Korea AML/KYC Updates 2026: What Foreign Companies Must Know

Introduction

Korea’s AML/KYC updates 2026 reflect a global trend: regulators expect deeper verification, clearer beneficial ownership records, and stronger internal controls—even for ordinary operating companies. Foreign businesses opening accounts, receiving cross‑border funds, or onboarding Korean clients are increasingly subject to enhanced due diligence.

This guide explains the Korea AML/KYC updates 2026, outlines the core legal obligations, and provides a practical compliance checklist for foreign‑invested companies. If your Korea operation touches banking, payments, or customer onboarding, these rules matter.

Korea AML/KYC Updates 2026: The Legal Framework

1) Act on Reporting and Using Specified Financial Transaction Information

The backbone of Korea’s AML regime is the Act on Reporting and Using Specified Financial Transaction Information (FTRA). FTRA Article 5 establishes customer due diligence (CDD) obligations, while FTRA Article 6 requires reporting of suspicious transactions. Financial institutions are the primary gatekeepers, but corporate clients are impacted because banks require extensive documentation before opening accounts or processing transactions.

2) Financial Transaction Real Name Act

Korea’s Financial Transaction Real Name Act Article 3 requires real‑name verification for financial transactions. This is why banks insist on business registration certificates, corporate seal certificates, and identification of responsible officers. Foreign companies often underestimate the amount of documentation required to satisfy real‑name rules.

3) Sector‑specific regulations and guidance

Regulatory guidance from the Financial Services Commission (FSC) and Financial Intelligence Unit (KoFIU) influences how banks apply risk‑based due diligence. Even if your business is not a regulated financial institution, your banking partners will demand AML‑compliant documentation to protect their own obligations.

What Has Tightened in 2026

1) Beneficial ownership transparency

Banks increasingly ask for ultimate beneficial owner (UBO) disclosures, especially where foreign shareholders are involved. Complex holding structures face enhanced scrutiny. While Korea does not yet have the same public registry obligations as some EU jurisdictions, in practice banks often require UBO declarations to open accounts or process significant inflows.

2) Purpose‑of‑transaction scrutiny

Large inbound transfers to a newly established Korean entity are now routinely flagged. Banks may request supporting documents such as shareholder resolutions, investment agreements, or invoices to verify the transaction purpose. This aligns with the risk‑based approach under FTRA Article 5.

3) Increased monitoring of foreign currency transactions

Foreign currency inflows and outflows must comply with the Foreign Exchange Transactions Act. Banks apply heightened scrutiny to cross‑border payments, including consulting contracts, management fees, or intercompany loans. Weak documentation can delay transactions or result in additional reporting obligations.

4) Risk‑rating and periodic reviews

Banks now assign internal risk ratings to corporate clients and conduct periodic reviews. High‑risk industries, complex ownership structures, or frequent cross‑border transfers can trigger enhanced reviews and requests for updated corporate documentation. Foreign companies should expect annual or semi‑annual refresh requests and prepare a compliance folder in advance.

Practical Compliance Implications for Foreign Companies

1) Bank account opening timelines

Account opening for foreign‑invested companies can now take several weeks. Banks often require: business registration certificate, corporate seal certificate, shareholder register, articles of incorporation, board resolutions, and identification of the local representative. For foreign shareholders, notarized and apostilled documents may be required.

2) Ongoing transaction monitoring

Even after the account is opened, banks will monitor unusual activity. A sudden spike in transactions or recurring transfers without clear economic purpose can trigger enhanced due diligence and temporary account restrictions.

3) Internal compliance policies

Foreign companies should implement internal policies for recording transaction purpose, maintaining UBO documentation, and documenting intercompany transfers. These policies are essential when banks conduct periodic reviews or request updated information.

Customer Onboarding and KYB Checks

If your Korea entity provides services to corporate clients, you may be asked to conduct your own KYC/KYB checks, especially when working with financial institutions or payment intermediaries. While the primary statutory obligations sit with regulated institutions, contractual requirements often flow down to service providers. In practice, foreign companies are expected to verify corporate registration, confirm beneficial owners, and screen against sanctions lists when onboarding large clients.

For high‑risk industries or cross‑border customers, banks may also request evidence of source‑of‑funds and source‑of‑wealth checks. Preparing a standard questionnaire and supporting document list helps your sales teams close deals without compliance delays.

