Licentium

Fintech Licensing Hub

South Korea

South Korea regulates crypto and payments under the FSC/FSS and keeps gambling closed to its citizens. Crypto is two-phase: the Virtual Asset User Protection Act (VAUPA, in force 19 July 2024) governs user protection, plus VASP registration with KoFIU (ISMS certification, real-name bank accounts, travel rule) under the Specified Financial Information Act — while a second-phase Digital Asset Basic Act covering issuance, disclosure and won-pegged stablecoins has stalled into 2026 over who may issue stablecoins. Payments and e-money run under the Electronic Financial Transactions Act (FSC-licensed e-money; registered prepaid/PG businesses); gambling is prohibited for Korean nationals by the Criminal Act except narrow state channels — foreigner-only casinos (Kangwon Land the sole locals exception), Sports Toto, lottery and racing monopolies — and online gambling is illegal and offshore sites are blocked.

Available licences

Crypto — VASP Registration (KoFIU; Specified Financial Information Act)

Any virtual asset service provider with effects in Korea must register with KoFIU after obtaining ISMS certification and a real-name verified bank account, and must run AML/CFT controls (CDD, suspicious- and currency-transaction reporting, travel rule); the regime applies to foreign VASPs serving Korean users.

Crypto — VAUPA Operating Framework (FSC / FSS)

Registered VASPs operate under the Virtual Asset User Protection Act: user deposits held at banks (with interest paid to users), segregation of customer virtual assets, at least 80% cold storage, hacking/failure insurance or reserves, 15-year record retention, and strict prohibitions on insider trading, market manipulation and wash trading.

Crypto — Stablecoin Issuer Licence (FSC; Digital Asset Basic Act — pending)

The proposed second-phase framework would require a stablecoin issuer to be licensed by the FSC, with reserve backing, redemption-at-par rights, governance and audit obligations; competing bills set differing capital floors and treat foreign-issued stablecoins (e.g. requiring a local branch/subsidiary) differently. Not yet enacted.

Crypto — Security Token Offering under the Capital Markets Act (FSC; FSCMA)

Tokens with the characteristics of a security fall under the Financial Investment Services and Capital Markets Act, with issuance, disclosure and trading subject to securities regulation; an enabling STO framework has been progressing through the National Assembly.

Payments — Electronic Currency Issuance Licence (FSC; EFTA)

Issuing and managing electronic currency (e-money) requires an FSC licence, with capital, governance and user-fund-protection requirements.

Payments — Electronic Financial Business Registration (FSC; EFTA)

Electronic prepayment means (prepaid), electronic payment settlement agency (payment gateway), electronic debit and similar businesses must register with the FSC (supervised by the FSS); a 2024 amendment expanded the prepaid registration perimeter and strengthened user-fund safeguarding, and the Digital Finance Transformation Plan adds MyPayment (payment initiation) and comprehensive payment services.

Banking — Banking Licence (FSC; Banking Act)

Deposit-taking and banking require an FSC licence and FSS supervision, with full capital, governance and prudential requirements (including internet-only banks).

Gambling — Casino Licence (MCST; Tourism Promotion Act)

Casino operation is licensed by the Ministry of Culture, Sports and Tourism and confined to foreigner-only integrated resorts (e.g. in Seoul, Busan, Jeju and Incheon), with Kangwon Land the sole casino Korean nationals may enter (under separate abandoned-mine-area legislation).

Gambling — State-Monopoly Betting & Lottery (Sports Toto, lottery, racing)

Sports betting (Sports Toto under the National Sports Promotion Act), the national lottery (Lottery Tickets and Lottery Fund Act) and horse/cycle/boat racing are operated exclusively by designated state entities; no private licences are available.

Detailed overview

South Korea at a glance

South Korea regulates crypto and payments under the FSC/FSS and keeps gambling closed to citizens. Crypto is two-phase: VAUPA (in force 19 July 2024) for user protection, plus VASP registration with KoFIU (ISMS, real-name accounts, travel rule) under the Specified Financial Information Act; the second-phase Digital Asset Basic Act (issuance, disclosure, won stablecoins) is stalled into 2026 over stablecoin-issuer authority. Payments and e-money run under the EFTA (FSC-licensed e-money; registered prepaid/PG). Gambling is prohibited for nationals by the Criminal Act except narrow state channels — foreigner-only casinos (Kangwon Land the sole locals exception), Sports Toto, lottery and racing; online gambling is illegal and blocked.

