Law Viewer

Back Home

ACT ON THE SUPERVISION OF FINANCIAL CONGLOMERATES

Act No. 17800, Dec. 29, 2020

CHAPTER I GENERAL PROVISIONS
 Article 1 (Purpose)
The purpose of this Act is to promote the sound management of financial conglomerates and the stability of financial markets and to protect financial consumers by prescribing matters necessary for the effective management and supervision of financial and managerial risks that may occur with regards to financial conglomerates.
 Article 2 (Definitions)
The terms used in this Act are defined as follows:
1. The term “financial company” means any of the following companies (including foreign corporations):
(a) A company engaged in financial business prescribed by Presidential Decree;
(b) A company prescribed by Presidential Decree, the purpose of which is to engage in a business closely related to the operation of the financial business;
2. The term "business group" means an enterprise group as defined in subparagraph 2 of Article 2 of the Monopoly Regulation and Fair Trade Act;
3. The term "financial conglomerate" means a group designated under Article 5 (1), consisting of at least two financial companies that belong to the same business group;
4. The term "affiliated financial company" means a financial company belonging to a financial conglomerate;
5. The term "large shareholder" means a large shareholder as defined in subparagraph 6 of Article 2 of the Act on Corporate Governance of Financial Companies;
6. The term "risk concentration" means a state where the transaction counterparts or business areas of the relevant financial conglomerate are concentrated on particular targets or particular areas, which may pose a risk to its payment capability or financial standing;
7. The term "internal transaction" means a transaction a financial company conducts with its large shareholder (including a person affiliated to such shareholder as prescribed by Presidential Decree; hereinafter the same shall apply) or for the large shareholder, which falls under any of the following:
(a) Offering or trading funds, such as suspense payments or loans;
(b) Offering or trading securities, such as shares or corporate bonds;
(c) Offering or trading assets, such as real estate or intangible property rights;
(d) Offering or trading goods or services;
8. The term "finance-related statutes or regulations" means finance-related statutes or regulations prescribed by Presidential Decree and those of foreign countries corresponding thereto.
 Article 3 (Scope of Application)
(1) This Act shall not apply to any of the following financial companies:
1. A financial holding company defined in subparagraph 1 of Article 2 of the Financial Holding Companies Act or a subsidiary under Article 4 (1) 2 of the same Act;
2. A financial company of the business group to which any of the following banks belongs:
(a) The Korea Development Bank under the Korea Development Bank Act;
(b) The Export-Import Bank of Korea under the Export-Import Bank of Korea Act;
(c) The Industrial Bank of Korea under the Industrial Bank of Korea Act.
(2) At the request of a representative financial company referred to in Article 7, the Financial Services Commission shall not apply Articles 14 through 16, nor Article 20 to a financial company, where the financial company satisfies any of the grounds prescribed by Presidential Decree, including cases where the application of such provisions is likely to bring little practical benefit considering its businesses and scale.
 Article 4 (Relationship to Other Statutes)
Except as provided in other statutes, this Act shall prevail as to the supervision of financial conglomerates.
CHAPTER II DESIGNATION OF FINANCIAL CONGLOMERATES
 Article 5 (Designation of Financial Conglomerates)
(1) Where financial companies belonging to the same business group meet all of the following requirements, the Financial Services Commission shall designate such group of financial companies as a financial conglomerate, as prescribed by Presidential Decree:
1. They shall engage in at least two of the following businesses:
(a) Any of the following businesses (hereinafter referred to as "lending and deposit-taking business"):
(i) Banking business under the Banking Act;
(ii) The business of a merchant bank under the Financial Investment Services and Capital Markets Act;
(iii) The business of a mutual savings bank under the Mutual Savings Banks Act;
(iv) Specialized credit finance business under the Specialized Credit Finance Business Act;
(vi) Other financial businesses involving extending credit or taking deposits prescribed by Presidential Decree;
(b) Financial investment business under the Financial Investment Services and Capital Markets Act (hereinafter referred to as “financial investment business”);
(c) Insurance business under the Insurance Business Act (hereinafter referred to as "insurance business");
2. The combined value of the assets calculated as prescribed by Presidential Decree shall be at least five trillion won, in excess of an amount set by Presidential Decree;
3. At least one of the financial companies shall obtain authorization or permission from the Financial Services Commission or shall be registered with the Financial Services Commission under finance-related statutes or regulations;
4. The ratio of the combined value of the assets of an insolvent financial institution referred to in the Act on the Structural Improvement of the Financial Industry or of a financial company equivalent thereto, also prescribed by Presidential Decree, to the combined value of the assets calculated under subparagraph 2 shall not exceed the ratio prescribed by Presidential Decree;
5. They shall not contravene conditions prescribed by Presidential Decree, where supervision under this Act is likely to bring little practical benefit considering the respective percentage or scale of assets or equity capital with respect to the lending and deposit-taking business, the financial investment business, and the insurance business in which they are engaged, the details and intended purposes of finance-related statutes or regulations, and considering other factors.
