Korea to Treat Crypto Exchanges Like Banks After Upbit Hack | USAEMALL.com

Crypto Journalist

Anas Hassan

Crypto Journalist

Anas Hassan

About Author

Anas is a crypto native journalist and SEO writer with over five years of writing experience covering blockchain, crypto, DeFi, and emerging tech.

Share

Last updated: 

December 7, 2025

South Korea is moving to impose bank-level liability standards on crypto exchanges following a $30.1 million hack at Upbit last month, shifting toward treating major platforms with the same regulatory rigor as traditional financial institutions.

According to The Korea Times, the Financial Services Commission is reviewing provisions that would require crypto exchanges to compensate users for losses caused by hacking or system failures, regardless of fault, mirroring rules currently applied only to banks and electronic payment firms under the country’s electronic financial transactions law.

The push follows a Nov. 27 breach at Upbit that saw over 104 billion Solana-based tokens worth 44.5 billion won ($36M) transferred to external wallets in just 54 minutes.

Despite the incident, the exchange faced minimal penalties since regulators cannot order compensation under existing laws.

Mounting System Failures Drive Regulatory Overhaul

The planned reforms come amid a pattern of platform instability across Korea’s crypto sector.

Financial Supervisory Service data shows the five major exchanges, Upbit, Bithumb, Coinone, Korbit, and Gopax, recorded 20 system failures between 2023 and September this year, affecting over 900 users with combined losses of 5 billion won.

Upbit alone accounted for six incidents, with more than 600 victims suffering 3 billion won in damages.

Draft legislation is expected to mandate IT security infrastructure plans, upgraded system standards, and significantly stronger penalties.

Lawmakers are considering revisions that would allow fines of up to 3 percent of annual revenue for hacking incidents, matching standards for traditional financial institutions and replacing the current 5 billion won cap.

The shift would fundamentally reshape accountability in Korea’s crypto industry by making exchanges liable to compensate victims, as banks must respond to security breaches or system failures.

The Upbit breach also exposed reporting failures, with the exchange waiting over six hours after detecting the hack at 5 a.m. to notify regulators at 10:58 a.m.

Ruling party lawmakers alleged that Dunamu deliberately delayed disclosure until after its scheduled merger with Naver Financial, which concluded at 10:50 a.m.

Broader Compliance Crackdown Intensifies Across Industry

The regulatory tightening extends beyond security requirements into comprehensive anti-money laundering enforcement.

Korea’s Financial Intelligence Unit is preparing sanctions against major exchanges following on-site inspections that examined compliance with Know Your Customer checks and suspicious transaction reporting.

The unit has already disciplined Dunamu with a three-month suspension on new customer activity and a 35.2 billion won fine, setting a precedent for penalties expected to reach hundreds of billions of won across the sector.

Authorities are simultaneously expanding the crypto travel rule to apply to transactions under 1 million won, closing a loophole that allowed users to evade identity checks by splitting transfers into smaller amounts.

“We will crack down on crypto money laundering, expanding the Travel Rule to transactions under 1 million won,” Financial Services Commission Chairman Lee Eok-won said during a National Assembly briefing.

The Financial Intelligence Unit will gain pre-emptive account-freezing powers in serious cases, while new rules will bar individuals with convictions for tax crimes or drug offenses from becoming major shareholders in licensed platforms.

Legislative amendments are expected in the first half of 2026 as Korea aligns with global standards through expanded coordination with the Financial Action Task Force.