South Korean regulators sharply escalated their stance toward exchange compliance as they imposed a 36.8 billion won penalty on Bithumb and ordered a six-month partial business suspension. The enforcement action was framed as the country’s biggest sanction yet against a domestic crypto exchange and a clear warning that AML and KYC failures will be treated as systemic supervisory breaches.
The Financial Intelligence Unit led the case and said the shortcomings were not isolated errors but structural problems spanning customer onboarding, transaction monitoring, and recordkeeping. Regulators argued that the weaknesses were serious enough to undermine the controls meant to stop illicit money flows from moving through the platform.
Regulators Treated the Failures as Systemic
According to the FIU, the investigation uncovered about 6.65 million instances of non-compliance across Bithumb’s operations. The scale of the violations gave regulators the basis to argue that the exchange had failed at the level of process design and compliance intent, not just day-to-day execution.
The agency’s breakdown showed roughly 3.55 million failures to verify customer identity and around 3.04 million cases in which transactions were not blocked even though verification remained incomplete. Those figures suggest that some of the most basic controls in the compliance chain either did not function properly or were not enforced consistently.
The probe also identified 45,772 transactions involving 18 unregistered overseas virtual asset service providers, along with about 16,000 failures to retain required documentation. Taken together, those findings reinforced the FIU’s position that Bithumb’s compliance posture fell well below what regulators now expect from a major domestic exchange.
The FIU used unusually direct language in explaining the penalty, saying Bithumb had shown a “significant lack of compliance intent.” That wording matters because it places the issue not only in the category of control failure, but also in the category of supervisory credibility and management responsibility.
Trading Stays Open, but Pressure Moves to Management
The six-month suspension is partial rather than absolute, which means Bithumb will not be shut down entirely during the sanction period. Regulators chose to restrict external virtual-asset transfers for new users while allowing core trading activity to continue, preserving access to crypto trading and Korean-won transactions on the platform.
Existing users are expected to retain full trading access and account availability, while the restrictions fall more heavily on new customers trying to move assets to or from outside wallets. That structure shows regulators are trying to force corrective action without triggering a complete operational collapse of one of the country’s major exchanges.
The enforcement action also reached senior leadership. Bithumb’s chief executive received a formal reprimand and the designated reporting officer was suspended for six months, making clear that regulators expect management, not just compliance staff, to carry responsibility for remediation.
The case is likely to become a benchmark for future oversight. South Korean authorities are signaling that domestic exchanges should expect tougher supervision, more direct accountability, and less tolerance for compliance systems that fail at scale.