 |
Photo courtesy of Yonhap News |
[Alpha Biz= Kim Jisun] South Korea’s financial regulator is set to begin formal sanction procedures next month against financial institutions involved in major data breaches and financial incidents. With large-scale customer 피해 and growing concerns over trust in the financial sector, industry observers expect severe disciplinary measures.
According to the financial industry on March 14, the Financial Supervisory Service (FSS) is reviewing penalties against Lotte Card for a data breach that exposed information of nearly 3 million customers. The FSS plans to refer the case to its sanctions review committee next month.
In August last year, personal data including resident registration numbers, card numbers, and card security codes (CVC) of 2.97 million customers were leaked from Lotte Card. The regulator conducted an on-site inspection in September and October and has since been reviewing the legal implications.
Financial authorities believe the case may warrant the highest level of sanctions, citing the unprecedented scale of damage and the need to send a strong warning to the broader financial industry. In a report submitted to the National Assembly last year, the Financial Services Commission (FSC) said that under relevant laws, Lotte Card could face up to six months of business suspension and a fine of up to 5 billion won. A six-month suspension is the maximum penalty under the Specialized Credit Finance Business Act.
Sanctions are also under review for affiliates of Coupang, where more than 33 million cases of personal data leaks occurred last November. The FSS recently completed on-site inspections of Coupang Pay and Coupang Financial.
Regulators are closely examining high-interest loans provided by Coupang Financial to marketplace sellers. These loans allow the lender to seize settlement payments owed by Coupang or Coupang Pay if borrowers default. Authorities are investigating whether the risks of this collateral structure were clearly disclosed to borrowers. The interest rate—reaching up to 18.9% annually—is also under scrutiny.
Separately, sanctions are being considered against Shinhan Card after employees at several regional branches leaked about 190,000 cases of merchant personal information between March 2022 and May this year.
The cryptocurrency sector is also facing potential penalties. The FSS recently completed an inspection of Bithumb over a 60 trillion won Bitcoin overpayment incident, reviewing its IT systems, asset verification processes, and past similar incidents. Bithumb is also expected to face a sanctions review as early as the first half of this year.
Alphabiz Reporter Kim Jisun(stockmk2020@alphabiz.co.kr)
