SOUTH KOREA Trends and Developments Contributed by: Wooyoung Choi, Suhhee Han, Seonghwan Ju and Matt Younghoon Mok, Lee & Ko
Relaxation for generative AI The FSC has granted regulatory exemptions allowing financial companies to use generative AI to process pseudonymised personal credit information. This per - mits connections between financial company infor - mation processing systems and AI models notwith - standing network separation requirements. However, applications remain subject to regulatory sandbox review considering intended use, data scope and security standards. Enhanced security measures and mandatory contractual provisions with overseas AI providers may be imposed as conditions. Relaxation for SaaS Draft amendments expressly provide that SaaS is not subject to network separation requirements (draft Article 2-3, paragraph 1, subparagraph 3). However, cases involving users’ unique identification informa - tion or personal credit information remain excluded. Strict security controls are mandated, including: use of SaaS evaluated by incident response organisations such as the Financial Security Institute; rigorous secu - rity management including terminal protection, secure authentication and least-privilege access; monitoring of sensitive information; prevention of unnecessary data sharing; encryption of SaaS network segments; access monitoring and log collection; and control of unpermitted functions. Compliance must be evaluated semi-annually and reported to information security committees. The draft amendments are expected to be finalised following Regulatory Reform Committee review. Implications The draft amendments open possibilities for SaaS uti - lisation without innovative financial services review. The authorities plan to distribute security guidance and have indicated that further reforms for generative AI will be discussed. Continued monitoring of regula - tory developments is advisable. Strengthening of electronic financial services regulations Overview Regulations on electronic financial business opera - tors have been strengthened. Amendments to the Electronic Financial Transactions Act passed the
National Assembly on 27 November 2025 following the “TMON-WeMakePrice” settlement fund crisis in July 2024, which raised concerns about the safety of settlement funds held by payment gateway (PG) operators. Strengthened PG operator regulations PG operators must now externally manage settle - ment funds through trust, deposit or payment guar - antee insurance. Transfer, pledge and third-party set-off of settlement funds are prohibited, and sell - ers have priority repayment rights. Criminal penalties apply for misappropriation. A phased implementa - tion period applies: 60% of settlement funds upon implementation, increasing by 20% annually to 100%. Capital requirements have been strengthened for PG operators with quarterly settlement volumes exceed - ing KRW30 billion, requiring capital of KRW2 billion (increased from KRW1 billion). Major shareholder changes must be reported to the FSC within 15 days. The amendments clarify that entities conducting set - tlement incidentally to sales intermediation or other principal business activities are excluded from PG operator requirements. Administrative fine standards reform The FSC has reformed administrative fine standards for violations of safety obligations under Article 21 of the Electronic Financial Transactions Act. Fines will now be imposed per individual compliance item rath - er than per regulatory section, potentially increasing aggregate penalties. Fines may be consolidated only where violations share identical regulatory provisions, temporal and spatial proximity, and unity of intent. Implications PG operators should comply with FSS settlement fund external management guidelines pending implemen - tation of the amendments, then implement phased external management requirements. Compliance checks should be granularised given the revised fine standards. Third-party risk management guidelines Overview With increasing digitalisation and diversification of distribution channels, financial institutions’ outsourc -
778 CHAMBERS.COM
Powered by FlippingBook