Crypto regime — two-phase, user-protection-first, stablecoin reform stalled:

  • VAUPA (in force 19 July 2024) — South Korea's first-stage crypto statute: user deposits held at banks (interest paid to users), segregation of customer virtual assets, at least 80% cold storage, hacking/failure insurance or reserves (minimum KRW 3bn for won-market exchanges, KRW 500m for others), 15-year records, and prohibitions on insider trading, market manipulation, wash trading and certain self-issued-asset trades; FSC/FSS supervision, with penalty surcharges, criminal penalties and administrative fines
  • VASP registration (Specified Financial Information Act; KoFIU) — mandatory since 2021; requires ISMS certification and a real-name verified bank account, plus AML/CFT and travel-rule compliance; applies to foreign VASPs serving Korean users (real-name accounts are a practical bottleneck, as banks are conservative)
  • Digital Asset Basic Act (second phase; pending) — would add issuance, disclosure and a stablecoin-issuer regime (and reportedly re-open ICOs and address tokenised RWAs); multiple competing bills emerged in 2025, but passage stalled into 2026 over who may issue won-pegged stablecoins (the Bank of Korea pressing for bank-led issuance; the FSC favouring broader fintech participation) and how to treat foreign-issued stablecoins (e.g. requiring a local branch/subsidiary)
  • Stablecoins today — treated simply as "virtual assets" under VAUPA; a dedicated regime is coming, with major groups (Kakao, Naver/Dunamu) and banks running won-stablecoin pilots; the Bank of Korea has paused its CBDC pilot amid the stablecoin debate
  • Securities tokens — security-type tokens fall under the Capital Markets Act (FSCMA); an STO framework has been advancing
  • Enforcement and tax — a multi-agency joint investigation unit targets virtual-asset crime; crypto gains taxation has been repeatedly deferred (confirm the current effective date)

Payments and e-money regime (Electronic Financial Transactions Act):

  • EFTA (FSC/FSS) — defines "electronic financial business"; issuance and management of electronic currency requires an FSC licence, while other electronic financial businesses (electronic prepayment means/prepaid, electronic payment settlement agency/payment gateway, electronic debit, etc.) require registration
  • 2024 EFTA amendment (effective 15 September 2024) — expanded the prepaid-registration perimeter, strengthened merchant-management and user-fund-safeguarding obligations (following losses at unregistered prepaid providers), and enabled BNPL via prepaid providers with FSC approval
  • Digital Finance Transformation Plan — reorganises electronic financial businesses into functional categories and adds MyPayment (payment initiation without holding funds) and comprehensive/one-stop payment services
  • Banking and rails — FSC-licensed banks (including internet-only banks) under the Banking Act; domestic clearing via the Korea Financial Telecommunications & Clearings Institute and open banking; large fintech wallets (KakaoPay, Naver Pay, Toss)
  • Currency: Korean won (KRW), a managed float (the Bank of Korea smooths volatility), within an FX framework where cross-border flows are reported under the Foreign Exchange Transactions Act

Gambling regime — closed to citizens, narrow state channels:

  • Criminal Act (Article 246) — gambling is illegal for Korean nationals unless small-stakes entertainment or state-authorised; this extends to online gambling and to participation with foreign/offshore operators (citizens can be prosecuted for gambling abroad or online)
  • Casinos (Tourism Promotion Act; MCST) — around 17–18 foreigner-only casinos (Seoul, Busan, Jeju, and Incheon's Inspire resort), with Kangwon Land the sole casino Korean nationals may enter (under abandoned-mine-area legislation), subject to entry limits, bet caps and cooling-off controls
  • Sports betting (Sports Toto) — a state monopoly under the National Sports Promotion Act, operated through the Korea Sports Promotion Foundation on a lottery/pari-mutuel model, with bet and winnings caps
  • Lottery — a state monopoly under the Lottery Tickets and Lottery Fund Act (Ministry of Economy and Finance)
  • Racing — horse racing (Korea Racing Authority), cycle and motorboat racing operated under their respective acts
  • Online gambling — illegal for citizens; ISPs block offshore sites and financial institutions block gambling-related transactions; only limited official online sales (lottery, some Sports Toto)
  • Oversight — the National Gambling Control Commission supervises the industry and sets sales caps; the National Police Agency enforces against illegal gambling; minimum age 19

Last verified: May 2026. Reference rate: USD 1 = KRW 1,380 (KRW 1,000 ≈ USD 0.72). The won is a managed float; the Bank of Korea smooths excessive volatility, and cross-border capital flows are reported under the Foreign Exchange Transactions Act.

South Korea is an FSC-led, user-protection-first jurisdiction: VAUPA and KoFIU registration govern crypto today (with a stablecoin and issuance framework stalled into 2026), the EFTA governs e-money and payments (licensed e-money, registered prepaid/PG), and gambling is a closed system — foreigner-only casinos plus Kangwon Land, and state monopolies for Sports Toto, lottery and racing, with online gambling illegal and blocked.

