Commotion and confusion reigns as to whether South Korean crypto exchanges can – or should – collect their client’s social security numbers under new Know-Your-Customer (KYC) and anti-money laundering (AML) compliance efforts that will come into force in a matter of months.
As reported by Digital Today, exchanges are still uncertain of their legal obligations on this front, even though many of them have already built up their compliance infrastructure in preparation for policing from financial regulators.
Virtual asset service providers (VASPs) will be obliged to confirm their customers’ real names under a clause of the new legal amendment, which comes into force in March 2021.
However, although the financial regulator that will police exchanges advises firms that the Act on Real Name Financial Transactions and Confidentiality specifies that a person’s “real name” should be confirmed by checking against the name and social security number issued on citizen ID cards, a separate piece of legislation appears to contradict this advice.
The Personal Information Protection Act stipulates that firms may not request their clients to divulge social security numbers except in exceptional circumstances. These currently include primary banking-related operations.
But as crypto exchanges have, legally speaking, more in common with e-commerce platforms than financial institutions like banks, legal experts appear to be baffled as to whether or not businesses can or should request customers to provide this form of personal data as part of their new KYC and AML compliance protocols. E-commerce platforms are forbidden from making social security number requests under the law mentioned above.
The report concludes that such issues may well be addressed in separate crypto industry-specific legislation – but discussion on a proposed Virtual Assets Business Rights Bill has yet to begin in earnest, with just six months to go before the new policing measures come into effect.