(2) When considering designation under paragraph (1), the Financial Services Commission may request that a financial company or its large shareholders submit data on its general conditions in terms of business type, assets, equity capital, number of employees, the composition of its shareholders and executive officers (referring to executive officers under subparagraph 2 of Article 2 of the Act on Corporate Governance of Financial Companies; hereinafter the same shall apply), the status of large shareholders, stock ownership status, and other data prescribed by Presidential Decree.
(3) Where a financial conglomerate is designated under paragraph (1), the Financial Services Commission shall give written notice of such fact to the representative financial company prescribed in Article 7 (referring to the financial company with the largest total assets in the case of a financial conglomerate without a representative financial company).
(4) Articles 9 through 16 and 20 shall begin to apply to a financial conglomerate newly designated under paragraph (1) six months after the date of such designation.
 Article 6 (Release of Financial Conglomerates from Designation)
(1) Where a financial conglomerate no longer satisfies at least one of the requirements listed in the subparagraphs of Article 5 (1), the Financial Services Commission shall release it from such designation ex officio or at the request of the representative financial company referred to in Article 7: Provided, That this may not apply to situations, as prescribed by Presidential Decree, where it is necessary to maintain a financial conglomerate's designation, such as where its failure to satisfy a designation requirement is temporary.
(2) Where a representative financial company applies for release from financial conglomerate's designation under the main clause of paragraph (1), it shall submit the grounds therefor and related data to the Financial Services Commission, as prescribed by Presidential Decree.
(3) For release from the designation under paragraph (1), the Financial Services Commission may request that affiliated financial companies or large shareholders submit data on the general conditions of the financial companies in terms of business type, assets, equity capital, number of employees, the composition of its shareholders and executive officers, the status of large shareholders, stock ownership status, and other data prescribed by Presidential Decree.
(4) Where the Financial Services Commission decides to release a financial conglomerate from designation or decides to maintain such designation under paragraph (1), it shall give written notice thereof to the representative financial company referred to in Article 7.
 Article 7 (Selection of Representative Financial Company)
(1) A financial conglomerate shall select a financial company that represents it (hereinafter referred to as "representative financial company") with reference to standards prescribed by Presidential Decree in terms of investment relations, total assets and capital, ownership or governance structure, and other factors of the financial companies affiliated thereto.
(2) Where a financial conglomerate fails to select a representative financial company within one month from the date of designation under Article 5 (1), the Financial Services Commission may select a representative financial company from among the affiliated financial companies. In such cases, written notice thereof shall be given to the representative financial company selected.
(3) Notwithstanding paragraphs (1) and (2), where a financial conglomerate deems it appropriate to select another affiliated financial company as its representative financial company, it may select a different one or may replace the selected one after consultation with the affiliated financial companies.
(4) Once a representative financial company is selected or replaced under paragraph (1) or (3), a financial conglomerate shall file a report thereon with the Financial Services Commission.
 Article 8 (Functions of Representative Financial Company)
(1) A representative financial company shall exercise overall control over the following functions for the relevant financial conglomerate:
1. Formulating internal control polices for the financial conglomerate, establishing or revising its internal control standards, and other functions relating to its internal control systems under Articles 9 and 10;
2. Formulating risk management policies for the financial conglomerate, establishing or revising its risk management standards, and other functions relating to its risk management systems under Articles 11 and 12;
3. Functions relating to the management of soundness for the financial conglomerate under Articles 13 through 16;
4. Functions relating to reporting and public disclosure under Article 20;
5. Functions accompanying those listed in subparagraphs 1 through 4.
(2) In order to exercise overall control over the functions prescribed in the subparagraphs of paragraph (1), a representative financial company may request that other affiliated financial companies belonging to the relevant financial conglomerate submit necessary data and to take measures required by this Act. In such cases, the affiliated financial companies so requested shall actively cooperate, in the absence of special grounds to the contrary.
