South Korea crypto committee goes cold amid strict new rules

South Korea’s Virtual Assets Committee (VAC), launched a year ago to regulate the crypto space, has become inactive, with no meetings held since May.

South Korea’s newspaper Kookmin Ilbo reports that the government is focusing on boosting the stock market rather than crypto deregulation.

The VAC’s inactivity follows a political shift after President Yoon Suk-yeol’s impeachment, with his successor, Lee Jae-myung, adopting a different crypto policy. Lee’s administration now seems to prioritize collaboration between lawmakers and the Financial Services Commission (FSC), sidelining the VAC.

The original roadmap for allowing stock market-listed companies to buy crypto by 2025 appears increasingly unlikely to be realized.

South Korea: New rules and regs

Meanwhile, South Korean regulators announced plans to impose strict liability rules on cryptocurrency exchanges, a move that follows a hacking incident at Upbit, the country’s largest digital asset platform, according to government statements.

The Financial Services Commission (FSC) confirmed it will include the measures in forthcoming virtual asset legislation aimed at strengthening investor protection, the agency stated.

The strict liability principle requires companies to provide compensation without proof of negligence or wrongful conduct. The mechanism provides compensation to victims without requiring them to prove culpability, according to legal experts.

South Korea currently applies this approach to high-risk industries including automobile accidents and hazardous industrial activities, regulatory documents show.

Under the proposed rules, exchanges would be required to compensate users for losses resulting from hacking or system failures. Liability would be triggered regardless of the company’s fault, unless users acted with gross negligence, according to the draft legislation.

The regulatory framework mirrors regulations for traditional financial institutions in South Korea under the Electronic Financial Transactions Act. Cryptocurrency platforms currently operate outside the jurisdiction of that Act, creating a regulatory gap that leaves investors without legal protection, according to legal analysts.

The Upbit incident highlighted this vulnerability, prompting calls for reform. Lee Chan-jin, governor of the Financial Supervisory Service (FSS), acknowledged the gap, stating that system security represents “the lifeblood of virtual resource markets.”

Data collected by regulators revealed the scope of the issue. Between 2023 and September 2025, five major exchanges reported 20 cyber incidents affecting more than 900 users. Upbit recorded six incidents affecting 616 users, Bithumb reported four incidents impacting 326 users, and Coinone experienced three incidents affecting 47 users, according to FSS data.

The Upbit attack occurred on November 27 from 4:42 to 5:36 KST, lasting 54 minutes. Large amounts of Solana-based coins were transferred to external wallets during the breach, according to exchange records.

Regulators found no legal basis to directly sanction exchanges under the current Virtual Asset User Protection Act, the FSC reported.

The new legislation would require cryptocurrency platforms to meet the same security standards as traditional financial institutions. Exchanges would be required to maintain adequate staff, facilities and robust IT infrastructure, and submit annual technology plans to regulators, according to the proposed framework.

Fines would increase significantly under the proposed amendments, with penalties reaching up to 3% of companies’ annual turnover, regulatory documents show.

Industry observers expect swift legislative approval, with the ruling party expressing support for investor protection measures. Exchanges are reportedly preparing to adjust compliance strategies for the anticipated changes.