-cash funds transfer from a customer’s account held with another institution.
• Payment Technology and Enablement Services (PTES): Services like digital wallets or payment gateways that enable non-cash payments.

For buy now pay later providers, the key consideration is that your products are now defined as ‘credit contracts’ under the National Consumer Credit Protection Act 2009 (Cth) if they are used for personal, domestic, or household purposes.

Developing Your Licensing Strategy & Understanding Transitional Arrangements

Once you have identified your regulated activities, you must develop a licensing strategy. This will involve either applying for a new AFS or credit licence, or applying to vary an existing one to include the necessary authorisations for your services. Furthermore, the government has established transitional arrangements to allow businesses to continue operating while they meet the new requirements.

The transitional periods for the payment systems reform differ based on your current licensing status, as follows:

• Existing AFS Licensees: If you currently hold an AFS licence with an authorisation for non-cash payment (NCP) facilities, you have a one-month default transition period to apply for a streamlined variation.
• New Applicants and Other Licensees: All other payment service providers have a six-month default transition period to apply for a new AFS licence or vary an existing one.

By contrast, a separate transitional arrangement applies for buy now pay later providers. You must submit a complete Australian Credit Licence application before 10 June 2025 to continue operating your business while ASIC assesses your application.

The Importance of Contract Uplift for Your Partner Agreements

The payment systems reform has significantly broadened the definition of a ‘participant’ under the Payment Systems (Regulation) Act 1998. The new definition now includes all entities involved in the payments value chain, even those only indirectly connected to a payment system. As a result, this change captures providers of digital wallets and buy now pay later products that facilitate payments through major schemes.

This expanded scope makes it essential to review and update all agreements with partners and intermediaries. This process, known as contract uplift, ensures that your agreements accurately reflect the new regulatory responsibilities of all parties.

Enhanced Regulatory Powers & Compliance Risks

New Safeguarding Requirements for Customer Funds

The payment systems reform introduces new rules to protect consumer funds held by payment service providers. As a result, licensees who hold payment-related money are now required to safeguard these funds to ensure their security and availability. The primary method for safeguarding is the segregation of this money into a trust account with an Australian authorised deposit-taking institution (ADI).

However, for entities regulated by the Australian Prudential Regulation Authority (APRA), alternative methods may be used without prior approval. These alternative methods include:

• Obtaining appropriate insurance;
• Securing guarantees; or
• Using other methods permitted by prudential standards.

Increased Penalties & Prudential Regulation of Payment Systems

The reform significantly strengthens the regulatory powers over payment systems and increases the consequences for non-compliance. Under the amended Payment Systems (Regulation) Act 1998, maximum penalties for both criminal and civil offences have been increased to deter non-compliant behaviour.

Furthermore, the Minister for Financial Services now has the power to designate payment systems if it is in the national interest. This allows for greater regulatory oversight and the ability to appoint a special regulator with powers to set standards and issue directions.

In addition, a standalone prudential regime has also been established for payment entities that present a broader risk to the financial system. Ultimately, this grants APRA powers that include:

• Determining prudential standards for specific entities;
• Taking control of a regulated entity’s business if it is unable to meet its obligations;
• Appointing an administrator to manage the business; and
• Suspending payments if continued operation is not in the interest of customers or financial system stability.

Conclusion

Australia’s dual reform of payment systems and credit laws introduces significant new compliance obligations for payment service providers and brings buy now pay later arrangements under the National Consumer Credit Protection Act 2009 (Cth). Affected businesses must understand the new definitions for regulated services, and responsible lending duties.

To ensure your operations are compliant with this new regulatory landscape, contact GRM Law’s specialist private lender and non-bank finance lawyers for tailored advice on your licensing and compliance strategy. Our team can help you assess your obligations and take proactive steps to meet the requirements of the reform.

Frequently Asked Questions