The Financial Services Commission will implement within the year a plan to fully lift the network separation rule when capable financial companies introduce security-purpose artificial intelligence (AI·Artificial Intelligence).
Chairperson Lee Eog-weon of the Financial Services Commission on the 10th held a meeting titled "AX (AI transformation) era hacking and voice phishing response" with the heads of the five major financial holding companies at the Korea Federation of Banks in Jung District, Seoul, and said, "The government, under the recognition that 'AI attacks are defended with AI,' is actively pursuing multifaceted policies," and stated accordingly.
Lee said, "The era of the 'great AI transition' is an opportunity for a new leap forward, but it is also an adventure that faces challenges and threats we have not encountered before," identifying as key risk factors the potential security breaches of frontier AI such as the recently spotlighted "Mythos," and voice phishing crimes that exploit the latest technologies including AI and voice manipulation.
Attending the meeting were Jin Ok-dong, chair of Shinhan Financial Group, Ham Young-joo, chair of Hana Financial Group, Lee Chan-woo, chair of NongHyup Financial Group, Yim Jong-ryong, chair of Woori Financial Group, and Lee Hwan-joo, president of KB Kookmin Bank.
The Financial Services Commission explained that, regarding frontier AI security breach threats, it is swiftly pushing an emergency easing of the network separation rule to allow financial institutions to use security-purpose AI for vulnerability checks. It also said it will push to implement within the year a plan to fully lift the network separation rule by selecting financial companies with advanced AI and security capabilities.
The financial authorities are advancing the "ASAP (AI-based anti-phishing Sharing & Analysis Platform)," launched in October last year with a focus on the banking sector, by expanding the sharing of telecommunications and investigative information and conducting AI pattern analysis by crime type. They are working to establish guidelines so that even accounts involved in new types of phishing crimes can be immediately frozen and to reflect these in the financial sector's fraud detection systems (FDS). The Financial Services Commission said it also plans to expedite the introduction of a "no-fault liability" system to strengthen accountability in the financial sector and provide effective relief for victims.
Lee asked participants to actively respond to new digital threats together with the government. Lee said, "Please actively participate in the AI security tests prepared by the government and cooperate so that the resulting findings and specific response guidelines are disseminated evenly across the entire financial sector."
Lee continued, "Please投入 sufficient human and material resources so that swift account freezes and victim relief can be achieved even for new types of phishing crimes, and pay attention to preparing clear customer response manuals," adding, "At the holding company level, expand response capabilities such as in-house penetration testing and response scenarios for each crisis situation, and ensure that every financial company within the group strictly adheres to the 'basics' of security, including IT resource management and prompt security patches." Lee then asked them to lead by creating successful cases and actively share them.
According to the Financial Services Commission, participants in the meeting expressed strong agreement that public-private cooperation is crucial as frontier AI raises global awareness of risks. They said they would also move quickly to prepare to rebuild overall financial company management on an AI basis.