The regulator said it held a review meeting Tuesday with chief information officers and other officials from five companies — K Bank, KakaoBank and Toss Bank, as well as Kakao Pay Securities and Toss Securities — to check their IT risk management status and improvement plans.
The FSS shared recent examples of system failures, including a recent Toss Bank incident involving a system error tied to its “half-price yen exchange” service.
The watchdog stressed compliance with basic internal controls, calling for thorough procedures when changing programs, including advance impact analysis, testing and third-party verification.
It also highlighted the need to expand computing infrastructure to handle surges in transaction volume, review emergency response systems, and speed recovery and consumer notifications when outages occur. Preparedness for cyber threats such as distributed denial-of-service attacks and ransomware was also listed as a key review item.
Lee Jong-oh, the FSS deputy governor for digital and IT, said internet banks and related firms must build IT stability and accident-prevention systems that match their growth. He also called for stronger self-regulation, including internal audits, to prevent repeat incidents caused by weak basic controls.
The FSS said it plans to shift its oversight toward prevention to stop IT incidents from recurring, and it will take strict action if major system failures occur due to inadequate internal controls.
* This article has been translated by AI.
Copyright ⓒ Aju Press All rights reserved.