South Korea Implements Bank-Level Liability for Crypto Exchanges

South Korea is preparing to impose bank-level, no-fault liability rules on crypto exchanges, holding them to the same standards as traditional financial institutions. This regulatory change follows a significant hack at Upbit, operated by Dunamu, on November 27, where more than 104 billion Solana-based tokens, valued at approximately 44.5 billion won, or 30.1 million dollars, were transferred to external wallets in under an hour.

The Financial Services Commission, or FSC, is reviewing provisions that would require exchanges to compensate customers for losses from hacks or system failures, even if the platform is not at fault. Currently, the no-fault compensation model applies only to banks and electronic payment firms under Korea's Electronic Financial Transactions Act.

The Financial Supervisory Service, or FSS, reported that South Korea's five major exchanges have faced 20 system failures in 2023, affecting over 900 users, resulting in more than 5 billion won in combined losses.

Upbit accounted for six of these failures, impacting 600 customers. The new legislative revision is expected to enforce stricter IT security standards, higher operational requirements, and tougher penalties, including fines up to 3% of annual revenue for hacking incidents, matching the threshold for banks.

Presently, crypto exchanges face a maximum fine of 3.4 million dollars. The Upbit breach has also raised political concerns over the delay in reporting the incident; the exchange notified the FSS nearly six hours after detecting the hack.

In addition, South Korean lawmakers are pressing for a draft stablecoin bill by December 10, warning they will proceed without government input if the deadline is not met.