On November 3, 2020, the Financial Services Commission (the “FSC”) published its draft Enforcement Decree (the “Enforcement Decree”) to the partial amendment to the Act on Reporting and Using Specified Financial Transaction Information (the “Partial Amendment”). The Enforcement Decree provides further guidance on what types of virtual asset businesses and kinds of virtual asset services will be regulated under the Partial Amendment, including the types of virtual asset service providers (“VASPs”) that will be subject to anti-money laundering regulations. After a 40-day public comment period on the Enforcement Decree, the Partial Amendment and its Enforcement Decree will become effective on March 25, 2021.
In 2018, the Financial Action Task Force (the “FATF”), an intergovernmental organization, where Korea is a member, recommended its member-states to implement anti-money laundering regulations on VASPs due to the increased use of virtual assets as a new means of payment. Accordingly, the National Assembly of Korea passed a resolution on the Partial Amendment on March 5, 2020 to establish regulatory oversight of VASPs and virtual asset transactions. The Enforcement Decree specifies the scope of VASPs that will be subject to the Partial Amendment and their reporting requirements.
1. Scope of a Qualified VASP
The Enforcement Decree and the FSC’s press releases indicate that the scope of VASPs subject to the Partial Amendment will be limited to cryptocurrency exchanges, custody service providers, and wallet service providers (each a “Qualified VASP”).
2. Scope of Virtual Assets
The Partial Amendment broadly defines a virtual asset as “any electronic token that has economic value and is transferrable” but specifically excludes online game money or items, prepaid electronic payment means, electronic currencies, electronically-registered securities, electronic bills, and electronic bills of lading.
3. Reporting Requirements for a Qualified VASP
Under the Partial Amendment and its Enforcement Decree, a Qualified VASP must file a VASP report (“VASP Report”) to the Korea Financial Intelligence Unit (the “KoFIU”) to engage in a virtual asset business in Korea. The Partial Amendment and its Enforcement Decree, however, set out reasons that would allow the KoFIU to reject a VASP Report, such as absence of an Information Security Management System (ISMS) certification by the Korea Internet & Security Agency or failure to have a real-name verification system for the bank accounts of its customers. A Qualified VASP engaging in a virtual asset business without an approved VASP Report could be subject to criminal penalties.
The Partial Amendment and its Enforcement Decree are the first legislation to regulate VASPs in Korea. Once these laws become effective, the virtual asset market in Korea will likely become oriented towards Qualified VASPs that have approved VASP Reports from the KoFIU, and their end-customers may also bear the burden to prove that their virtual asset transactions are legitimate as required by the Qualified VASPs.