Market Intelligence
Information and Communication Technology Business and Professional Services Safety and Security South Korea Standards, Regulatory, and Technical Requirements Government, Law and Regulation Technical Regulations

South Korea AI Basic Act

South Korea’s AI Basic Act and its Enforcement Decree took effect on January 22, 2026, creating a national framework that combines AI industrial promotion with baseline obligations for trust, safety, transparency, and user protection. For U.S. companies, the key shift is that AI governance now needs to be addressed at market entry, not after launch. U.S. companies offering AI products or services in Korea should assess compliance before launch, especially if their tools involve generative AI, high-impact AI, or large-scale advanced AI systems.

U.S. companies should view Korea’s AI Basic Act as a flexible but increasingly concrete AI compliance regime, distinct from the more prescriptive EU model. Companies entering Korea or serving Korean users should:

•    Assess whether their products may be classified as generative AI, high-impact AI, or large-scale advanced AI; 
•    Prepare Korean-language notices and AI-generated content labeling; 
•    Document risk management and fundamental-rights safeguards; and 
•    Establish a credible local compliance interface where required.

Korea remains attractive because the government is pairing regulation with industrial support and a transition period, but from 2026 onward, AI governance should be treated as part of market-entry strategy for U.S. firms.

The most immediate compliance issue for foreign AI companies is likely to be transparency. Providers using high-impact AI or generative AI must notify users in advance that AI is being used. For AI-generated outputs, providers may also need to disclose that the output was generated by AI, especially where generated images, video, or audio could be difficult to distinguish from reality. Recent guidance distinguishes between outputs that remain within the service environment and outputs that can be downloaded, shared, or exported. In-service use cases such as chatbots, games, or metaverse environments may allow flexible disclosure through user interface (UI) notices, logos, pop-ups, or interface explanations, while exported synthetic content is expected to carry clearer labeling or identification. For U.S. firms, Korean-language notices, AI-output labeling, and product-level disclosure governance should be treated as operational requirements.

On safety, companies should distinguish high-impact AI obligations from those for large-scale advanced AI systems. Operators of high-impact AI should assess whether their products fall within the category and, where applicable, prepare measures for safety and trustworthiness, including risk management plans, explainability measures, user safeguards, human oversight, documentation, and recordkeeping. Separately, large-scale advanced AI systems may face additional risk identification, assessment, mitigation, and risk management obligations if they meet criteria such as training compute exceeding 10²⁶ FLOPs, use of state-of-the-art technology, and potential broad impact on fundamental rights.

Foreign AI business operators without an address or business office in Korea should also review the domestic representative requirement. This is particularly relevant for U.S. AI, platform, cloud, and enterprise software companies serving Korean users from abroad without a local entity. Under the Enforcement Decree, a foreign AI business operator may need to appoint a domestic representative if it meets the following thresholds:

  • Prior-year total revenue of at least $662 million (KRW 1 trillion);
  • Prior-year AI-service revenue of at least $6.6 million (KRW 10 billion); or 
  • At least one million average daily domestic users over the preceding three months as of year-end.

The requirement may also apply if a company has been fined for failing to comply with a suspension or corrective order from Korea’s Ministry of Science and ICT (MSIT).

MSIT, which will implement the AI Basic Act, continues to emphasize a “minimum regulation” approach. To ease early implementation, MSIT is operating a grace period of at least one year in 2026, during which fact-finding investigations and administrative fines will generally be deferred except in exceptional cases involving serious social harm, such as loss of life or human-rights violations. MSIT is also operating the AI Basic Act Help Desk - AI Basic Act Help Desk - through the Korea Software Industry Association (KOSA) and has released guidelines on high-impact AI determination, AI business operator obligations, impact assessments, generative AI transparency, and advanced AI safety. The Help Desk website provides case-specific guidance and a channel to ask questions about statutory obligations, applicable compliance areas, and the latest guidelines.

If you need more information, contact the U.S. Commercial Service Korea: Songmi Heo, Commercial Specialist, Songmi.Heo@trade.gov.