CHAPTER III INTERNAL CONTROL AND RISK MANAGEMENT OF FINANCIAL CONGLOMERATES
SECTION 1 Internal Control and Risk Management of Financial Conglomerates
 Article 9 (Formulation of Internal Control Policies)
(1) In order to ensure sound internal control, a financial conglomerate shall formulate internal control policies at the level of the financial conglomerate (hereinafter referred to as "internal control policies of the financial conglomerate") including policies regarding the following matters, and shall periodically assess and check its progress as to the promotion thereof:
1. Matters regarding the operation of internal control policies for the financial conglomerate;
2. Matters regarding the principles to follow in the course of performing duties relating to preventing violations of finance-related statutes or regulations;
3. Matters regarding inspection of vulnerabilities in the internal control of the financial conglomerate and required countermeasures;
4. Matters regarding the prevention of conflicts of interest among interested parties, such as customers of the financial conglomerate, affiliated financial companies, and non-financial companies belonging to the same business group as financial companies (hereinafter referred to as "affiliated non-financial company");
5. Matters regarding the principles to be taken into account at the level of the financial conglomerate before the appointment of executive officers of an affiliated financial company;
6. Matters regarding the enhancement of internal control, such as a sense of ethics and a law-abiding attitude among executive officers or employees of the relevant financial conglomerate (hereinafter referred to as "executive officers or employees").
(2) A financial conglomerate shall establish standards and procedures that its executive officers and employees shall observe in the course of performing their duties (hereinafter referred to as "internal control standards of a financial conglomerate") so as to ensure compliance with applicable statutes or regulations, sound management, and protection of shareholders and interested parties, at the level of the financial conglomerate.
(3) Details regarding internal control policies and internal control standards of a financial conglomerate shall be prescribed by Presidential Decree.
 Article 10 (Internal Control Systems of Financial Conglomerates)
(1) The formulation of internal control policies of a financial conglomerate, the establishment and revision of major details of its internal control standards, and other key issues regarding internal control for a financial conglomerate prescribed by Presidential Decree shall be finalized after consultation with its affiliated financial companies and then deliberation and resolution by the board of directors of the representative financial company.
(2) A financial conglomerate may establish an internal control organization to assist the board of directors of the representative financial company indicated in paragraph (1) in its duties relating to internal control.
(3) An internal control organization established according to paragraph (2) shall take the form of a consultative council consisting of the affiliated financial companies: Provided, That a representative financial company may designate any of the following organizations or persons as an internal control organization for the financial conglomerate, where it is deemed inappropriate to establish a consultative council for reasons such as the limited involvement of affiliated financial companies in the businesses of the conglomerate:
1. An internal control-related organization of a representative financial company under the statutes or regulations on corporate governance of financial companies;
2. A compliance officer referred to in the Act on Corporate Governance of Financial Companies, working for the representative financial company.
(4) Details regarding the composition and operation of an internal control organization of a financial conglomerate under paragraphs (2) and (3) shall be determined and publicly notified by the Financial Services Commission.
 Article 11 (Establishment of Risk Management Policies)
(1) In order to manage risks at the level of a financial conglomerate resulting from its asset management, various transactions, or other functions, the financial conglomerate shall formulate risk management policies (hereinafter referred to as "risk management policies for a financial conglomerate"), including policies regarding the following matters, and shall periodically assess and check its progress as to the promotion thereof:
1. Matters regarding the operation of risk management policies for the financial conglomerate;
2. Matters regarding the recognition, assessment, monitoring, and control of risks by the financial conglomerate;
3. Matters regarding the establishment of risk-bearing limits and allocation of capital for each sector, such as business scope and transaction area, and each affiliated financial company;
4. Matters regarding the management of risks resulting from the conflicts of interest among interested parties including customers, affiliated financial companies, and affiliated non-financial companies of the financial conglomerate;
5. Other matters necessary for risk management at the level of a financial conglomerate.
(2) A financial conglomerate shall prepare standards and procedures for risk management, in order to timely recognize, assess, monitor, and control risks associated with asset management, the conducting of business, or other various types of transactions at the level of the financial conglomerate (hereinafter referred to as "risk management standards of a financial conglomerate").
(3) Details regarding risk management policies and risk management standards of a financial conglomerate shall be prescribed by Presidential Decree.
