33.3k unique visitors in the last 3 days

137 Staff to Work in South Korea’s 24/7/365 National Telco-Banking Police Scam Response Center

Legislators will also emulate compensation schemes in Singapore and the UK that require businesses to reimburse customers who lose money to fraudsters. This comes after the hack of SK Telecom prompted a large fine and promises to ramp up security.

The South Korean government has provided more details about impressive plans to ramp up the nation’s defenses against networked consumer scams. A press conference led by Yoon Chang-ryul, Head of South Korea’s Office for Government Policy Coordination (pictured, at the microphone) made the following commitments.

  • 137 staff will be employed by the police’s national integrated response unit for telecoms and banking scams, a significant rise compared to the 43 staff currently employed in this function. It had previously been announced that the anti-scam unit will begin operating 24 hours a day, 7 days a week, 365 days a year. The new round-the-clock coverage will begin next month.
  • When all controls are working, it should be possible for the police to block a phone number within 10 minutes of them learning of its use by scammers.
  • Telcos will be required to establish fraud monitoring protocols that identify anomalous phone activation patterns at any of their retail outlets. If effective, these protocols should not only identify which stores are used by criminals to obtain and activate SIMs. They should also indicate where there is insider collusion with fraud.
  • Telcos will be pushed to implement voice phishing detection technology across their entire range of handsets instead of only limiting it to handsets that command premium prices.
  • Artificial intelligence will be used to examine data collated from the police, telecoms and finance sector with the intention of proactively identifying suspicious account activity.

Legislators also intend to introduce ‘no fault’ compensation for victims of fraud this year, even if the victim instigated the transfer of funds from their own account. South Korean banks are only currently held liable when fraudsters successfully instruct the bank to make an unauthorized transaction. Yoon said the government will review the compensation regimes in Singapore and the United Kingdom before finalizing South Korea’s rules. This may mean that South Korean telcos will potentially be liable in some circumstances. Singapore has a two-step approach where banks are required to fully reimburse a victim’s losses if some of their mandatory anti-scam controls failed, but telcos may then become liable if the bank met all its obligations and the telco did not. The UK has a contrasting approach which only imposes liabilities on the finance sector.

Care is needed when devising any scheme to compensate victims of fraud because such schemes can also be exploited by criminals. Chosun Biz reports that a South Korean law firm is being investigated because they encouraged over 600 people to falsely claim they were victims of voice phishing. Per the current rules, South Korean bank accounts can be frozen when a customer asserts they fell victim to a voice phishing fraud but not when the victim made transfers due to other kinds of fraud.

It is important to remain circumspect when politicians promise to crack down on networked frauds. They know that many journalists will immediately report the promises while almost none publish stories about the failure to keep them. Maintaining law and order tends to be simplistically associated with the number of police that visibly patrol the streets, not the quality and effectiveness of controls over networked crimes. This leads to a lot of backsliding over the implementation of plans to tackle networked crimes. For example, the UK government first announced ‘an improved national fraud and cybercrime reporting system’ in 2021. This was prompted by an exposé published by The Times in 2019 which revealed that Action Fraud, the organization responsible for collecting and collating data on frauds and cybercrimes, was effectively throwing most reports of crimes into the bin because nobody would do anything about them. The UK government’s promise to replace the reporting system was reiterated in a new national plan to tackle fraud that was written in 2023. In 2024, the replacement was said to have been delayed until mid-2025. At the date of writing, that replacement has still not been delivered.

Nevertheless, I believe the South Korean government is more serious about tackling scams than many of its peers. They need to take effective action because of the effects of the hack of SK Telecom. SK Telecom was fined KRW134.8bn (USD95.8mn) for its data breach and an additional KRW9.6mn (USD7,000) for failing to report the breach to the authorities within the mandatory timelines. The importance fines like these tend to be exaggerated by the press and by weak analysts who think these amounts will influence executives that actually consider them to be trivial. What is more significant is that SK Telecom’s leadership have felt obliged to budget for KRW500bn (USD370mn) of customer giveaways to maintain the loyalty of customers. They have also promised to spend KRW700bn (USD510mn) over the next five years on improving information security, including a KRW10bn (USD7.3mn) donation to a national fund that is also expected to attract donations from other businesses. It is telling that SK Telecom felt the need to ‘voluntarily’ spend such large amounts on restoring its reputation when telcos in many other countries will accept punishment for failing to comply with security rules without making any further substantive changes unless they are legally compelled to do so. This is why telcos in some countries have breach after breach after breach, with no sign of them ever coming to an end. If this breach had occurred in the USA then the telco would have simply fought the fine in court and used the constitution to have it overturned! It is indicative of how Koreans manage relationships between the government, big business and society in general that the fine for South Korea’s biggest telco is small compared to the price it will choose to pay to regain the confidence of the government and the public.

The hack of SK Telecom compromised sensitive data relating to approximately half of South Korea’s population and consequently undermined confidence in South Korean institutions. A high-tech, highly-networked society like South Korea cannot afford to allow the economy to be damaged by a devastating loss of trust. The resulting government pledges to restore trust have been much more specific than those made in other countries. Note how they refer to the exact number of staff to be employed in a national anti-scam function that links data from telcos and banks, and how this will be used to block phone numbers within a 10‑minute timeframe. They promise changes that should be evident within months while other governments take years to accomplish less. South Korea appears to have learned a lesson about the need to proactively prevent networked crime before it can occur. Other countries should be learning from South Korea’s example instead of waiting for criminals to teach them about the error of their ways.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email