The Financial Intelligence Unit (FIU), a crime monitoring and prevention body under South Korea’s Financial Services Commission, fined cryptocurrency exchange Bithumb 36 billion won (about $24.5 million) for anti-money laundering (AML) violations.

 

The fine follows an on-site inspection of the exchange conducted by the regulator in March and April last year, which found that Bithumb had violated the Specific Financial Information Act 6.65 million times. The act requires exchanges to restrict transactions with unregistered virtual asset service providers, block suspicious transactions, and verify their customers.

 

Bithumb was also found to have violated the Act on Reporting and Use of Financial Information by facilitating 45,772 cryptocurrency transactions with 18 unregistered overseas virtual asset service providers and cryptocurrency firms. Despite repeated warnings from the regulator, Bithumb failed to take corrective action.

 

"We have continuously requested Bithumb to stop trading with undeclared overseas virtual asset service providers, but it failed to fulfill its legal compliance obligations and demonstrated a markedly insufficient willingness to comply with the law, such as failing to implement effective blocking measures over an extended period," the FIU explained. 

 

In addition to the $24 million fine imposed by the regulator, Bithumb has been ordered to halt all external crypto transfers for new customers from March 27 to Sept. 26. The ban, however, does not affect existing customers trading on the exchange.

 

Despite facing the largest fine ever imposed on a South Korean exchange, Bithumb said it would address the issues highlighted. "We will resolve the issues identified in this inspection and do our best to create a safe trading environment and protect users," the company said.

 

 

South Korea Cracks Down on Compliance Violators

South Korea has been cracking down on compliance violators, particularly cryptocurrency exchanges that breach Anti-Money Laundering (AML) and Know Your Customer (KYC) regulations. In November 2025, the country fined its largest cryptocurrency exchange, Upbit, 35.2 billion won (approximately $25 million) and imposed a three-month partial suspension after the exchange failed to comply with AML and KYC rules.

 

On December 31, 2025, the FIU fined Korbit 2.73 billion won ($1.9 million) and issued a stern institutional warning to the exchange’s executives following a compliance audit that revealed weaknesses in its anti-money laundering (AML) and know-your-customer (KYC) procedures.

 

The FIU is currently conducting an on-site review of Coinone, which is expected to conclude later this year. Although there are unconfirmed reports that the agency has already flagged violations, no official report or penalties have been issued.

 

 

Flow Foundation is seeking a court order in Seoul to halt the planned delisting of the FLOW token on three South Korean exchanges following an exploit on the protocol in December. 

 

The Flow Foundation and its parent company, Dapper Labs, filed a motion with the Seoul Central District Court on Monday to block the delisting of the FLOW token from three South Korean exchanges.

 

This move is coming months after the Layer 1 blockchain protocol suffered a security incident in December, which led to several exchanges temporarily stopping the trading of the FLOW token at the time. However, three major Korean exchanges; Upbit, Bithumb, and Coinone, have moved to permanently stop the trading of the token on their exchanges on March 16.

 

 

Flow’s Security Incident

On December 27, 2025, Flow suffered a protocol-level exploit that resulted in losses of about $3.9 million. The breach was caused by a flaw in the smart-contract runtime within Flow’s execution layer, which allowed the attacker to exploit vulnerabilities in Cadence. 

 

Cadence is Flow’s smart contract runtime. By exploiting the flaw in Cadence, the attacker was able to duplicate Flow tokens instead of properly minting them. 

 

After duplicating the tokens, the attacker attempted to bridge them out of the protocol using cross-chain bridges such as Celer, deBridge, Relay, and Stargate. However, this abnormal activity was detected by Flow’s validator network, which placed the blockchain in read-only mode, halting further asset transfers. 

 

This incident led to a sharp decline in the price of the FLOW token. Prior to the breach, FLOW was trading at around $0.17, but it fell over 40% to roughly $0.097 within hours of the exploit being announced. 

 

Image credit: Tradingview

 

The incident also affected the token’s market cap. Before the breach, FLOW had a market cap of around $280–284 million. After the breach, it fell to approximately $164–170 million. Although the breach directly resulted in a $3.9 million loss, the protocol’s total market value dropped by over $110 million. 

Image credit: Coingecko

 

Following remediation efforts after the incident, the Flow Foundation claimed that every major global exchange has independently reviewed and restored FLOW token trading on their platforms.

 

According to the foundation, the FLOW token remains fully available and tradeable on major exchanges, including Binance, Coinbase, Kraken, OKX, Gate.io, HTX, and Bybit, with Korbit being the only Korean exchange still supporting the trading of FLOW.