Virtual Asset User Protection Act Takes a Significant Step Forward

The Virtual Asset User Protection Act, designed to safeguard virtual asset users and ensure the orderly conduct of the virtual asset market, has taken a significant step forward.

On June 25, the Cabinet approved the draft of the "Enforcement Decree of the Virtual Asset User Protection Act," which outlines the detailed procedures and methods delegated by the law. This decree is set to be promulgated in early July, with the Act itself coming into effect on July 19.

The decree provides clarity on several key aspects of the Act. Firstly, it defines "electronic certificates regulated by other laws or with no risk of user harm," which are excluded from the scope of virtual assets. This includes electronic bonds under the Electronic Financial Transactions Act and mobile gift certificates. Additionally, new digital assets with low risk of user harm, such as deposit tokens and non-fungible tokens (NFTs), are also excluded. Deposit tokens are electronic certificates equivalent to deposits handled by banks on the Bank of Korea's Central Bank Digital Currency (CBDC) network. NFTs are excluded only if they are primarily for collection or for confirming transactions between parties and cannot be replaced by other electronic certificates.

To further bolster the regulatory framework, the Financial Services Commission (FSC) will establish a Virtual Asset Committee. "The committee will be chaired by the Vice Chairman of the FSC and will include officials from relevant ministries and private sector experts," an FSC spokesperson stated. This committee will advise on policies and systems related to the virtual asset market and virtual asset service providers.

Banks have been designated as the management institutions for users' deposits, which must be managed separately from the bank's assets. These deposits will be invested in safe assets such as government or municipal bonds, with the returns paid to virtual asset service providers. The service providers, in turn, must return the deposit usage fees to users after deducting some costs. Virtual asset service providers are also required to store at least 80% of users' virtual assets in "cold wallets" that are not connected to the internet, a measure aimed at enhancing security against hacking and cyber theft.

The decree also outlines the scope of abnormal transactions to be monitored by virtual asset exchanges. These include cases where "the price or trading volume of virtual assets fluctuates abnormally" or "there are rumors or reports that could affect the price of virtual assets." The specific criteria for abnormal transactions will be established and operated as self-regulatory guidelines by the Financial Supervisory Service and virtual asset exchanges. If an abnormal transaction is deemed an unfair trading practice during constant monitoring, the virtual asset exchange must immediately report it to the financial authorities.

The punishment levels for unfair practices under the Act are stringent, with penalties that can lead to a maximum life imprisonment linked to unjust gains. If the unjust gain exceeds 5 billion KRW, a sentence of at least five years and up to life imprisonment can be imposed. Virtual asset service providers can also block the deposit and withdrawal of users' deposits and virtual assets for legitimate reasons specified in the Enforcement Decree. These include "unavoidable cases such as system failures, maintenance, or inspections of information and communication networks for virtual asset transactions," "hacking incidents," "cases related to illegal assets such as criminal proceeds," and "requests or orders from administrative agencies."