• Journal of Information Technology Services
• /
• v.23 no.4
• /
• pp.17-33
• /
• 2024

Recently, public interest in blockchain is increasing as the Financial Services Commission overhauled the token securities issuance (STO) discipline system in 2023 and the Bank of Korea plans to test the actual transaction of the central bank's digital currency (CBDC) in 2024. These regulatory changes suggest the possibility that financial transactions based on blockchain will be incorporated into the institutional sphere. When blockchain-based financial transactions such as CBDC are introduced in Korea, the basis for regulations to ensure safety will be the Electronic Financial Transactions Act and the Electronic Financial Supervisory Regulations. In addition, blockchains applied to current financial transactions must also comply with the Electronic Financial Transactions Act and the Electronic Financial Supervisory Regulations. However, since information recorded on the blockchain is difficult to modify or delete, and it is distributed and stored, there is a limit to applying the existing regulations based on the centralized system as it is. Therefore, regulations such as control of the computer ledger and destruction of electronic financial transaction information, provision and confidentiality of electronic financial transaction information, interpretation of information processing, backup and production in the event of an accident, and establishment of a disaster recovery center emerge as issues of securing safety. Financial authorities need to come up with a supervisory plan for blockchain-based financial services to respond to the new concept of a distributed ledger, and the regulation should be enacted and revised by strengthening the parts to be strengthened in the current regulation and deleting the parts to be deleted. In this study, specific policy countermeasures such as expanding the control of the computer ledger and anonymous processing means, reorganizing the scope of information provision and establishing a standard model, interpreting it as an electronic financial assistant and program, distinguishing clear roles and strengthening solidarity responsibility, and reflecting high operational resilience characteristics were proposed.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.1
• /
• pp.460-465
• /
• 2014

The Financial Supervisory Institution constantly has tightened the regulation for secure electronic financial service. Information Security Consulting and Service companies are not enough to cover about 4,500 financial institutes required to comply with the regulation, and the Financial Supervisory Institution also suffers from work overload. The demand for real-time work of risk management is getting stronger. Compliance with the regulation has to be attempted with technical approach so that requirement, implementation, monitoring, and supervision are efficiently performed. And, articles have to be concluded with compliance management service. In this research used compliance management framework and IT GRC process model, have to be designed compliance management lifecycle and 34 index.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.881-888
• /
• 2015

Financial Authorities have added security controls to the Electronic Financial Transaction Act and the Supervisory Regulation according to the recent frequent personal credit information leakages. Accordingly, the security level has been upgraded. But it is necessary to study more security controls to add. This paper deduces 19 security controls over the mean value to be added to the financial area receiving 15 security consultant's help.

• The Journal of Bigdata
• /
• v.4 no.2
• /
• pp.47-59
• /
• 2019

Recently, the RPA (Robotic Process Automation) solution, which has been spreading in Korea and overseas, allows users to easily automate their tasks with the application GUI (Graphic User Interface), and the number of Korean financial companies which Implemented for automating their business is increasing now. However, as the major supervisory regulations that financial institutions must comply with are based on the existing traditional SDLC (Software Development Life Cycle), it is not proper to be directly applied to RPA that automates end-user works on the level of user's system interface. Therefore, in this paper, we organized the important financial supervisory rules and control items that should be considered for RPA implementation, then surveyed 24 financial companies which have implemented RPA for checking how they applied them. Finally, we would like to present the necessity of revision of related compliance.

• The Journal of the Convergence on Culture Technology
• /
• v.3 no.4
• /
• pp.199-205
• /
• 2017

As cloud computing can utilize the proper allocation of system resources, it can be expected to have great benefits in terms of maintaining availability and reducing costs when a cloud is applied to a financial company's computer system. Although some provisions of the Financial Supervisory Regulation were revised in October 2016, this is limited to non-critical information processing systems, limits are remain whitch the application of cloud computing to the whole computer system of financial companies including electronic financial systems. In this paper, cloud security requirements are studied for the application of financial company's computational infrastructure system.

• The Journal of Society for e-Business Studies
• /
• v.22 no.4
• /
• pp.39-51
• /
• 2017

In October 2016, the NFSA (National Financial Supervisory Authorities) revised the network separation clause of the Regulation on Supervision of Electronic Financial Activities in order to promote the Cloud Computing implementation in the financial sectors. The new regulation, however, limits the Cloud Computing usage to non-critical information and its processing system. Financial institutions that provide customer data analysis and personalized services based on personal data regard current revision as unchanged as before. The implementation of Cloud Computing has greatly contributed to cost reduction, business innovation and is an essential requirement in ever-changing information communication technology environment. To guarantee both security and reliability of the implementation of the Cloud Computing in financial sectors, a considerable amount of research and debate needs to be done. This paper examines current Cloud Computing policies in the Korean financial sector and the challenges associated with it. Finally, the paper identifies policy suggestions based on both European Union and United States' approach as they have successfully introduced Cloud Computing Services for their financial sectors.