Overview
- The Financial Services Commission is preparing rules that would require exchanges to reimburse customers for losses from hacks or system failures unless users showed gross negligence, extending bank-like protections to a sector outside the Electronic Financial Transactions Act.
- The proposed package includes tougher IT and security standards, enhanced audits, and mandatory incident reporting measured in minutes.
- Penalties under consideration would allow fines of up to 3% of annual revenue for major failures, replacing the current roughly 5 billion won cap.
- Regulators point to 20 system incidents at the five largest platforms since 2023 that affected more than 900 users and caused about 5 billion won in losses, with Upbit responsible for six cases impacting over 600 clients.
- A Nov. 27 Upbit incident drained over 104 billion won in Solana tokens in under an hour and was reported to the FSS nearly six hours later, as lawmakers push a Dec. 10 stablecoin deadline and the FIU readies AML sanctions following inspections.