South Korea’s Financial Services Commission (FSC) has introduced sweeping new regulations for cryptocurrency exchanges, mandating that platforms verify user asset balances every five minutes. This move comes in response to a high-profile overpayment blunder earlier in the year that highlighted critical vulnerabilities in industry risk controls.
Background of the regulatory action
The catalyst for the regulatory overhaul was an incident in February involving Bithumb, one of South Korea’s major cryptocurrency trading platforms. Bithumb mistakenly issued 2,000 Bitcoin to individual users, rather than 2,000 Korean won—an error totaling approximately $42 billion at the time. This payout, made during a promotional event, prompted immediate scrutiny from financial authorities.
The FSC conducted urgent inspections of South Korea’s five largest crypto exchanges following the incident. These checks revealed that many platforms practiced daily—rather than continuous—reconciliation of customer balances. Inspectors also found deficiencies such as the absence of automatic trading halts for account mismatches and the lack of segregated accounts for high-risk activities.
At least three exchanges had not implemented instant shutoff protocols to suspend operations if irregularities appeared. Several platforms lacked robust approval systems for manual transactions, while some had not separated standard account flows from those expected to carry elevated risk. The FSC considered these findings indicators of insufficient controls compared to practices in traditional finance.
New requirements for local exchanges
The FSC announced a new compliance package on April 6, substantially raising the bar for operational transparency and risk management. Exchanges must now use automated systems to review user balances every five minutes. When mismatches exceed a set threshold, trading is halted automatically and alerts are generated for further review.
Previously, external audits of exchange reserves were performed every three months. Under the new rules, monthly audits will be required, and disclosures must detail blockchain-based asset holdings for each token, not just consolidated coverage ratios.
Manual, high-risk transactions—such as reward payments—will now be subject to stricter governance. These actions must occur through separate accounts, require independent third-party verification, and pass through validity checks to eliminate input errors. Exchanges also need automated systems to reject mismatches during transaction processing.
In addition, each exchange will appoint a risk management officer and form a risk committee, mirroring expectations for banks and securities firms. The number of required compliance checks will increase, with reports submitted twice annually.
DAXA, a leading industry trade group, plans to finalize upgraded self-regulatory standards later this month, ensuring all requirements are established by May. The revised rules align with developments in South Korea’s Digital Asset Act, aiming to harmonize crypto industry practices with those in the financial sector.
Bithumb, based in Seoul, is among the most prominent digital asset platforms in South Korea, facilitating spot and derivatives trading for millions of users. The FSC, South Korea’s top financial regulator, oversees financial stability and consumer protection across traditional and emerging sectors.
FSC officials emphasized that “the latest measures will help align crypto exchanges with the internal controls expected in traditional finance and prevent future systemic disruptions.”
