Liability of financial companies or electronic financial business operators
Liability for accidents because of forgery or alteration of access media (passwords, biometric information, security cards, cash cards, etc.)
- Financial companies or electronic financial business operators are liable to compensate for damages to users in the event of any of the following accidents (Article 9(1) of the Electronic Financial Transactions Act):
· Accidents caused by forgery or alteration of access media;
· Accidents occurring during the electronic transmission or processing of contract conclusion or transaction instructions; or
· Accidents caused by unauthorized access to electronic devices or communication networks for electronic financial transactions and using access media obtained through deceit or other unfair means.
※“Financial company” refers to banks, community credit cooperatives, post offices, etc., as defined in Subparagraph 1 of Article 2 of the Act on Real Name Financial Transactions and Confidentiality and Article 2 of the Enforcement Decree of the Act on Real Name Financial Transactions and Confidentiality.
- However, financial companies or electronic financial business operators can make the user bear all or part of the liability in any of the following cases (Article 9(2) of the Electronic Financial Transactions Act):
1. If there is an agreement in advance with the user that the user can bear all or part of the liability in case of an accident because of the user’s intentional or gross negligence; or
2. If the user is a corporation (excluding small businesses as defined in Article 2(2) of the Basic Small and Medium Enterprise Act) and the financial company or electronic financial business operator has established security procedures to prevent accidents and has diligently complied with them.
- The intentional or gross negligence of the user mentioned in the above number 1. is limited to what is stated in the terms and conditions on electronic financial transactions (hereinafter “terms and conditions”) (Article 9(3) of the Electronic Financial Transactions Act; Article 8 of the Enforcement Decree of the Electronic Financial Transactions Act) within the following scope:
1. If the user lends the access media to a third party, delegates its use, or provides it for transfer or collateral (excluding the transfer or provision of prepaid electronic payment means or electronic currency as collateral);
2. If a third party, without authority, uses the user’s access medium for electronic financial transactions, and the user knew or could easily have known this but still leaked, exposed, or neglected the access medium;
3. If a financial company or electronic financial business operator requires additional security measures for electronic financial transactions to enhance security, and the user refuses without a valid reason, leading to unauthorized access to electronic devices or information networks using the access medium obtained through deceit or other fraudulent means, resulting in an accident; or
4. If the user commits any of the following actions regarding the medium, means, or information used for the additional security measures mentioned in 3, above, leading to unauthorized access to electronic devices or information networks using the access medium obtained through deceit or other fraudulent means, resulting in an accident:
√ Leaking, exposing, or neglecting the access medium
√ Lending the access medium to a third party, delegating its use, or providing it for transfer or collateral
Liability for the loss and theft of the access medium
- From the moment a financial company or electronic financial business operator receives a notification from a user about the loss or theft of the access medium, they are responsible for compensating the user for any damages caused by a third party using that access medium (the main body of Article 10(1) of the Electronic Financial Transactions Act).
Specification and notification of terms and conditions
Obligation to specify and explain terms and conditions:
- When entering into an electronic financial transaction contract with a user, a financial company or electronic financial business operator must specify the terms and conditions. Upon the user’s request, they must provide a copy of the terms and conditions via electronic document transmission (including email), facsimile (FAX), mail, or direct issuance. They must also explain the main content of the terms and conditions to the user using one of the following methods [Article 24(1) of the Electronic Financial Transactions Act; Article 40(2) and (3) of the
Electronic Financial Supervision Regulations]:
· Directly explaining the important content of the terms and conditions to the user; or
· Displaying an explanation of the important content of the terms and conditions on an electronic device in a way that is easy for the user to understand and receiving an electronic acknowledgment from the user that they have fully understood.
- If a financial company or electronic financial business operator violates the obligation to specify and explain the terms and conditions when entering into a contract, they cannot assert the content of those terms and conditions as part of the contract (Article 24(2) of the Electronic Financial Transactions Act).
Obligation to notify when changing terms and conditions
- When a financial company or electronic financial business operator changes the terms and conditions, they must post the changed terms and conditions on the electronic device used for the relevant electronic financial transaction (or on an alternative device designated by the financial company, etc., if posting on the original device is infeasible) at least 1 month before the implementation date of the changed terms and conditions and notify the user. If the user objects, the financial company or electronic financial business operator must confirm that they have appropriately notified the user of the changes (the main body of Article 24(3) Electronic Financial Transactions Act; Article 40(4) of the Electronic Financial Supervision Regulations).
· However, if the terms and conditions are urgently changed because of a revision of the law, the changed terms and conditions must be posted on the electronic device for at least 1 month and the user must be notified (proviso to Article 24(3) of the Electronic Financial Transactions Act; Article 40(5) of the Electronic Financial Supervision Regulations).
- Users can terminate the electronic financial transaction contract until the business day before the implementation date of the changed terms and conditions after the changes have been posted or notified (former part of Article 24(4) of the Electronic Financial Transactions Act).
· If the user does not object to the changes within the specified period, it is considered that they have approved the changes (latter part of Article 24(4) of the Electronic Financial Transactions Act).
Penalties for violations:
- If the obligation to specify, explain, provide, post, or notify the terms and conditions is violated, an administrative fine of up to KRW 10 million will be imposed (Article 51(3)8 of the Electronic Financial Transactions Act).
Dispute resolution and mediation
Handling disputes over compensation
- If a user has an objection regarding the processing of an electronic financial transaction, they can apply for dispute resolution, such as compensation, in writing (including electronic documents) or using an electronic device at the head office or branch of the financial company or electronic financial business operator (Article 27(2) of the Electronic Financial Transactions Act; former part of Article 14(2) of the Enforcement Decree of the Electronic Financial Transactions Act).
- In such case, the financial company or electronic financial business operator must inform the user of the results of the investigation or handling of damage compensation and other disputes within 15 days (latter part of Article 14(2) of the Enforcement Decree of the Electronic Financial Transactions Act).
Dispute mediation application
- If a user has an objection regarding the processing of electronic financial transactions, they can apply for dispute mediation to the Financial Dispute Mediation Committee of the Financial Supervisory Service or the Consumer Dispute Mediation Committee of the Korea Consumer Agency (Article 27(2) of the Electronic Financial Transactions Act; Article 14(3) of the Enforcement Decree of the Electronic Financial Transactions Act).