Uppsala Security, a provider of cybersecurity tools for crypto AML, risk management, and regulatory compliance, announced today the signing of a contract to build a ‘Virtual Asset AML’ solution for crypto exchange Coin&Coin that complies with the amendment of the Special Money Act in South Korea.
Coin & Coin is a cryptocurrency exchange based in South Korea that has introduced various security services such as KT FSCD (Financial Security Data Center) and BitGo multisig wallet and is the 13th exchange to receive official ISMS (Information Security Management System) approval before the amendment of the Special Money Act in South Korea.
Uppsala Security cited ISMS certification, KYC, the existing financial sector (legal currency) AML, and virtual asset AML as essential conditions to comply with the amendment of the Special Money Act. However, they stressed that the most important issue in complying with the FATF (Financial Action Task Force) recommendations and that the domestic Special Money Act is designated to establish a ‘Virtual Asset AML’ system in accordance with the RBA (Risk-Based Approach).
Existing financial AML refers to a series of procedures to identify users of various services through customer identity verification (KYC), comprehensively analyze whether they have committed any suspicious activities, such as Money Laundering or Terrorist Financing, and report them to the FIU (Financial Intelligence Unit).
However, since this is limited to reports of suspected transactions in legal currency (cash), it means that VASPs (virtual asset companies) need to have a separate ‘Virtual Asset AML’ system in order to comply with the revision bill of the Special Money Act. In other words, real-time monitoring of blacklisted wallet addresses involved in phishing, fraud, hacking, etc. must be continued through the virtual asset AML solution, and a virtual asset STR (suspicious transaction report) must be prepared and submitted to KoFIU (Korea Financial Intelligence Unit) within 3 business days in South Korea.
An official of Uppsala said, “From a security perspective, AML-related systems such as virtual asset threat blacklist and database reported to KoFIU should be separated from the external network (Internet) and secured in the company’s internal network. In that sense, Coin&Coin exchange will be able to identify risk wallet addresses and track suspicious transactions by building its own virtual currency threat database (TRDB) in its internal network and maintaining a blacklist database of virtual asset wallet addresses.”
“Even if the KYC (Know Your Customer) – the AML of legal currency, is performed, the report submitted to KoFIU would still be a half-finished STR unless the virtual asset AML is established separately. The Coin&Coin exchange has already been ISMS certified and introduced the existing AML with KYC through Octa Solution. In addition, through this contract, we can confirm that they meet all the conditions specified in the Special Money Act amendment by implementing our new internal construction virtual asset AML solution, the Threat Reputation Database On-premise Management System (TOMS).”
– Ku Min-Woo, Korea Country Manager at Uppsala Security
Meanwhile, Uppsala Security provides 57 million crowdsourced Threat Intelligence Indicators in its Threat Reputation Database (TRDB) and in September 2020 was selected by the Ministry of Science and ICT as a demanding company for AI Data Processing Voucher Project.
”We have focused all our capabilities on protecting the assets of our customers and always maintained this as our top priority. Through this AML contract with Uppsala Security, we hope to fulfill all the requirements necessary to comply with the Special Money Act obligations as a VASP (virtual asset service provider) and by doing so, to deliver even more trust to our users.”
– Jeon Hyeonpung, CEO of the Coin&Coin Exchange