 Article 12 (Risk Management Systems of Financial Conglomerates)
(1) The formulation of risk management policies of a financial conglomerate, the establishment and revision of major details of its risk management standards, and other key issues regarding risk management of a financial conglomerate prescribed by Presidential Decree shall be finalized after consultation with its affiliated financial companies and then deliberation and resolution by the board of directors of the representative financial company.
(2) A financial conglomerate may establish a risk management organization to assist the board of directors of the representative financial company indicated in paragraph (1) in its duties relating to risk management.
(3) A risk management organization referred to in paragraph (2) shall take the form of a consultative council consisting of the affiliated financial companies: Provided, That a representative financial company may designate any of the following organizations or persons as a risk management organization for the financial conglomerate, where it is deemed inappropriate to establish a consultative council for reasons such as the limited involvement of affiliated financial companies in the businesses of the conglomerate:
1. A "risk management committee” as defined by Article 16 (1) 3 of the Act on Corporate Governance of Financial Companies;
(4) Details regarding the composition and operation of a risk management organization of a financial conglomerate under paragraphs (2) and (3) shall be determined and publicly notified by the Financial Services Commission.
SECTION 2 Management of Soundness of Financial Conglomerates
 Article 13 (Securing Sound Management of Financial Conglomerates)
A financial conglomerate shall secure soundness in its business management at the level of the financial conglomerate, by making its equity capital solid, maintaining adequate levels of liquidity, and properly managing relevant risks.
 Article 14 (Capital Adequacy Management by Financial Conglomerates)
(1) A financial conglomerate shall secure sufficient equity capital to guarantee its financial soundness.
(2) A financial conglomerate shall periodically check and assess the overall adequacy of its capital in reference to the following matters that may pose additional risks to the entire financial conglomerate:
1. Overlap in the use of capital by affiliated financial companies;
2. The possibility of loss caused by internal transactions or risk concentration;
3. The possible spread of risks due to vulnerabilities in the financial conglomerate's internal control systems or risk management systems;
4. The possibility of the insolvency of a financial conglomerate due to conflicts of interest with affiliated non-financial companies as well as the financial and managerial risks of affiliated non-financial companies;
5. The possibility of risks resulting from factors other than ordinary financial transactions.
(3) Detailed standards for checking and assessing the adequacy of capital, which reflect possible additional risks to the entire financial conglomerate under paragraph (2), shall be prescribed by Presidential Decree. In such cases, it shall be ensured that matters regarding additional risks do not overlap and that the results of the assessment of its internal control systems and risk management systems under paragraph (2) 3 shall not serve as a factor in the mitigation of risks to the financial conglomerate.
(4) The Financial Services Commission shall periodically assess and supervise the adequacy of the capital of the financial conglomerate under paragraphs (1) and (2).
 Article 15 (Management of Internal Transactions and Risk Concentration by Financial Conglomerates)
(1) A financial conglomerate shall appropriately measure, monitor, and manage the impact of internal transactions and of risk concentration on the financial conglomerate.
(2) Where a large shareholder of a domestic affiliated financial company intends to conduct an internal transaction with the relevant financial company, on its own account or for a third party, and where the value of such transaction is equal to or exceeds an amount set by Presidential Decree, major details regarding such transaction shall be provided to the board of directors for approval. In such cases, approval from the board of directors shall be obtained by the consent of at least two-thirds of the incumbent directors, and the details of and procedures for such transaction shall be fair.
 Article 16 (Management of Risk Transfer by Financial Conglomerates)
(1) A financial conglomerate shall properly recognize, assess, monitor, and control the impact of any risks of the affiliated financial companies on its overall soundness, considering any vulnerabilities in its internal control systems or risk management systems.
(2) A financial conglomerate shall properly recognize, assess, monitor, and control the risks to the financial conglomerate that might be caused by such factors as conflicts of interest with affiliated non-financial companies and any financial or management risks of such non-financial companies.
(3) In recognizing, assessing, monitoring, and controlling risks under paragraph (2), a financial conglomerate shall take the following factors into overall consideration:
1. Transactions with affiliated non-financial companies, or direct or indirect transactions of a financial company, accompanied by loss risk in financial transactions, such as loans, payment guarantee, underwriting of insurance, or acquisition, purchase, and holding of securities for affiliated non-financial companies;
2. Percentage of internal transactions with, or for, affiliated non-financial companies;
3. Propriety of measures for preventing conflicts of interest with affiliated non-financial companies;
4. Operational risk including the deterioration of the reputation of affiliated non-financial companies.
CHAPTER IV SUPERVISION OF FINANCIAL CONGLOMERATES
 Article 17 (Supervision)
The Financial Services Commission may require that a representative financial company submit relevant data, file a report, etc. or may issue other orders, where necessary in order to supervise whether a financial conglomerate complies with this Act and with the provisions of or with instructions issued under this Act.