Is there a crypto licence in South Korea?

Yes for trading, not yet for issuance. A virtual asset service provider registers with KoFIU (after ISMS certification and a real-name bank account) and operates under VAUPA's user-protection rules. A second-phase Digital Asset Basic Act that would license stablecoin issuers and govern token issuance is drafted but stalled into 2026.

The legal foundation:

  • Specified Financial Information Act — VASP registration with KoFIU (ISMS, real-name account, AML, travel rule)
  • VAUPA (since 19 July 2024) — user-asset protection, cold storage, insurance, unfair-trading prohibitions
  • Digital Asset Basic Act (pending) — issuance, disclosure and stablecoin-issuer licensing
  • Capital Markets Act (FSCMA) — security-type tokens
  • Foreign Exchange Transactions Act — relevant to cross-border and (in draft proposals) stablecoin treatment

Structure:

  • A Korean entity (or a foreign VASP within scope) with ISMS certification and a real-name bank-account arrangement; VAUPA-compliant custody (bank-held deposits, 80% cold storage), insurance/reserves, and market-conduct controls
  • Won-market trading depends on a bank real-name account partnership — a significant practical gatekeeper that few exchanges have secured
  • Stablecoin and token issuance await the second-phase law; issuers should prepare for FSC licensing once enacted

Operational reality:

  • Korea is one of Asia's largest, most active retail crypto markets, but the regime is protection-first and enforcement-active (a multi-agency joint investigation unit)
  • The real-name-account requirement and banks' caution are the key barriers to entry; offshore-only models targeting Koreans are squarely in scope
  • Korean registration does not passport into the EU (a MiCA CASP authorisation is separate); independent Korean financial, AML and FX counsel and early FSC/KoFIU engagement are essential

Payments & E-money (FSC — Electronic Financial Transactions Act)

Best for e-money, prepaid, payment-gateway and payment-initiation operators prepared to obtain an FSC electronic-currency licence or an electronic-financial-business registration and meet capital and user-fund-safeguarding standards.

What it is: A licensing-and-registration regime under the EFTA, supervised by the FSC and FSS, covering electronic currency (e-money, licensed), prepaid and payment-gateway businesses (registered), and new MyPayment/comprehensive payment services under the Digital Finance Transformation Plan.

Who it suits: E-money and prepaid issuers, payment gateways and settlement agents, wallet and BNPL providers, and payment-initiation/comprehensive-service fintechs, plus banks.

Covers: Electronic-currency issuance, prepaid payment instruments, payment-gateway/settlement, electronic debit, and (newly) payment initiation and one-stop payment services.

Operational requirement: A Korean entity; an FSC licence (e-money) or registration (prepaid/PG/other); capital and governance requirements; safeguarding of user funds (strengthened by the 2024 amendment); FSS supervision; integration with domestic clearing and open banking.

Headline figures

  • Primary instruments: Electronic Financial Transactions Act (and 2024 amendment); Banking Act; Foreign Exchange Transactions Act
  • Regulators: FSC (licensing/policy); FSS (supervision)
  • Authorisation type: licence for electronic currency; registration for prepaid/payment-gateway and other electronic financial businesses
  • User protection: fund-safeguarding and merchant-management obligations strengthened in 2024
  • Innovation: MyPayment (payment initiation) and comprehensive payment services under the Digital Finance Transformation Plan
  • Currency: KRW, managed float; cross-border flows reported under the Foreign Exchange Transactions Act

Is there a gambling licence in South Korea?

Only in a closed, mostly foreigner-facing form. The Criminal Act prohibits gambling for Korean nationals except for narrow state-run channels: foreigner-only casinos (with Kangwon Land the sole casino locals may enter) under the Tourism Promotion Act, and state monopolies for Sports Toto, the lottery and horse/cycle/boat racing. Online gambling is illegal and offshore sites are blocked.

The legal foundation:

  • Criminal Act (Article 246) — gambling illegal for nationals unless authorised; extends to online and offshore participation
  • Tourism Promotion Act — casino licensing (foreigner-only; Kangwon Land via separate legislation)
  • National Sports Promotion Act; Lottery Tickets and Lottery Fund Act; Korea Racing Authority Act; Bicycle and Motorboat Racing Act — state-monopoly betting, lottery and racing
  • Oversight — National Gambling Control Commission (supervision/caps); National Police Agency (enforcement)

Structure:

  • Casinos — foreigner-only integrated resorts (MCST-licensed); Kangwon Land for locals, with strict entry/bet limits
  • Sports/lottery/racing — exclusive state operators; no private licences
  • Online — illegal for citizens; ISP and payment blocking of offshore operators; limited official online lottery/Sports Toto only
  • Minimum age 19; bet and winnings caps; strong responsible-gambling controls

Gambling — Casino Licence (MCST; Tourism Promotion Act) & State Monopolies

Best for foreigner-facing integrated-resort operators and designated state entities; not for private online, sports-betting or locals-facing operators.

