Australia spends $160 billion a year complying with federal regulation. That's 5.8 per cent of GDP. Double what it was a decade ago. The figure comes from a report for the Australian Institute of Company Directors by Mandala Partners, published in November, and nobody seemed particularly surprised by it.

They should have been.

That number doesn't include state regulation. Doesn't include local government. Doesn't include the internal compliance apparatus that organisations build on top of the external one — the policies about policies, the training about training, the audits of audits. The real number is larger. Nobody knows how much larger because measuring the full cost of compliance is itself a compliance exercise that nobody wants to fund.

What $160 Billion Actually Buys

Not safety. Not accountability. Not trust.

It buys proof. Proof that you followed the process. Proof that you documented the risk. Proof that someone signed off, and someone else reviewed the sign-off, and a third person filed the review.

The University of Sydney complies with 330 legislative instruments. The University of Queensland spends 63 per cent more on compliance than it did ten years ago. Australian academics spend more time on administration than their counterparts in twelve other countries surveyed. The Group of Eight universities estimate compliance reporting alone costs the sector $500 million annually.

These are institutions whose purpose is to think. They are drowning in paperwork that exists to prove they thought correctly.

The Ratchet

Here is how it works. Something goes wrong. A controversy, a scandal, a failure, a front page. Government responds (as it believes it must) with new rules. The new rules require new reporting. The new reporting requires new systems. The new systems require new staff. The new staff require new training. The training requires documentation. The documentation requires auditing.

None of this gets removed when the crisis passes. It accretes. Layer on layer, like sediment.

In two weeks, on 31 March, Australia's anti-money laundering regime expands to cover lawyers, accountants, real estate agents, and dealers in precious metals. Tranche two of the AML/CTF reforms. These are professionals who have operated for decades without these obligations. Now they need AML/CTF programs, customer due diligence processes, suspicious matter reporting, AUSTRAC enrolment, ongoing monitoring, record keeping.

The government says it's moving from a "check-box compliance approach" to "flexible, risk-based and outcomes-based obligations." This is the language of every regulatory expansion in history. The obligations are new. The flexibility is theoretical. The compliance cost is real and immediate. The ratchet tightens.

The Distrust Equation

Every compliance obligation encodes a specific belief: that without this rule, this form, this reporting requirement, someone would do the wrong thing.

Sometimes that's true. The PwC tax scandal demonstrated that a Big Four firm would exploit confidential government briefings for commercial gain. Robodebt showed that a government agency would pursue illegal debts against its own citizens for years. These are not hypothetical failures. They are documented betrayals of trust.

But the response to betrayal is never targeted. It's systemic. When PwC abused confidential access, the regulatory response didn't just apply to PwC (and some would argue didn’t have the effect it was intended to have on bad actors). When one aged care facility failed, the compliance framework tightened across every facility in the country. The logic is: if one actor proved untrustworthy, all actors must now prove they are trustworthy. Continuously. In writing.

This is the distrust equation: the cost of bad actors is paid by everyone.

What Other Countries Are Doing

New Zealand created a standalone Ministry for Regulation with a public "Red Tape portal" where businesses report compliance pain points. In its first year: three sector reviews completed, $272 million in economic opportunity unlocked for agriculture alone.

The UK has a target: reduce administrative burden by 25 per cent by 2029. They've already started — lifting size thresholds so 132,000 companies qualify for lighter requirements, cutting duplicative reporting from directors' reports, saving businesses over £100 million annually through prudential regulation reform alone.

Canada did a government-wide red tape review. Ministers identified 500 actions to reduce burden. They have a "one-for-one" rule: add a regulation, remove a regulation.

Australia has asked 38 regulators for ideas. The regulators suggested 400 things, including 150 that wouldn't need legislation or budget. The government is "currently reviewing" them.

The AICD's assessment is blunt: Australia is "out of step with peer economies."

The Productivity Question

The Productivity Commission has flagged regulatory burden as a drag on business dynamism. The OECD's 2026 Economic Survey of Australia says the same thing. The Treasurer has highlighted "better regulation" as a priority. Everyone agrees there's a problem, but seem indifferent to the arithmetic.

If Australia's compliance burden is 5.8 per cent of GDP and the government achieved even the UK's 25 per cent reduction target, that would free up approximately $40 billion annually. For context, that's roughly the entire annual budget of the Department of Defence.

But reduction requires trust. It requires believing that organisations can be accountable without being surveilled. That professionals can exercise judgment without documenting every step. That not every risk needs a form.

And trust, once broken, is expensive to rebuild. Ask PwC. Ask the aged care sector. Ask anyone who's been through a Royal Commission.

Reasonable, Until It Isn’t

We built this. Not maliciously. Not stupidly. One reasonable response at a time. Each rule made sense when it was written. Each reporting requirement addressed a real failure. Each compliance obligation was someone's solution to someone else's betrayal.

The result is a system that costs $160 billion a year, rising faster than the economy it's meant to protect. A system where universities spend more on proving they educate than on educating. Where lawyers are about to discover what financial institutions have known for years: that the cost of being regulated is a permanent tax on doing business.

The AICD wants a 25 per cent reduction target by 2030. That would be a start. But it would also require something that no government has demonstrated: the willingness to say that some rules, written in response to real failures, are no longer worth what they cost.

That's not a regulatory question. It's a trust question.

And $160 billion says we don't have an answer yet.