my timesThe Korea Times
  1. Economy

Banks struggle to adopt generative AI as cybersecurity concerns linger

Listen
By Lee Kyung-min
  • Published Jul 29, 2025 12:00 pm KST


gettyimagesbank

gettyimagesbank

Commercial lenders are finding it difficult to fully integrate generative artificial intelligence (AI) technologies into their financial services, impeded by the current regulation that prohibits the use of full, unencrypted personal credit information, market watchers said Monday.

Local banks have embraced generative AI technologies to assess credit risk and employee assistance in customer consultation services. However, the risk of “hallucinations” lingers, essentially rendering the data unusable despite the sheer volume of rich datasets.

“Generative AI adoption is a paradigm change,” a Woori Financial Group official said. “Full deregulation will help guarantee enhanced customer service and workflow efficiency, despite lingering unresolved cybersecurity and privacy risks.”

The official said entry-level, or less experienced, employees will be able to reduce time needed for assisting customers, bolstering productivity. “We expect more AI-mediated services to boost our overall support capabilities.”

The assessment comes amid delays in regulatory changes concerning the network separation in the financial sector.

The Financial Services Commission (FSC) is likely to delay its initial plans to allow the use of unencrypted data in the generative AI-mediated financial services until next year, instead of during the latter half of this year.

Central to the more cautious approach is the need to balance innovation and security in the network separation.

Under the law, financial services providers must obtain regulatory sandbox approval from the FSC to use generative AI services within their intranet servers and networks. Even with the approval, only encrypted data will be allowed for service use.

“It is understandable that the financial authorities are taking a cautious approach, mindful of potential fallout triggered and amplified by a lack of regulatory fallback. However, delays in technology implementation will inevitably lead to delays in service quality improvements overall,” an industry official said on condition of anonymity.

Last December, the FSC approved a pilot program whereby nine financial service providers were allowed to use encrypted personal data to provide generative AI services within their internal networks.

The authorities planned to expand the program following a review over its effectiveness and security.

However, data protection and privacy issues have since emerged, with vulnerability issues involving cyberthreats left unaddressed and unresolved.

The current AI-powered financial services are ones that do not violate privacy or data protection issues, mostly assisting bank employees with heavy loads of data analysis.

For example, Woori Bank in April introduced an AI knowledge consultation system enabled by agentic retrieval‑augmented generation.

This technology not only analyzes user enquiries but sets goals and collects and evaluates information from multiple sources.

This helps sales employees provide accurate information about financial regulations, procedural protocols and product details in real time.