South Korea's AI Framework Act 2026: The First Comprehensive AI Law in Asia-Pacific

Why South Korea's AI Framework Act matters globally

South Korea's Basic Act on the Development of Artificial Intelligence and Establishment of a Foundation for Trustworthiness — the AI Framework Act — entered into force on January 22, 2026. It is the first comprehensive AI law in the Asia-Pacific region with mandatory compliance obligations backed by financial consequences. Its approach sits between Japan's innovation-first soft law and the EU's risk-based hard regulation.

The Act was passed by South Korea's National Assembly on December 26, 2024, promulgated on January 21, 2025, following the consolidation of 19 separate AI bills into a single unified framework. The Presidential Enforcement Decree, enacted January 21, 2026, provides operational details on key obligations including the computation threshold for high-impact AI operators and domestic representative requirements for foreign entities.

The high-impact AI framework

The AI Framework Act's primary compliance burden falls on operators of "high-impact AI" — AI systems that may significantly affect human life, safety, or fundamental rights in specific sectors. The Enforcement Decree specifies these sectors: healthcare and medical devices; energy supply (electricity, gas); water production and supply; nuclear energy; biometric investigations; employment and HR (including hiring decisions); credit decisions; transportation safety; public administration; and education.

For AI systems in these categories, operators must: conduct AI impact assessments before deployment; implement risk management systems appropriate to the impact level; provide users with meaningful explanations of AI-influenced decisions; ensure adequate human oversight mechanisms; and maintain documentation demonstrating compliance. These requirements have substantive content — they are not disclosure-only obligations.

Generative AI transparency requirements

Operators of generative AI systems that produce content must label outputs to inform users that the content was AI-generated. This applies to text, images, audio, and video generation. The transparency requirement aligns with EU AI Act Article 50's AI-generated content disclosure obligations, though the specific technical implementation requirements differ.

Extraterritorial scope: foreign AI companies must comply

The AI Framework Act applies to foreign entities whose AI systems affect Korean users or markets. This extraterritorial reach means that global AI companies — including those headquartered in the US, Europe, China, and Japan — must assess whether their Korean-facing activities bring them within scope. The Enforcement Decree specifies criteria for the domestic representative requirement: foreign AI companies meeting defined threshold criteria must designate a Korean representative to liaise with MSIT (Ministry of Science and ICT) on compliance matters.

What organisations need to do

Assess whether your AI systems qualify as "high-impact" under the Enforcement Decree's sector definitions. If you operate generative AI systems accessible by Korean users, implement content labelling. If you are a foreign entity with Korean-facing AI, determine whether you trigger the domestic representative requirement. Build impact assessment capabilities and risk management documentation for high-impact systems. The Ministry of Science and ICT (MSIT) is the primary regulatory authority for the Act — engage with MSIT guidance as it develops through 2026.