Regulatory compliance
Oct 22, 2021
2 min read

The New Crypto Regulations in South Korea: How to Prepare for the Changes [Updated October 2021]

Sumsub Team

Sumsub Team

All-star

On 5 March 2020, South Korea passed an amendment to the Act on the Reporting and Use of Specific Financial Transaction Information. It came into effect in March 2021 and extended AML/CTF rules to virtual asset service providers. How can you prepare for the changes? Let’s take a look at some important aspects.

Who is affected

The new law covers the activity of virtual asset service providers (VASP) who are involved in the following business activities:

  • The selling or buying of cryptocurrencies;
  • Crypto-to-crypto exchanges;
  • The transferring of cryptocurrencies;
  • The storage or management of virtual assets.

These activities mainly relate to cryptocurrency exchanges, custodian wallet providers and Initial Coin Offering (ICO) projects.

What has changed

Now, all crypto service providers must transform their AML/KYC systems and register with the Korean financial regulators before they start their activity.

These measures are not completely new and were introduced by the Financial Services Commission (FSC) in 2018. However, until recently, they have not been mandatory: only the 4 biggest Korean exchanges—Bithumb, Upbit, Coinone, and Korbit have implemented them back then.

The amended Act forces all Korean crypto businesses to meet the following requirements.

  1. They must register an authorised company bank account and provide customers with their own real-name accounts with the same bank.
  2. They must establish expanded AML/KYC procedures using a risk-based approach, which includes customer due diligence and suspicious transactions reporting. This also requires a technical solution, which permits the exchange of customers’ personal data with transaction counterparties (FATF’s R.16 “travel rule”).
  3. They must acquire an Information Security Management System (ISMS) certificate at the Korea Internet & Security Agency (KISA).
  4. They must submit the company’s details (company name, the name of its representative, location of the place of business and contact information) and the details of its bank account to the financial intelligence unit.

Deadlines. The law came into effect in March 2021. All Korean crypto service providers had to become fully compliant by September 2021.

Sanctions. In the case that you don’t have an authorized bank account, sanctions can amount to a 5-year prison sentence for the company’s owners or a 50 million Korean Won fine (around 43,000 USD).

The new Korean legislation has made AML/CTF requirements mandatory for a wide range of virtual asset service providers. This step creates a safer economic environment, with financial regulators finally gaining access to data regarding crypto transactions. To avoid sanctions, crypto businesses must be fully compliant with the new law.

Where you can find out more

You can find all the details in the Enforcement Decree of the Act on the Reporting and Use of Specific Financial Transaction Information.

AMLCryptoFATFKYCRisk-Based ApproachSanctionsSouth KoreaTravel RuleVirtual Assets

Explore more

The 5 Most Important AML Updates of 2021
The 5 Most Important AML Updates of 2021
Oraz Kereibayev

Oraz Kereibayev

Content manager

Latest FATF Rules Jolt Crypto Businesses. What Are the New Realities Crypto Has to Acknowledge to Stay Afloat?
Latest FATF Rules Jolt Crypto Businesses. What Are the New Realities Crypto Has to Acknowledge to Stay Afloat?
Sumsub Team

Sumsub Team

All-star

Crypto regulations in Malaysia—2024 Guide
Crypto regulations in Malaysia—2024 Guide
Oraz Kereibayev

Oraz Kereibayev

Content manager