The South Korea government approved the revisions to the enforcement decree of the “Credit Information Use and Protection Act ” at a cabinet meeting on July 28,2020，which marks the final legislative changes necessary for the promotion of a data-driven economy and digital new deal initiative.
I. ENSURING SAFETY IN DATA CONVERGENCE
Data convergence will be safely carried out by designated institutions specifically tasked with data convergence. Data specializing institutions shall provide pseudonymized and anonymized data to financial institutions.
Data specializing institutions are required to maintain an appropriate level of human resources and set up a risk management system and internal control mechanisms.
II. LOWERING ENTRY BARRIERS FOR NEW MYDATA & CREDIT BUREAU BUSINESSES
More fintech firms will be given opportunities to start their own credit bureau businesses as the revisions restrict the required number of data specialists to maximum 10 professionals even for business entities wishing to apply for multiple CB licenses.
In addition, new guidelines will be established to prohibit unfair practices by credit bureaus, such as discriminatory or preferential credit rating, etc.
III. REQUIRING MYDATA BUSINESSES TO SAFELY PROTECT PERSONAL FINANCIAL DATA AND STRENGTHENING DATA PRIVACY RIGHTS FOR CONSUMERS
New rules have been established to guarantee that MyData service providers are abiding by data privacy rights and data transfer rights of consumers.
IV. IMPROVING DATA PROTECTION IN FINANCIAL SECTOR
Financial companies will be required to inspect and report to the financial authority at least once every year the results of inspection for internal data management and protection status.
The implementation order of this law will promote the emergence and development of new industries such as My data and non-financial credit reporting; and by promoting data collection, processing, and combination, create high-quality data-related job opportunities;
Through the creation of new non-financial credit reporting and self-employed credit reporting, data can be expanded and a dedicated credit rating system can be constructed to solve the disadvantages of those who lack financial transaction history and self-employed individuals (self-employed) in credit evaluation an increase the reach of finance.
The Personal Information Protection Law, the Credit Information Law, and the Information Communication Network Law are the three data laws revised in the future in South Korea, which will promote the use of big data and data integration, provide one-to-one financial services to consumers based on data, and accelerate innovative financial services Development.
South Korea is a country with relatively developed credit reporting, with a market-oriented mechanism and a good legislative environment, which is worthy of reference for the construction of a new credit reporting system.
South Korea has actively promoted the construction of a credit system since 1980, and many laws will involve credit , and the “Credit Information Use and Protection Act” (abbreviated as “Credit Information Act”) enacted in 1995 can be regarded as The “constitution” in the field of credit reporting.
According to the needs of the digital economy era, South Korea has appropriately revised its credit reporting legislation to keep pace with the times. In a short period of less than 30 years, the “Credit Information Act” has updated many contents and several versions, and its updated contents accounted for a quarter of the entire law. And in recent years, with the rapid development of the big data industry and the tightening of global personal information protection, Korean personal credit reporting system has followed up quickly.
This legislative amendment addresses key issues: data protection and the promotion of innovation & development are simultaneously promoted. On the one hand, it strengthens information security and consumer privacy protection, and on the other hand, it reduces the barriers to entry of new credit reporting business.
The MyData industry in South Korea is an emerging industry in the digital economy. The South Korean government promotes the development of the industry through relevant legislation such as personal credit reporting. There is also an imaginative business space for China’s huge consumer market. The future progress is worthy of attention.
Background: Consumer credit reporting in South Korea
According to the evaluation of the International Finance Corporation (IFC), South Korea’s personal credit reporting industry level surpasses OECD countries in its breadth (coverage rate) and depth (technology, model), and ranks as the first level in the world with Britain, the United States, and Germany.
In the early development of the Korean credit reporting industry, the government led the development of the personal credit reporting (PCR) industry. By the beginning of 2000, the Private Credit Bureau (PCB) developed rapidly and began to dominate the entire Korean personal credit reporting market. By 2010, it entered the mature stage.
The personal credit reporting market in South Korea is mainly composed of three personal credit reporting agencies-NICE, KCB and SCI. Its supervisory agency is the Financial Supervision Institute (equivalent to a combination of China Banking and Insurance Regulatory Commission［CSRC］, and China Securities Regulatory Commission［CSRC］).
About the author
Liu Xinhai is the Executive Deputy Director/Researcher of the Credit Management Professional Committee(PCCM), CMAA, China.
An Guangyong is an expert member of the Credit Management Professional Committee (PCCM), CMAA, China. He has ever worked in one credit bureau of South Korean