Enforcement Risks and Penalties

The FTRA and related regulations allow administrative penalties and corrective orders when AML obligations are breached. Even if your company is not a regulated financial institution, non‑compliance can result in frozen accounts, delayed transactions, and reputational damage with banks and partners. For foreign investors, this can also affect capital injection timelines and visa sponsorship processes if funds are delayed.

In severe cases, repeated compliance failures can lead to enhanced monitoring by banks or even account termination. This is particularly disruptive for operating companies that depend on local payroll and vendor payments.

Comparison with US/EU AML Expectations

US and EU frameworks often impose direct obligations on a broader set of “obliged entities.” Korea’s system still centers on financial institutions, but the operational effect is similar because banks push compliance obligations onto corporate clients. If your compliance team is already prepared for US/UK/EU standards, you can adapt those policies to Korea by adding local documentation requirements and Korean‑language record keeping.

Case Scenario: Capital Injection to a Newly Formed Entity

A foreign investor wires USD 500,000 to a newly incorporated Korean subsidiary. The bank requests a shareholder resolution, investment agreement, and proof of the investor’s identity. The company provides only a wire confirmation and the articles of incorporation. The bank flags the transaction under FTRA Article 5 due diligence standards and freezes the account until additional documentation is submitted. This delay pushes back payroll and supplier payments by several weeks.

The lesson is that AML compliance in Korea is not only about legal risk; it is also about operational continuity.

Internal Controls, Training, and Record Retention

Even if your company is not a regulated financial institution, banks and counterparties increasingly expect AML‑aligned internal controls. That means appointing a responsible officer, documenting onboarding steps, and maintaining clear files for contracts, invoices, and shareholder approvals. If your Korea operation is part of a global compliance program, the local team should adapt the global policies to Korean documentary requirements and language expectations.

Training also matters. Front‑office staff who handle payments or client onboarding should understand how to respond to bank inquiries, what documents are required, and how to identify unusual transaction patterns. A simple internal training program reduces delays and helps avoid inconsistent responses to KYC requests.

If your business uses agents, distributors, or consultants in Korea, create a basic third‑party due diligence checklist. Banks and partners may ask how you verify intermediaries and commission payments. Clear documentation of contracts and services rendered helps prevent AML flags.

Finally, keep records organized. Korean banks may request historical transaction support during periodic reviews, so a consistent record‑retention system is essential.

It is also helpful to maintain a brief internal memo for each significant inbound or outbound transfer, summarizing the business purpose, counterparty, and supporting documents. This small step reduces friction when bank compliance teams request clarification months later.

Documentation Checklist for Smooth KYC Reviews

To avoid repeated bank requests, foreign companies should prepare a standardized KYC package: business registration certificate, corporate seal certificate, articles of incorporation, shareholder register, director ID, UBO declaration, board resolutions authorizing account opening, and key contracts explaining transaction purpose. For foreign parents or shareholders, notarized and apostilled corporate documents are often required.

Keeping a clean, updated package reduces onboarding time and makes periodic reviews much easier. For groups with multiple Korean entities, standardize the package across subsidiaries so each entity can respond quickly to KYC requests without repeated documentation work.

Consider keeping a short “KYC cover letter” that summarizes your business model, expected transaction types, and primary counterparties. Banks often appreciate a concise explanation, which can reduce back‑and‑forth requests.

A single point of contact for KYC requests also improves responsiveness and avoids inconsistent submissions from different teams, especially during audits and periodic reviews.

Practical Tips / Key Takeaways

• Prepare a UBO chart and declaration before the first bank meeting.
• Document the economic purpose of cross‑border transfers with contracts and invoices.
• Maintain updated corporate documents (seal certificate, shareholder list, board resolutions).
• Align intercompany fees with transfer pricing and service agreements to avoid AML red flags.
• Expect ongoing reviews and respond quickly to bank requests to avoid account freezes.

Conclusion

Korea’s AML/KYC updates in 2026 are not just a banking issue—they are an operational reality for foreign companies. By preparing transparent ownership documentation and maintaining disciplined transaction records, foreign businesses can reduce delays, avoid compliance friction, and build credibility with Korean financial institutions. Korea Business Hub can help foreign companies navigate account opening, KYC documentation, and ongoing AML compliance.