What it is: An MCST casino licence (confined to foreigner-only resorts, plus Kangwon Land for locals under separate legislation), alongside exclusive state monopolies for Sports Toto, the lottery and racing.

Who it suits: Foreigner-only integrated-resort casino operators; not private online, sports-betting, lottery or locals-facing operators, which cannot be licensed.

Covers: Foreigner-only casino gambling (and Kangwon Land for nationals); state-operated sports betting, lottery and racing; not private or online gambling.

Operational requirement: Casino must be ancillary to a qualifying tourist hotel/conference facility (with foreign-investment conditions in Jeju); MCST licensing and probity; AML/CFT; nationality verification for foreigner-only venues; responsible-gambling controls; corporate tax and earmarked fund contributions.

Headline figures

  • Primary instruments: Criminal Act; Tourism Promotion Act; National Sports Promotion Act; Lottery Tickets and Lottery Fund Act; racing acts
  • Regulators: MCST (casinos/sports/racing policy); Ministry of Economy and Finance (lottery); National Gambling Control Commission (supervision); National Police Agency (enforcement)
  • Market access: closed — foreigner-only casinos plus Kangwon Land; state monopolies for betting/lottery/racing; no private or online licences
  • Tax: general corporate income tax; casinos contribute to tourism/abandoned-mine and public-interest funds
  • Player protection: min age 19; entry, bet and winnings caps; offshore blocking

Costs and timelines at a glance

  • Crypto: VASP registration with KoFIU (ISMS + real-name bank account; Specified Financial Information Act) operating under VAUPA (bank-held deposits, 80% cold storage, insurance/reserves — min KRW 3bn won-market / KRW 500m others); second-phase Digital Asset Basic Act (issuance, disclosure, stablecoin-issuer licence) drafted but stalled into 2026; security tokens under the Capital Markets Act; crypto-gains tax repeatedly deferred
  • Payments primary instruments: Electronic Financial Transactions Act (2024 amendment); Banking Act; Foreign Exchange Transactions Act
  • Payments regulators: FSC (licence for e-money; registration for prepaid/PG); FSS (supervision)
  • Banking entry: FSC banking licence (incl. internet-only banks); substantial capital and prudential requirements
  • Reform pipeline: Digital Asset Basic Act and won-stablecoin framework (issuer-authority dispute); MyPayment and comprehensive payment services; STO framework
  • Gambling: Criminal Act prohibition for nationals; foreigner-only casinos + Kangwon Land (Tourism Promotion Act, MCST); Sports Toto, lottery and racing state monopolies; online illegal and blocked; min age 19
  • Currency: KRW, managed float; cross-border flows reported (Foreign Exchange Transactions Act)
  • FX: USD 1 = KRW 1,380 (KRW 1,000 ≈ USD 0.72)

Who South Korea suits and who it does not

Suitable for

  • Virtual asset exchanges and custodians able to obtain ISMS certification and a real-name bank account, register with KoFIU and meet VAUPA's segregation, cold-storage and insurance requirements in a very large domestic market
  • Groups preparing for the second-phase regime — won-stablecoin issuers, token issuers and (eventually) STO platforms — willing to build toward FSC licensing once the Digital Asset Basic Act is enacted
  • E-money, prepaid, payment-gateway and payment-initiation operators able to obtain an EFTA licence or registration and meet user-fund-safeguarding standards, in a highly digitised payments market
  • Foreigner-only integrated-resort casino operators able to meet MCST tourism and probity requirements and target inbound tourism
  • Groups that value a large, advanced, well-regulated economy with strong consumer protection and clear FSC-led supervision

Not suitable for

  • Crypto firms wanting a settled issuance or stablecoin licence today — the second-phase law is stalled into 2026, and issuance is not yet permitted
  • Offshore-only crypto operators targeting Koreans without ISMS, a real-name account and KoFIU registration — these are in scope and enforcement-exposed
  • Crypto or payment businesses needing EU passporting — Korean authorisations do not passport (a MiCA CASP authorisation is separate)
  • Payment firms expecting an EU-style EMI passport, or those uncomfortable with won FX-reporting controls
  • Any private, online or locals-facing gambling operator — gambling is closed to nationals, online gambling is illegal and blocked, and only foreigner-only casinos and state monopolies exist

Ready to launch without the regulatory guesswork?

Book a 30-minute consultation with a senior advisor and talk through your route.

Get Started