The government announced its plan to enhance supervision on virtual asset transactions at a taskforce meeting led by the Office for Government Policy Coordination on May 28. The measures introduced are aimed at strengthening efforts to prevent illegal transaction activities and improving transparency amid growing market size of virtual assets. The taskforce meeting also assigned specific tasks for each government authority and agency dealing with virtual asset transactions.
With the revised Act on Reporting and Using Specified Financial Transaction Information providing a six-month grace period for current virtual asset service providers (VASPs) to register their business with the authority, the government will ensure an effective management over the registration process as well as ensuing risks both during and after the grace period.
I. Preemptive management during the grace period
In order to encourage prompt and early registration from existing VASPs, the financial authorities will provide consulting on the registration and supplemental requirements, such as obtaining an ISMS certification, opening up a real-name checking account, etc. The KoFIU will promptly process applications for business registration as they come in to promote market reorganization with registered entities. To let market participants know in advance and help them prepare for the possibility of business closure, the authorities will let the public know the status of business applications being filed through relevant websites.
The authorities will continue to share information about VASPs with the investigative authorities to help enhance the effectiveness of necessary investigations. As of May 20, about sixty VASPs appear to be in operation. Twenty entities have received ISMS certifications and four them are found to run their operation with real-name accounts as of May 27. The authorities will continue to closely monitor fraudulent activities by VASPs and ensure strict response.
II. Systematic management after the grace period
The authorities will strengthen management on the registered VASPs by closely watching whether they are in compliance with the registration requirement, AML, embezzlement and hacking prevention requirements.
a) VASPs will be required to register with the KoFIU or otherwise face penalties of up to five years of imprisonment or up to KRW50 million in monetary sanction
b) AML duties will be closely monitored to ensure transparency in transactions. VASPs will be required to comply with necessary protocols, such as filing suspicious transaction reports (STRs) and having internal control standards, etc., or otherwise be subject to monetary sanctions or business suspension.
c) VASPs will be required to maintain deposits from customers separately to prevent embezzlement.
d) A registered VASP that fails to maintain its ISMS certification status will be subject to a cancellation of registration
In addition, the authorities will continue to work on improvements to boost transparency in virtual asset transactions and strengthen safekeeping and other measures. In this regard, the authorities will work to introduce measures that prohibit VASPs issuing theirs own virtual assets from engaging in brokerage activities for the sale or exchange of their own virtual assets. Second, the authorities will work on a measure that bans employees of VASPs from engaging in virtual asset transactions through their own business establishments. Third, the authorities will consider raising the cold wallet safekeeping requirement (to more than 70%, for instance) to enhance protection from hacking, etc.