South Korea fines Corbitt $1.8 million
Most breaches involve failures of customer due diligence and identity verification procedures. The move coincides with reports that Mirai is likely to buy a lot of property. The case reinforces expectations of tighter regulation in South Korea's crypto sector.
South Korea's crackdown on Corbit at the end of the year is a critical moment for the country's digital asset industry, as regulators have warned that compliance gaps will have real consequences.
On December 31, the Financial Intelligence Unit shut down an on-site investigation into one of the nation's longest-running exchanges with hefty financial penalties and administrative sanctions.
The move, based on findings from October, puts a new focus on how exchanges authenticate users, manage risk and expand services.
It also landed at a sensitive time for Corbit, showing how regulatory discipline is shaping the future of South Korea's crypto market.
The FIU announced a fine of 2.73 billion won ($1.88 million) after discovering nearly 22,000 violations related to anti-money laundering and customer verification obligations.
The violations were discovered in The inspection was conducted between October 16 and 29, 2024, and the results were later reviewed by the Sanctions Review Committee.
Alongside the fine, the regulator issued an institutional warning and imposed individual accountability measures on top executives.
Inspection findings
A significant proportion of violations stem from failures in customer due diligence.
FIU has found approximately 12,800 cases of improper identity checks.
These include accepting unclear or unverifiable identification documents, incomplete address information, and mandatory re-verification procedures.
In many cases, users have been allowed to continue trading even after their risk profile has increased without additional checks being implemented.
Such practices conflict with requirements that high-risk clients undergo enhanced screening rather than routine monitoring.
The review identified nearly 9,100 cases where customers were allowed to trade before identity verification was fully completed.
South Korean laws restrict transactions by unverified users, which directly violates core compliance requirements.
Liability above
Beyond the operational failures, the enforcement action extended the responsibility to the management.
FIU issued an institutional warning to Corbitt, while the exchange's CEO received a warning and the reporting officer was reprimanded.
This approach reflects a broader regulatory emphasis on governance and internal control, where accountability does not rest with automated systems or compliance teams.
Instead, top management is expected to ensure that regulatory requirements are incorporated into day-to-day operations and decision-making processes.
External transfers and new services
Inspectors also pointed out weaknesses beyond customer onboarding.
Inspectors identified 19 virtual assets involving three offshore virtual asset service providers that were not properly reported.
South Korean laws require exchanges to disclose relationships with foreign entities and limit transactions with unregistered suppliers.
In addition, the FIU identified 655 cases where Corbitt did not conduct a mandatory money laundering risk assessment before introducing new transaction types.
These include fast-growing token-linked services that remain subject to the same compliance obligations as other digital asset products.
The effect of time and sector
The enforcement action comes just days after Mirae Asset was said to be considering acquiring 92% of Corbitt for up to 140 billion won ($97 million).
Corbit is currently the fourth largest exchange among South Korea's six integrated crypto platforms, placing it firmly in the regulator's line of sight.
FIU said the full details of the penalty will be made public after at least 10 days of comment.
