The Korea Herald

소아쌤

CEOs to face stiffer censures for info leaks

By Kim Young-won

Published : June 27, 2013 - 22:03

    • Link copied

The Financial Supervisory Service is poised to turn up the heat on chiefs of companies whose customers were inconvenienced or faced damage due to cyber security lapses.

Chief executives in the financial industry will likely be held more accountable when their firms undergo leaks of customers’ private information through hacker attacks.

Officials at the FSS said Thursday that the regulatory agency will unveil a package of comprehensive countermeasures, aimed at bolstering financial firms’ security of the information technology sector, as early as next week.

“While the CEOs have been cautioned (or issued cautions or cautionary warnings) in cases of hacking or network glitches, some of them will possibly be warned (or issued censure-level warnings or face suspension of duties),” said an FSS official.

Despite the serious network paralysis at Hyundai Capital, Samsung Card and Hana SK Card over the past few years, heads of the firms averted tough disciplinary actions from regulators.

In a move to maximize the oversight efficacy, the FSS and decision-maker Financial Services Commission are closely cooperating with the National Intelligence Service and the Korea Communication Commission.

Over the past few months, the FSS has also carried out an intensive probe into Shinhan Bank and NongHyup Bank by dispatching a group of inspectors to their headquarters in Seoul.

Last March, two bank units of Shinhan Financial Group and three subsidiaries of NongHyup Financial Group suffered serious problems in the online transaction systems.

Two years ago, the FSS said it discovered that personal information of about 1.75 million customers of Hyundai Capital, jointly controlled by auto giant Hyundai Motor Group and U.S.-based GE Capital, was leaked through cyber attacks.

The prosecution said in May 2011 that North Korea masterminded the cyber attack on Nonghyup which paralyzed its online settlement and transaction systems.

Though financial authorities had pledged to conduct tougher oversight of electronic financing, incidents and accidents occurred steadily between 2011 and 2013.

According to a research report from a group of lawmakers, many financial companies failed to abide by regulatory instructions on cyber security last year.

Though regulators call for them to set aside IT security funds equivalent to at least 5 percent of their total IT sector budget, only one out of the seven major commercial banks has met the requirement.

NongHyup Bank spent only at 2 percent lof its total IT budget on IT security, the report showed.

As part of its move to increase oversight, the financial authorities plan to take the currently non-binding “5 percent rule” into serious consideration when they assess financial companies.

By Kim Yon-se (kys@heraldcorp.com)