 Article 18 (Inspection)
(1) A representative financial company shall undergo an inspection conducted by the Governor of the Financial Supervisory Service with respect to the internal control, risk management, and management of soundness by a financial conglomerate.
(2) Where necessary for an inspection under paragraph (1), the Governor of the Financial Supervisory Service may request that a representative financial company file a report regarding business operations or property, submit data, and cause relevant persons to appear and make statements.
(3) A person who conducts an inspection under paragraph (1) shall carry identification indicating his or her authority and present it to the relevant persons.
(4) Once an inspection is conducted under paragraph (1), the Governor of the Financial Supervisory Service shall submit a report thereon to the Financial Services Commission. In such cases, where there is any violation of this Act, of finance-related statutes or regulations, or of provisions, orders, and instructions of the Financial Services Commission under this Act, a written opinion on how to address such shall be attached thereto.
(5) The Financial Services Commission may determine the methods and procedures for inspections and other detailed standards necessary therefor.
 Article 19 (Operation of Supervisory College)
(1) The Financial Services Commission may operate a supervisory college consisting of the relevant departments of the Financial Services Commission and the Financial Supervisory Service to ensure efficient supervision of financial conglomerates.
(2) The supervisory college referred to in paragraph (1) shall inspect the issues of financial conglomerates and relevant improvements; and shall have consultations over supplementations required in the supervision of financial conglomerates.
(3) Matters necessary for the composition and operation of the supervisory college under paragraph (1) shall be prescribed by the Financial Services Commission.
 Article 20 (Reporting and Public Disclosure)
A financial conglomerate shall, via its representative financial company, report to the Financial Services Commission on matters prescribed by Presidential Decree as necessary for protecting financial customers, as prescribed and publicly notified by the Financial Services Commission; and shall disclose such to the public on its website or by other means.
 Article 21 (Assessment of Risk Management of Financial Conglomerates)
(1) The Financial Services Commission shall periodically assess the status of risks to a financial conglomerate and its management of the risks. In such cases, the following factors shall be taken into overall consideration:
1. Appropriateness of the internal control systems of the relevant financial conglomerate under Article 10;
2. Appropriateness of the risk management systems of the relevant financial conglomerate under Article 12;
3. The adequacy of the capital of the relevant financial conglomerate under Article 14;
4. Appropriateness of internal transactions and risk concentration control under Article 15;
5. Appropriateness of risk transfer management under Article 16;
6. Other matters regarding risk management conducted by financial conglomerates as prescribed by Presidential Decree.
(2) Details regarding the timing, methods, and standards of any assessment under paragraph (1) shall be prescribed by Presidential Decree.
 Article 22 (Submission of Management Improvement Plan)
(1) In either of the following cases, the Financial Services Commission may order the representative financial company of a financial conglomerate to submit a plan for improving the overall management of the financial conglomerate with the aim of preventing its insolvency and promoting sound management:
1. Where the results of an assessment of the adequacy of the capital of a financial conglomerate under Article 14 (4) or an assessment of its risk management status under Article 21 (1) fall short of the standards prescribed by Presidential Decree;
2. Where it is clear that the financial standing of a financial conglomerate will fail to meet the standards determined and publicly notified by the Financial Services Commission due to the occurrence of a large scale financial accident or bad debt.
(2) Upon receipt of an order to submit a plan under paragraph (1), a representative financial company shall submit a plan for improving its overall management, including all or some of the following matters:
1. Improvement of the internal control systems and risk management systems of the financial conglomerate;
2. Increase of capital or reduction of risk assets;
3. Reduction or elimination of internal transactions, or mitigation of risk concentration;
4. Suspension or termination of investment in an affiliated non-financial company or other transactions therewith, which may lead to the transfer of risks;
5. Other matters necessary for improving the sound management of a financial conglomerate, as prescribed by Presidential Decree.
(3) The Financial Services Commission may suspend an order for submission of a management improvement plan referred to in paragraph (1), where it deems a financial conglomerate that temporarily fell under any subparagraph of paragraph (1) able to satisfy the requirement in a short period of time or where there are any equivalent grounds.
