Virtual Asset Service Provider (VASP) is literally a person who operates a virtual asset transaction. This may apply if any of the virtual assets are sold, bought, exchanged, stored, transferred, managed, transaction relay or transaction agents.
The amendments to The Special Financial Information Act require virtual asset operators to receive VASP acceptance of a report from the Korea Financial Intelligence Unit (FIU).
FIU classifies cryptocurrency exchanges, wallet service providers, and entrusted service providers as reporting targets. P2P (Peer to Peer) is not viewed as a virtual asset business. Therefore, most entities dealing with virtual assets are subject to reporting if they are not P2P.
For now, the acceptance of a report must meet the prerequisites specified by the Special Act. The deposit of the customer and the inherent of the business operator shall be kept separately, and the certification of the Information Security Management System (ISMS) shall be obtained. In addition, entry barriers are never low, with real-name authentication virtual accounts having to be issued from financial companies.
According to the government's VASP report manual, Report forms, ISMS certificates, Real-name deposit accounts (real-name accounts), Financial violations of laws, and Career in revoking authority documents are needed. However, if legal currency is not used to exchange, transfer, store, manage, and broker cryptocurrency among VASPs, real-name accounts do not need to be submitted.
Issuing the account is one of the biggest issues. In order to repair the VASP report, the account must be issued by a bank under the Banking Act.
The requirements for meeting the issuance of real-name accounts are as follows:
1. Anti Money laundering (AML) / Countering the Financing of Terrorism (CFT) risk assessment results
2. Distinguish and manage deposits between the company and customers
3. ISMS Certification
4. Whether five years have not been passed since violations of financial-related laws and cancellation of reports
5. Separate and manage transaction details by customer
However, the bank is not obliged to issue a real-name account just because all of the conditions are met. In addition to the fulfillment requirements, the accounts will be issued according to the bank's own standards.
Once the documents are prepared, the FIU will file a report and request the Financial Supervisory Service to review it. They will review the reporting requirements and notify the results to FIU and the FIU will notify the reporter of whether to accept it.
It takes up to three months from receipt of a VASP report to repair, but depending on the situation, additional submission documents may be added. For example, if it took 10 days to receive additional documents to compensate for problems, such as missing criminal facts in a report submitted by an exchange named A, the results could be up to 3 months and 10 days.
The validity period of the VASP shall be determined by Presidential Decree within a range of not more than five years from the date on which the declaration is made. Currently, the financial authorities have set a policy to set the validity period of ISMS certification to three years, but it is likely to increase within five years.
If the report is changed, the report must be made within 30 days, and in order to renew the report, the renewal must be reported 45 days before the expiration of the expiration date. Failure to file a renewal notice will result in the revocation of authority.
Existing virtual asset businesses must complete the application of VASP reporting to FIU by September 24
Non-reported businesses are subject to be punished as unregistered businesses. They will be sentenced to up to five years in prison or fined up to 50 million won, and if they continue to operate without any report after punishment, they may be suspended.
Under the moratorium on the revision of the Special Act, which was announced from March 25, existing virtual asset businesses must receive report repairs by September 24. Virtual asset businesses received until this day will not be punished as undeclared businesses even after the grace period.
VASP is the first step to incorporate the virtual asset business system.
The VASP declaration means the incorporation of the virtual asset business into the system. The government is also showing its willingness to thoroughly manage virtual asset operators after September 24, when the grace period ends, to lead the market sound.
Because of this, industries are also moving quickly. Currently, the nation's four largest virtual asset exchanges, Bithumb, Upbit, Coinone, and Korbit, are planning to report collectively in June, while Coco Entertainment Korea, which is preparing for the virtual asset exchange, is also accelerating preparations to repair VASP reports, including ISMS certification.
Virtual asset operators such as Coco Entertainment Korea as well as the nation's four largest virtual asset exchanges are stepping up preparations for the repair of VASP
Some worry that many virtual asset companies will close their businesses after the end of the grace period for the Special Act. However, if one thinks differently, it could mean that virtual asset businesses that have completed VASP have been recognized for their security and soundness. This means that it could be an opportunity to distinguish between good and bad by repairing it. I hope that VASP will serve as an opportunity to achieve a safer and healthier virtual asset ecosystem that the virtual asset market grows quantitatively and qualitxatively.