South Korea Financial Services Commission backs legal changes to expand AI platform sharing of vishing fraud data and enable faster account freezes

The South Korea Financial Services Commission (FSC) announced that the National Assembly has passed amendments to the Special Act on the Prevention of Loss Caused by Telecommunication-based Financial Fraud and Refund for Loss, creating an explicit legal basis for financial firms, telecom service providers and investigative authorities to share and use suspicious-transaction data through the AI-based Anti-phishing Sharing and Analysis Platform (ASAP). The amendments introduce the concept of a “fraud-linked suspicious account” so that information can be shared not only about fraudsters’ accounts but also victims’ accounts, and empower the FSC to designate and supervise a data sharing and analysis institution responsible for operating ASAP with appropriate technological, physical and managerial controls. The Act also specifies the types of information to be provided through ASAP, removes the need to obtain data subject consent when transmitting fraud-related data to speed response, restricts the use of such data to vishing prevention, and sets out protective measures for data subjects. The revised Act is scheduled to take effect six months after promulgation, expected in July 2026. The FSC plans to revise subordinate statutes and promote data-sharing arrangements with telecom service providers and investigative authorities to support implementation, including the use of shared data for preventive measures such as freezing accounts suspected to be linked to vishing scams.