(4) Details relating to the submission of a management improvement plan, or to any grace period for submission, along with any other details under paragraphs (1) through (3) shall be prescribed by Presidential Decree.
 Article 23 (Measures against Failure to Submit or Implement Management Improvement Plan)
(1) The Financial Services Commission may issue an order for any of the following measures, where a financial conglomerate fails to submit a management improvement plan referred to in Article 22 (2), where the submitted plan is unlikely to help improve the management soundness (including cases where another affiliated financial company does not cooperate in the submission of a management improvement plan by the representative financial company), where it fails to implement the management improvement plan or becomes unable to do so, or where the relevant financial conglomerate is clearly likely to harm the stability in financial markets due to its poor risk management:
1. Submission of a management improvement plan or any revision or supplementation thereto;
2. Implementation of the management improvement plan submitted;
3. Any of the following measures considered inevitable to maintaining the sound management of a financial conglomerate:
(a) Where the relevant affiliated financial company is a bank under the Banking Act: Article 34 (4) of the same Act;
(b) Where the relevant affiliated financial company is an insurance company under the Insurance Business Act: Article 123 (2) of the same Act;
(c) Where the relevant affiliated financial company is a financial investment business entity under the Financial Investment Services and Capital Markets Act: Article 31 (4) of the same Act;
(d) Where the relevant affiliated financial company is a mutual savings bank under the Mutual Savings Banks Act: Article 22-4 (2) of the same Act;
(e) Where the relevant affiliated financial company is a specialized credit financial company under the Specialized Credit Finance Business Act: Article 53-3 (2) of the same Act;
(f) Where the relevant affiliated financial company is a financial institution under the Act on the Structural Improvement of the Financial Industry: Article 10 (1) of the same Act.
(2) Notwithstanding paragraph (1), the Financial Services Commission may suspend such order for measures referred to in paragraph (1), where it deems a financial conglomerate that temporarily fell under any subparagraph of Article 22 (1) able to satisfy the requirement in a short period of time or where there are any equivalent grounds.
(3) Details regarding any measures to be taken as ordered under paragraph (1) concerning a failure to submit or to implement a management improvement plan and regarding suspension of such an order under paragraph (2) shall be prescribed by Presidential Decree.
 Article 24 (Prohibition on Disclosure of Confidential Information)
(1) An executive officer or employee of an affiliated financial company (including former executive officers or employees; hereafter in this Article the same shall apply) shall not use any confidential information on the relevant financial conglomerate or any affiliated financial company (hereinafter referred to as "non-disclosure information") pertaining to an order issued under Article 22 (1) or 23 (1), for any purpose other than business purposes, neither shall executive officers or employees provide or divulge such information to a person other than the affiliated financial company (including its large shareholders where an order or measure does not involve large shareholders of the relevant financial company; hereinafter the same shall apply).
(2) A large shareholder of the relevant financial company provided with non-disclosure information from an executive officer or employee of the affiliated financial company shall not use such information for any purpose other than business purposes of the relevant financial company neither shall such large shareholder provide or divulge such information to a third party.
CHAPTER V PROCEDURES FOR DISPOSITIONS AND SANCTIONS
 Article 25 (Administrative Dispositions)
(1) The Financial Services Commission may take the following measures against a financial company or its executive officers or employees (an operating officer defined in Article 2 (5) of the Act on Corporate Governance of Financial Companies shall be included in employees, not in executive officers; hereafter in this Article the same shall apply) or may order them to take the following measures, where they fall under any subparagraph of the attached Table (limited to intent or gross negligence in the case of executive officers or employees). In such cases, a hearing shall be held where the Commission intends to request the removal of an executive officer from office or dismissal of an employee:
1. Issuing an order for a financial company to correct or stop a violation;
2. Issuing a warning or caution against a financial company;
3. Any of the following measures against an executive officer:
(a) A request for removal;
(b) Suspension from duty for up to six months;
(c) Appointment of a manager acting for the relevant executive officer;
(d) Disciplinary warning, cautionary warning, or caution;
4. Requesting taking any of the following measures against an employee:
(a) Dismissal;
(b) Suspension from duty or punitive wage cut for up to six months;
(c) Reprimand or caution;
5. Other measures or requests for measures prescribed by Presidential Decree as necessary to correct or prevent violations.
