Most breaches concerned failures in buyer due diligence and id verification processes.
The motion coincides with stories of a possible majority acquisition by Mirae Asset.
The case reinforces stricter regulatory expectations throughout South Korea’s crypto sector.
South Korea’s year-end transfer in opposition to Korbit marks a decisive second for the nation’s digital asset trade, as regulators sign that gaps in compliance will carry actual penalties.
On December 31, the Monetary Intelligence Unit closed an on-site investigation into one of many nation’s longest-operating exchanges with a big monetary penalty and management-level sanctions.
The motion, primarily based on findings from an October inspection, locations renewed give attention to how exchanges confirm customers, handle threat, and broaden providers.
It additionally lands at a delicate time for Korbit, underscoring how regulatory self-discipline is shaping the way forward for South Korea’s crypto market.
The FIU introduced a 2.73 billion received ($1.88 million) high quality after figuring out practically 22,000 breaches linked to anti-money laundering and buyer verification obligations.
The violations have been uncovered throughout an inspection performed between October 16 and 29, 2024, with the outcomes later reviewed by the Sanctions Evaluate Committee.
Alongside the high quality, the regulator issued an institutional warning and imposed particular person accountability measures on senior executives.
Inspection findings
A big share of the violations stemmed from failures in buyer due diligence.
The FIU discovered roughly 12,800 instances the place id checks weren’t correctly performed.
These included the acceptance of unclear or unverifiable identification paperwork, incomplete deal with info, and lapses in necessary re-verification processes.
In a number of cases, customers have been allowed to proceed buying and selling even after their threat profiles elevated, with out extra checks being utilized.
Such practices run counter to necessities that higher-risk clients be topic to enhanced scrutiny reasonably than normal monitoring.
The evaluation additionally recognized about 9,100 instances the place clients have been permitted to commerce earlier than id verification was totally accomplished.
South Korean guidelines prohibit transactions by unverified customers, making these instances a direct breach of core compliance requirements.
Accountability on the prime
Past operational failures, the enforcement motion prolonged accountability to management.
The FIU issued an institutional warning to Korbit, whereas the change’s chief govt obtained a warning, and its reporting officer was reprimanded.
This method displays a broader regulatory emphasis on governance and inner controls, the place accountability doesn’t cease at automated methods or compliance groups.
As an alternative, senior administration is predicted to make sure that regulatory necessities are embedded throughout day-to-day operations and decision-making processes.
Abroad transfers and new providers
Regulators additionally highlighted weaknesses past buyer onboarding.
Inspectors flagged 19 digital asset transfers involving three abroad digital asset service suppliers that weren’t correctly reported.
South Korean guidelines require exchanges to reveal dealings with international entities and prohibit transactions with unregistered suppliers.
As well as, the FIU recognized 655 instances the place Korbit failed to hold out necessary cash laundering threat assessments earlier than introducing new transaction sorts.
These included providers linked to non-fungible tokens, an space of fast progress that continues to be topic to the identical compliance obligations as different digital asset merchandise.
Timing and sector affect
The enforcement motion comes simply days after stories that Mirae Asset is alleged to be contemplating buying 92% of Korbit for as much as 140 billion received ($97 million).
Korbit at the moment ranks because the fourth-largest change amongst South Korea’s six included crypto platforms, inserting it firmly inside the regulator’s line of sight.
The FIU mentioned full particulars of the sanctions will likely be disclosed after a minimal 10-day interval for opinion submissions.
