The Financial Services Commission issued a preliminary notice of rules change regarding the supervisory regulation on credit information businesses on December 7, with aims to continue to seek innovation in financial MyData services. The revision proposal has been prepared after having taskforce meetings and discussions with MyData service providers and data specializing institutions.
First, to ensure a sustainable operating environment for MyData services, the revision proposal establishes reasonable standards for pricing data transfer costs. Since the onset of MyData services in January 2022, MyData service providers have been receiving and gathering information transferred from a variety of data providers, such as financial institutions, telecommunications service providers and payment gateways. In this regard, this revision proposal provides reasonable grounds for pricing the cost of transferring data for MyData service providers. More specifically, a standard cost approach will be used to calculate data transfer costs, and the standard cost will be calculated based on the costs required to set up and operate a relevant data transfer system. On a need-to-need basis, a cost discount can be provided to MyData service providers based on individual business circumstances.
To ensure fairness and transparency, specific procedures for pricing data transfer costs will be determined by Korea Credit Information Services (KCIS), which will set up a consultative body made up of various stakeholders. The pricing standards will be applied from 2023 and payable in installments from 2024. The Korea Financial Telecommunications & Clearings Institute (KFTC) will set up an integrated payment system for data providing entities and MyData service providers.
Second, the revision proposal will allow data specializing institutions to provide consulting in the areas of data convergence and pseudonymization, especially to small- and medium-sized fintech businesses, which often lack professional capacity in this field. Currently, there are twelve data specializing institutions, and they provide verification service on the appropriateness of data convergence carried out by financial institutions. The revision proposal also eliminates the inconvenience of having different requirements under two separate laws (the Credit Information Use and Protection Act and the Personal Information Protection Act) when applying for data convergence.
Third, for data specializing institutions to be designated as such, the qualification of their executive officers needs to be verified. Currently, national and regional government organizations are exempted from this requirement for being designated as a data specializing institution. Under the revised rules, this exemption will also apply to public organizations that fall under the oversight and jurisdiction of relevant government ministries and that have their own internal control mechanisms.
This revision proposal will be put up for public comment from December 7 to 19, 2023. The FSC will work to ensure that the changed rules take effect from this year.
* Please refer to the attached file for details.