(2) Where any measure is taken against an executive officer or employee of a financial company or a request therefor is made based on under any of subparagraphs 1 through 5 and 7 of attached Table 1 under paragraph (1) and where the relevant person satisfies any of the grounds prescribed by Presidential Decree, such as taking reasonable precautions to fulfill his or her obligations, it shall be deemed that justifiable grounds exist.
(3) Where any measure is taken against an executive officer or employee of a financial company or a request therefor is made under paragraph (1), the Financial Services Commission may take the same measures against an executive officer or employee responsible for the management and supervision of the relevant executive officer or employee or may make a request that such measures be taken: Provided, That mitigation or an exemption may be provided where the person responsible for management and supervision has not been negligent in giving due care to such management and supervision.
(4) Where the Financial Services Commission deems that a retired executive officer or employee of a financial company would have been subjected to the measures under paragraph (1) or would have received a request therefor had he or she been holding office, it may notify the head of the relevant financial company of the details thereof. In such cases, the head of the financial company so notified shall notify the relevant retired executive officer or employee thereof.
 Article 26 (Recording of and Inquiry on Administrative Dispositions)
(1) Where, under Article 25, measures are taken, or a request for measures is made, or notice is given, the Financial Services Commission shall record and retain the details thereof.
(2) Where a financial company takes measures under Article 25 (1) 3 (a) or 4 against an executive officer or employee in response to a request from the Financial Services Commission or receives notice under Article 25 (4), it shall record and retain the details thereof.
(3) A financial company or its executive officers or employees (including former executive officers or employees) may request that the Financial Services Commission or a financial company make an inquiry as to the measures, the request for measures, or to notice taken, made, or given under Article 25 and, if any, the details thereof.
(4) Upon receipt of a request for inquiry under paragraph (3), the Financial Services Commission or a financial company shall notify the person who has made such request of the relevant details in the absence of justifiable grounds for not doing so.
 Article 27 (Raising of Objections)
(1) Where a person is dissatisfied with the measures taken or a request for measures made under Article 25 (1) (excluding a request for removal or dismissal), that person may file an objection with the Financial Services Commission, specifying the grounds therefor, within 30 days from the receipt of notice thereof.
(2) The Financial Services Commission shall make a decision on an objection raised under paragraph (1) within 60 days: Provided, That the period may be extended by up to 30 days, if it is impossible to make a decision within the specified period for justifiable reasons.
CHAPTER Ⅵ SUPPLEMENTARY PROVISIONS
 Article 28 (Considerations in Examination for Authorization and Permission)
Notwithstanding finance-related statutes or regulations, where a financial company is deemed to be designated as a financial conglomerate, together with the other financial companies belonging to the same business group, after being granted authorization, permission, registration, or approval in any of the following cases, the Financial Services Commission shall consider whether the group consisting of the relevant financial companies satisfies the requirements prescribed by Presidential Decree in terms of financial standing and soundness of management:
1. Where a person who engages in the financial business or intends to establish a financial company files with the Financial Services Commission an application for authorization, permission, or registration in accordance with finance-related statutes or regulations;
2. Where a person files with the Financial Services Commission an application for authorization or approval for merger or merger after division under finance-related statutes or regulations;
3. Where a person files with the Financial Services Commission an application for approval for acquisition or takeover of the stocks issued by a financial company in accordance with finance-related statutes or regulations.
 Article 29 (Provision and Management of Customer Information)
(1) Notwithstanding Article 4 (1) of the Act on Real Name Financial Transactions and Confidentiality and Articles 32 and 33 of the Credit Information Use and Protection Act, an affiliated financial company may provide another affiliated financial company belonging to the relevant financial conglomerate with the information or data on financial transactions prescribed in Article 4 of the Act on Real Name Financial Transactions and Confidentiality (hereinafter referred to as “information on financial transactions”) and personal credit information defined in subparagraph 2 of Article 2 of the Credit Information Use and Protection Act (hereinafter referred to as “personal credit information”) in accordance with the methods and procedures for the following matters determined by the Financial Services Commission, for the uses specified by Prescribed by Presidential Decree such as internal control and risk management by a financial conglomerate:
1. Scope of information available for provision;
2. Means of processing the information provided, such as encryption;
3. Separate keeping of the information provided;
4. Period and purposes of use of the information provided;
5. Deletion of the information after the period of use expires;
6. Other matters prescribed by Presidential Decree as necessary for strict management of the provided information.
(2) An investment trader or broker referred to in the Financial Investment Services and Capital Markets Act, from among the affiliated financial companies, may provide another affiliated financial company belonging to the relevant financial conglomerate with any of the following information on money or securities deposited by a person who trades or intends to trade securities through such investment trader or broker (hereinafter referred to as “information on the total amount of securities, etc.”) in accordance with the procedures for providing customer information, for the uses specified by Presidential Decree such as internal control or risk management by a financial conglomerate:
1. The total amount of money deposited;
2. The total amount of securities deposited;
3. The total amount of securities deposited for each type;
4. Other information prescribed and publicly notified by the Financial Services Commission that is equivalent to the types of information specified in subparagraphs 1 through 3.
