Financial Supervisory Service Conducts Naver Inspection After 4 Years... "Focus on Financial and Technical Systems Over Customer Information Handling"

The Financial Supervisory Service (FSS) is set to conduct an inspection of Naver Financial for the first time in four years, focusing on financial soundness, handling of customer personal information, and the algorithms behind comparison recommendation services. Although the total number of personnel involved in the inspection has not been finalized, it is likely that 10 to 20 people will be deployed. The deadline for completing the inspection is also undecided. Unlike cases involving Viva Republica (Toss) and Kakao Pay, where fines of around 5 billion KRW were imposed for violations of personal credit information consent systems, the financial supervisory authorities plan to focus more on the response system and soundness indicators related to prepaid fund payment incidents.

Seoul Yeongdeungpo-gu Yeouido Financial Supervisory Service building. Provided by FSS

원본보기 아이콘

According to the supervisory authorities on the 25th, the regular inspection of Naver Financial will mainly cover ▲ overall technical systems such as incident response systems (Electronic Financial Transactions Act) ▲ appropriateness of personal information handling (Credit Information Protection Act) ▲ occurrence of conflicts of interest in comparison recommendation services (Financial Consumer Protection Act) ▲ compliance with conditions for innovative financial services such as the use of generative artificial intelligence (AI) on internal networks (Financial Innovation Support Special Act) ▲ and financial soundness.

On the 21st, the FSS sent a prior notice to Naver Financial stating that a regular inspection would be conducted in the first half of the year, but the number of personnel and the target completion date have not been set. The regular inspection will be divided into preliminary and main inspections. The preliminary inspection consists of ongoing reviews of various materials and on-site inspections; currently, the ongoing review phase is underway. The estimated total personnel for this regular inspection is 10 to 20 people. Last year, 30 to 40 people were deployed for regular inspections of KB Financial Group and Bank, as well as Woori Financial Group and Bank.

Previously, Naver Financial underwent an on-site spot inspection by the FSS in 2021. At that time, it was fined 23.6 million KRW and three executives received warnings for violating obligations to ensure the safety of electronic financial transactions and for failing to notify users of changes to electronic financial transaction terms. An FSS official explained, "Among the big tech companies (including Toss and Kakao), Naver Financial has gone the longest without an inspection. After last year's Tmon and Wemakeprice (Timep) incidents, there was a consensus on the need for more systematic supervision of electronic financial operators. However, since Naver Financial has not been subject to systematic supervision of institutional operational stability and internal control systems like traditional financial companies, this regular inspection is being conducted."

The regular inspection differs from spot inspections, which investigate causes after specific incidents occur. Rather than focusing on the 'consent system' as in the Kakao Pay and Toss inspections, which involved unauthorized collection and use of customers' personal credit information violating the Credit Information Protection Act, the focus will be on financial soundness and the response system for prepaid fund incidents. Earlier, on the 19th, the FSS announced its '2025 FSS Inspection Operation Plan,' stating it would examine the risk management status of big tech non-financial affiliates. According to Naver Financial's 2023 audit report, the current ratio (current assets to current liabilities) was 133%, exceeding the FSS standard of 50%.

An FSS official said, "If big tech's secondary financial (electronic financial) sectors struggle with prepaid fund management, it could disrupt stable service provision, so financial stability will also be reviewed during the regular inspection."

원본보기 아이콘

Within the IT industry, it is difficult to predict whether violations of the Credit Information Protection Act by Naver Financial will be detected, and responses have been cautious. However, if any misconduct involving improper handling of consumer personal information is uncovered during the regular inspection, the company could face tens of billions of KRW in fines, penalties, and institutional warnings, similar to Toss and Kakao Pay, causing heightened tension. Kakao Pay was caught transferring personal information of about 40 million customers to China's Alipay without consent and was fined 5.968 billion KRW by the Personal Information Protection Commission; it is currently awaiting financial regulatory sanctions. Viva Republica was sanctioned last October by the FSS with institutional warnings, a fine of 5.374 billion KRW, and a penalty of 628 million KRW for improper use of personal credit information through unlawful data combination.

An FSS official noted, "We do not set a specific direction such as credit information, technical systems, or financials in advance for the inspection. Since we have already focused a lot on the consent system, there is no need to overly emphasize this aspect now."

A Naver Financial representative stated, "At present, aside from being notified by the FSS that a regular inspection will be conducted in the first half of the year, we have not received any other information and are unaware of the specific scope and content of the investigation, so it is difficult to comment in detail on our response plan. We will cooperate sincerely with the inspection."

Some in the industry believe that distribution platform companies such as Coupang Pay and Woowa Brothers (Baedal Minjok), as well as large electronic payment gateway (PG) companies like KG Inicis, could also become subjects of future inspections. Since the inspection focus for Naver Financial is on prepaid fund management response systems and financial soundness, the supervisory scope may also include the status of prepaid fund and settlement fund management at these companies.

In this regard, last September, the Financial Services Commission announced an amendment to the Electronic Financial Transactions Act requiring PG companies to obligatorily manage 100% of sales proceeds separately through deposit, trust, or payment guarantees.

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.