Blab AI
South Korea Introduces Self-Regulatory AI Conduct Standards for Financial Sector, Emphasizing Human Accountability
South Korea’s financial watchdog is tightening the reins on artificial intelligence. On June 22 2026, the Financial Services Commission (FSC) rolled out a revised set of conduct standards that will compel banks, insurers, fintechs, card issuers and electronic payment providers to embed human accountability into every AI‑driven decision.
The new framework, unveiled at an AI transformation (AX) meeting on June 18, lays out seven core principles: governance, legitimacy, human supervision, data and model credibility, financial stability, good‑faith conduct, and security. Before applying the guidelines, firms must evaluate their internal resources, the breadth of AI deployment and the risk profile of their services. AI systems deemed high‑impact, or those falling under the Framework Act on the Development of Artificial Intelligence and the Creation of a Foundation for Trust, trigger mandatory compliance.
For insurers, the human‑supervision rule takes center stage. It treats AI as an assistive tool, placing ultimate decision‑making power in the hands of a human supervisor. Under the new rules, an insurer that uses AI for underwriting, claims assessment or customer‑facing services must establish a clear line of accountability for the AI’s recommendations. The FSC said it will refine the accountability structure in future rule‑making.
The security principle introduces a continuous‑review mandate. Insurers handling large volumes of policyholder data must set up cybersecurity standards that are regularly updated. To ease the burden, the FSC announced on May 22 that it will relax network‑separation rules for AI‑based cybersecurity tools. Forty‑nine institutions with at least 10 trillion Korean won in assets and a regular headcount of 1,000 or more qualify for this easing. Reviews will unfold in three phases through the fourth quarter of 2026. Firms that do not meet the threshold will receive AI vulnerability assessments from the Financial Security Institute (FSI) for up to 17 companies through July.
The FSC will publish an AI risk‑management framework, while the FSI will release an accompanying AI security guidebook. An AI guidelines helpdesk will also be set up to answer compliance questions.
Although the current framework is self‑regulatory, FSC vice‑chairman Kwon Dae‑young described it as an interim step. He warned that as AI agents take on larger roles in recommending financial products, processing subscriptions and handling payments, authorities will likely consider rules on AI responsibility and authority. Kwon stressed the need for clear lines of responsibility and international consistency to maintain a level playing field.
The FSC also plans to test AI agent operations through a financial regulatory sandbox before broader implementation. In parallel, the agency is pursuing changes to rules on personal credit data consent and data pseudonymization.
A recent Aon Human Capital Trends Study, released in June 2026, found that 74 % of organizations in the Asia‑Pacific region have deployed or are piloting AI, slightly above the global figure of 73 %. However, only 21 % of respondents felt confident in recruiting and retaining adequate AI talent, below the global average of 24 %. The study highlights a workforce gap that could constrain insurers’ ability to meet the human‑supervision and governance requirements of the new guidelines.
The FSC’s emphasis on human accountability reflects a broader regulatory trend in South Korea. The agency’s statements about AI supervision of AI agents as a consumer‑protection mechanism underscore the potential for AI‑driven oversight tools to shape compliance and governance structures.
In summary, the FSC’s revised AI conduct standards create a voluntary but comprehensive framework that obliges financial firms to embed human oversight, maintain robust cybersecurity, and align with existing regulatory obligations. The guidelines are a precursor to potential binding rules, and the network‑separation easing offers insurers a practical path to upgrade their security infrastructure. The coming months will see the FSC’s risk‑management framework and security guidebook released, and the regulatory sandbox will test AI agent operations. Insurers and other financial institutions will need to assess their talent readiness and governance structures to comply with the new expectations.
The new framework, unveiled at an AI transformation (AX) meeting on June 18, lays out seven core principles: governance, legitimacy, human supervision, data and model credibility, financial stability, good‑faith conduct, and security. Before applying the guidelines, firms must evaluate their internal resources, the breadth of AI deployment and the risk profile of their services. AI systems deemed high‑impact, or those falling under the Framework Act on the Development of Artificial Intelligence and the Creation of a Foundation for Trust, trigger mandatory compliance.
For insurers, the human‑supervision rule takes center stage. It treats AI as an assistive tool, placing ultimate decision‑making power in the hands of a human supervisor. Under the new rules, an insurer that uses AI for underwriting, claims assessment or customer‑facing services must establish a clear line of accountability for the AI’s recommendations. The FSC said it will refine the accountability structure in future rule‑making.
The security principle introduces a continuous‑review mandate. Insurers handling large volumes of policyholder data must set up cybersecurity standards that are regularly updated. To ease the burden, the FSC announced on May 22 that it will relax network‑separation rules for AI‑based cybersecurity tools. Forty‑nine institutions with at least 10 trillion Korean won in assets and a regular headcount of 1,000 or more qualify for this easing. Reviews will unfold in three phases through the fourth quarter of 2026. Firms that do not meet the threshold will receive AI vulnerability assessments from the Financial Security Institute (FSI) for up to 17 companies through July.
The FSC will publish an AI risk‑management framework, while the FSI will release an accompanying AI security guidebook. An AI guidelines helpdesk will also be set up to answer compliance questions.
Although the current framework is self‑regulatory, FSC vice‑chairman Kwon Dae‑young described it as an interim step. He warned that as AI agents take on larger roles in recommending financial products, processing subscriptions and handling payments, authorities will likely consider rules on AI responsibility and authority. Kwon stressed the need for clear lines of responsibility and international consistency to maintain a level playing field.
The FSC also plans to test AI agent operations through a financial regulatory sandbox before broader implementation. In parallel, the agency is pursuing changes to rules on personal credit data consent and data pseudonymization.
A recent Aon Human Capital Trends Study, released in June 2026, found that 74 % of organizations in the Asia‑Pacific region have deployed or are piloting AI, slightly above the global figure of 73 %. However, only 21 % of respondents felt confident in recruiting and retaining adequate AI talent, below the global average of 24 %. The study highlights a workforce gap that could constrain insurers’ ability to meet the human‑supervision and governance requirements of the new guidelines.
The FSC’s emphasis on human accountability reflects a broader regulatory trend in South Korea. The agency’s statements about AI supervision of AI agents as a consumer‑protection mechanism underscore the potential for AI‑driven oversight tools to shape compliance and governance structures.
In summary, the FSC’s revised AI conduct standards create a voluntary but comprehensive framework that obliges financial firms to embed human oversight, maintain robust cybersecurity, and align with existing regulatory obligations. The guidelines are a precursor to potential binding rules, and the network‑separation easing offers insurers a practical path to upgrade their security infrastructure. The coming months will see the FSC’s risk‑management framework and security guidebook released, and the regulatory sandbox will test AI agent operations. Insurers and other financial institutions will need to assess their talent readiness and governance structures to comply with the new expectations.