(3) Where an affiliated financial company provides financial transaction information, personal credit information, and information on the total amount of securities, etc. (hereinafter referred to as “customer information”) under paragraphs (1) and (2), Article 32 (10) of the Credit Information Use and Protection Act shall not apply.
(4) Where an affiliated financial company provides customer information under paragraphs (1) and (2), notice regarding the details thereof shall be given to the relevant customer: Provided, That this shall not apply where personal information necessary for such notification, including contact information, is not collected.
(5) The types of information subject to notification, notification frequency and methods, and other necessary matters under paragraph (4) shall be prescribed by Presidential Decree.
(6) An affiliated financial company shall appoint at least one of its executive officers as a customer information officer to ensure strict management of customer information.
(7) A customer information officer referred to in paragraph (6) shall prepare a business manual as determined by the Financial Services Commission for the strict management of customer information, and shall report the details thereof to the Financial Services Commission.
(8) An affiliated financial company shall formulate guidelines for handling customer information, as prescribed by Presidential Decree, and shall provide public notice or make public announcement of such to its transaction counterpart and post such in its branch offices.
 Article 30 (Joint Use of Facilities)
Affiliated financial companies may jointly use a computer system, office space, or other facilities specified by Presidential Decree for the uses specified by Presidential Decree, including internal control and risk management by the financial conglomerate.
 Article 31 (Entrustment of Authority)
Part of the authority of the Financial Services Commission under this Act may be entrusted to the Governor of the Financial Supervisory Service, as prescribed by Presidential Decree.
CHAPTER VII PENALTY PROVISIONS
 Article 32 (Penalty Provisions)
A person who uses non-disclosure information for purposes other than business purposes or provides such information to a person other than an affiliated financial company in violation of Article 24 shall be subject to imprisonment with labor for up to 10 years or a fine of up to 500 million won.
 Article 33 (Joint Penalty Provisions)
If a representative of a corporation or an agent, employee, or servant of a corporation or an individual commits any violation specified in Article 32 in connection with the business affairs of the corporation or the individual, not only shall the offender be punished accordingly, but the corporation or the individual shall also be punished by a fine prescribed in that Article: Provided, That this shall not apply where the corporation or the individual has not been negligent in exercising due care and supervision of the relevant business affairs in order to prevent such violation.
 Article 34 (Administrative Fines)
(1) Any of the following persons shall be subject to an administrative fine of up to 100 million won:
1. A person who refuses to submit data in response to a request for submission under Article 5 (2) or 6 (3) without justifiable grounds or who submits false data;
2. A person who, in violation of Article 17, fails to submit data or file a report without justifiable grounds, who files a false report, or who violates an order;
3. A person who refuses, interferes with, or evades any inspection prescribed in Article 18 (1) without justifiable grounds;
4. A person who refuses, interferes with, or evades a request for reporting, data submission, or attendance and statement of the interested persons under Article 18 (2), without justifiable grounds;
5. A person who, in violation of Article 20, fails to make a report or public disclosure or makes a false report or public disclosure;
6. A person who fails to comply with an order referred to in Article 22 (1) or 23 (1) without justifiable grounds;
7. A person who, in violation of Article 25 (1), fails to comply with the required measures or fails to respond to an order for measures;
8. A person in violation of Article 29 (1), (2), (4), or (6) through (8).
(2) Where a person subject to an administrative fine for falling under any of paragraph (1) 1 through 4 and 6 has exercised reasonable due care to fulfill his or her obligations, satisfying the grounds prescribed by Presidential Decree, it shall be deemed that justifiable grounds exist.
(3) The administrative fines under paragraph (1) shall be imposed and collected by the Financial Services Commission as prescribed by Presidential Decree.
ADDENDUM <Act No. 17800, Dec. 29, 2020>
This Act shall enter into force six months after the date of its promulgation.