Skip to content

Reg Intel

South Korea’s AI Regulatory Sandbox: How to Get Exemptions

·

·

Reading time calculated on load

·

South Korea has been running regulatory sandboxes for AI since 2019, seven years before the EU’s mandatory sandbox deadline. Three programs operate simultaneously: an ICT sandbox (MSIT), a financial sandbox (FSC), and an industrial convergence sandbox (MOTIE). Over 100 projects have been approved through the financial sandbox alone. In February 2025, the government designated two AI-specific projects through the ICT sandbox. Unlike sandboxes in most other jurisdictions, Korea’s programs allow testing with real customers and real transactions.

The AI Basic Act (effective January 2026) reinforces this infrastructure through Article 24 (testing and demonstration facilities) and Article 17 (SME compliance support). This article explains each sandbox, who qualifies, and how to apply.

Key Takeaways

  • Korea operates three sandbox programs, all predating the AI Basic Act. The ICT Regulatory Sandbox (MSIT) is the primary program for AI companies.
  • Sandbox participants receive temporary exemptions from existing regulations that would otherwise block their AI product or service. Exemptions last 2-4 years depending on the program.
  • The financial sandbox allows testing with real customers and real money, not simulations. Over 100 projects have been approved since April 2019.
  • Foreign companies with Korean operations can apply. The AI Basic Act’s domestic representative requirement (Art. 36) may be a practical prerequisite for foreign sandbox participants.
  • MSIT launched the Agentic AI Alliance (April 1, 2026) with 250 or more member organizations, signaling that the sandbox ecosystem is expanding into autonomous AI agents.

[Source: AI Basic Act Art. 24; FSC; MLex Feb 2025; MSIT Apr 2026]

What Is Korea’s AI Regulatory Sandbox?

Korea does not have a single “AI sandbox.” It has three overlapping programs created by separate laws, each administered by a different ministry. The AI Basic Act (Art. 24) supports all three by directing the government to promote shared testing infrastructure for AI, but the operational sandbox rules come from the pre-existing statutes.

Sandbox Legal Basis Administrator Since Duration
ICT Regulatory Sandbox Special Act on ICT Convergence MSIT ~2019 Project-specific, typically 2-4 years
Financial Regulatory Sandbox Special Act on Support for Financial Innovation FSC April 1, 2019 2 years, extendable by 2 more
Industrial Convergence Sandbox Industrial Convergence Promotion Act MOTIE + KIAT ~2019 Project-specific

[Source: sector-mappings.md; FSC English portal]

The ICT sandbox is where most AI companies should apply. It grants temporary regulatory exemptions for AI products and services that conflict with existing regulations. The financial sandbox is specifically for fintech and AI in banking, insurance, and securities. The industrial sandbox covers AI in manufacturing, energy, and transportation convergence.

Who Can Apply for the Sandbox?

ICT Sandbox eligibility: Any company testing an innovative AI product or service that conflicts with existing Korean regulations. The applicant must identify the specific regulatory barrier, describe the AI product, and propose a test plan with risk mitigation measures. [Source: Special Act on ICT Convergence]

Financial Sandbox eligibility: Financial service providers testing innovative financial services. The FSC Innovation Review Committee evaluates applications. Over 100 projects have been designated as “innovative financial services” since 2019, with AI credit scoring, fraud detection, and robo-advisory among the approved categories. [Source: FSC; Pertama Partners, Feb 2026]

Foreign company access: Not explicitly restricted in the sandbox laws. Foreign companies with Korean operations or Korean-market services may apply. However, the AI Basic Act’s domestic representative requirement (Art. 36) applies to foreign operators meeting revenue or user thresholds, which may create a de facto prerequisite for sandbox participation. [Source: AI Basic Act Art. 36]

What Regulatory Exemptions Are Available?

Sandbox participants receive temporary exemptions from specific laws and regulations that would otherwise block their AI service. This is not a “lighter” version of compliance. It is a genuine suspension of regulatory requirements for the testing period.

The ICT sandbox can waive provisions of any law or regulation identified as a barrier to the AI product. The financial sandbox provides designated “innovative financial service” status, which exempts the participant from standard financial licensing requirements during the test period. [Source: Special Act on ICT Convergence; Financial Innovation Support Act]

Limitations: sandbox exemptions do not override consumer protection requirements, PIPA (data protection), or criminal law. Safety conditions apply during the testing period, and participants must report results to the administering authority.

How Does the Application Process Work?

ICT Sandbox process:

  1. Submit application to MSIT identifying your AI product, the regulatory conflict, your proposed test plan, and risk mitigation measures.
  2. Inter-ministerial review evaluates the application.
  3. If approved, temporary exemption from specified regulations is granted.
  4. Duration is project-specific, typically 2-4 years.
  5. During the test period, comply with safety conditions and reporting requirements.
  6. At expiration: either regulatory reform is enacted to accommodate the innovation permanently, or the service must cease operating under the exemption.

Financial Sandbox process:

  1. Apply to FSC with service description, regulatory barriers identified, and consumer protection plan.
  2. FSC Innovation Review Committee evaluates.
  3. If approved, designated as “innovative financial service” with regulatory exemptions.
  4. Test with real customers and real transactions (not simulations).
  5. Duration: 2 years, extendable by 2 additional years.

[Source: FSC English portal; sector-mappings.md]

What AI Projects Have Been Approved?

