SecurePrivacy Logo

South Korean Credit Information Act

View Law Text
Maximum Fine
3% of revenue
Scope
Industry-Specific
Regulator
FSC
Enacted
1995

Need Help with South Korean Credit Information Act Compliance?

Get expert guidance on implementing South Korea's credit information protection requirements and ensuring ongoing compliance for your organization.

Get Expert Help

Overview

The Credit Information Act establishes requirements for the collection, processing, and protection of credit information in South Korea, enforced by the Financial Services Commission.

Key Facts

  • Enacted in 1995
  • Enforced by Financial Services Commission
  • Applies to credit information businesses

Key Principles

Collection and Use Limitations

Credit information must be collected and used only for legitimate purposes with proper authorization.

Requirements

  • Obtain explicit consent
  • Specify collection purposes
  • Limit use to stated purposes
  • Regular purpose reviews
  • Document justification

Examples

  • Consent mechanisms
  • Purpose statements
  • Usage records
  • Review documentation

Accuracy and Security

Credit information must be accurate and protected with appropriate security measures.

Requirements

  • Verify information accuracy
  • Implement security controls
  • Regular updates
  • Access management
  • Security monitoring

Examples

  • Verification procedures
  • Security policies
  • Update logs
  • Access controls

Credit Information Subject Rights

Protection of rights for individuals regarding their credit information.

Requirements

  • Right to access
  • Right to correction
  • Right to deletion
  • Dispute resolution
  • Response procedures

Examples

  • Access request forms
  • Correction procedures
  • Deletion processes
  • Dispute handling

Compliance Requirements

Credit Information Handling

Requirements for collecting, processing, and managing credit information.

Implementation Steps

  • Obtain necessary licenses
  • Implement security measures
  • Train staff on requirements
  • Regular compliance audits
  • Document handling procedures

Required Documentation

  • License certificates
  • Security policies
  • Training records
  • Audit reports
  • Procedure manuals

Credit Information Protection

Security and protection measures for credit information.

Implementation Steps

  • Implement security controls
  • Establish access management
  • Monitor data access
  • Regular security testing
  • Incident response planning

Required Documentation

  • Security measures
  • Access logs
  • Monitoring records
  • Test results
  • Response plans

Enforcement & Penalties

Administrative Penalties

The Financial Services Commission can impose administrative penalties for violations of the Credit Information Act.

Penalty Categories

Severe Violations
Up to 3% of revenue
For serious breaches of credit information requirements
Processing Violations
Up to 2% of revenue
For unauthorized processing of credit information
Documentation Violations
Up to 1% of revenue
For failure to maintain required documentation

Example Cases

Major Bank
KRW 500M
2023 - Unauthorized sharing of credit information
Credit Bureau
KRW 300M
2022 - Insufficient security measures leading to data breach

Criminal Penalties

Serious violations may result in criminal prosecution.

Penalty Categories

Intentional Violations
Up to 5 years imprisonment
For deliberate violations of the law
Data Theft
Up to 3 years imprisonment
For unauthorized access and theft of credit information
False Statements
Up to 2 years imprisonment
For providing false information to authorities

Example Cases

Credit Information Theft
Criminal Charges
2023 - Intentional theft of credit information
Unauthorized Access
2 years imprisonment
2022 - Illegal access to credit information database