ICT Sandbox (February 2025, MLex): The government designated four new projects including two AI-specific ones: (1) AI programs using original CCTV video data, and (2) AI programs running on financial company intranets using sensitive data. [Source: MLex, Feb 13, 2025]

Industrial Convergence Sandbox (January 2025): A call for applications included an AI track for “synthetic data generation and provision for AI utilization activation,” offering regulatory exemptions under PIPA plus up to KRW 300 million in pilot project funding. [Source: KISA notice, Jan 23, 2025]

Financial Sandbox AI projects include:

  • AI credit scoring using alternative (non-financial) data
  • AI fraud detection systems for banking
  • Robo-advisory investment services
  • AI-based insurance underwriting
  • The 2026 Fintech AI Development Program: up to KRW 350 million subsidy (60-75% coverage) for AI in fraud detection, credit scoring, robo-advisory, and regulatory compliance

[Source: FSC; Pertama Partners, Feb 2026]

How Does Korea’s Sandbox Compare to the EU’s?

Factor Korea EU (Art. 57-63)
Operational since ~2019 Deadline August 2, 2026
Head start ~7 years Launching now
Programs 3 separate 1 per member state (minimum)
Projects approved 100+ (financial alone) Spain: 8 companies. Denmark: 2 rounds. Most MS: not started
Real-world testing Yes (financial sandbox: real customers, real money) Art. 60-61 with safeguards, informed consent
SME priority AI Basic Act Art. 17 (compliance support) Art. 62 (priority access, reduced fees)
Data provisions PIPA applies; new Mar 2026 pseudonymized data guidelines lower barriers Art. 59 permits reprocessing beyond original purpose within sandbox
Foreign access Not restricted (domestic rep may apply) Open to providers and prospective providers

[Source: AI Basic Act Art. 24; FSC; Regulation (EU) 2024/1689 Art. 57-63; EP Think Tank, Mar 2026]

Korea’s sandbox system is the most mature for AI testing among major AI-regulating jurisdictions. The EU’s framework is well-designed but largely unbuilt. Spain is the only EU member state with a fully operational AI sandbox as of April 2026.

What Should You Do to Prepare?

  1. Identify which sandbox fits your AI product. AI in financial services goes to FSC. General AI products go to MSIT’s ICT sandbox. AI in manufacturing or energy convergence goes to MOTIE.
  1. Map the specific regulatory barriers your AI faces. The application requires identifying which existing regulations conflict with your product. Be specific: cite the law, article, and provision.
  1. Build a risk mitigation plan. Safety conditions apply during sandbox testing. Consumer protection and PIPA compliance are not waived.
  1. Check if you need a domestic representative. If you are a foreign company meeting the Art. 36 thresholds (revenue KRW 1 trillion or more, AI service revenue KRW 10 billion or more, or 1 million or more daily Korean users), appoint a representative before applying.
  1. Consider the SME support track. Article 17 of the AI Basic Act provides special compliance assistance for SMEs, including help with impact assessments and the sandbox application process.

For the full legal framework, see our AI Basic Act guide. For which sectors are classified as high-impact, see our 11 sectors mapped. For enforcement trends showing how the PIPC uses model deletion orders, see our PIPC enforcement analysis.

Reg Intel is not a law firm and does not provide legal services. This content is for informational purposes only and does not constitute legal advice. Consult qualified Korean legal counsel for jurisdiction-specific compliance guidance.

Last verified: April 7, 2026

How South Korea Compares

Vietnam has also implemented regulatory sandboxes with sector-specific rules for AI in finance and healthcare. The EU AI Act creates its own sandbox framework under Art. 57, but with fewer active projects.

Sources

Official Sources

  • AI Basic Act (Law No. 20676) Art. 24, 17, 36 via law.go.kr
  • Special Act on ICT Convergence (ICT Regulatory Sandbox)
  • Special Act on Support for Financial Innovation (Financial Sandbox)
  • CSET Georgetown English translation (July 2025) — Link

Analysis and Commentary

  • Pertama Partners, “Korea Fintech AI Development Program” (February 2026) — Link
  • Baker McKenzie, “South Korea AI Basic Act” (February 2026) — Link
  • ECIPE, Nigel Cory, “Korea’s New AI Law” (2026) — Link
  • EP Think Tank, “AI Act National Implementation Status” (March 2026)

Data Sources

  • MLex, “South Korea Designates Two AI Projects for Regulatory Sandbox” (February 13, 2025)
  • KISA, “Industrial Convergence Sandbox Call for AI Applications” (January 23, 2025)
  • FSC, Financial Regulatory Sandbox English portal — Link
  • MSIT, “Agentic AI Alliance Launch” (April 1, 2026)

Compare: EU vs South Korea

For the global keystone comparison across twelve dimensions — high-impact vs high-risk classification, mandatory vs voluntary conformity, KRW 30M vs €35M penalties, Korea’s innovation chapter, and a five-step dual-market compliance baseline — see EU vs South Korea AI Act: High-Impact vs High-Risk Compared (2026).

Disclaimer

This content is for informational and educational purposes only. It does not constitute legal advice. AI regulation varies by jurisdiction and changes frequently. Consult qualified legal counsel for advice specific to your organization’s circumstances and jurisdiction. Reg Intel is not a law firm and does not provide legal services.

The Weekly Brief

5 AI regulation developments that matter. Every Tuesday.

Reg Intel
Published: April 7, 2026 · Updated: May 1, 2026
Source: https://reg-intel.com/south-korea-ai-regulatory-sandbox/