전자금융거래와 無過失責任主義

박훤일(Park, Whon-Il) 경희법학연구소 2005 경희법학 Vol.40 No.1

A bill to ensure the stability and reliability of electronic financial transactions was proposed to the National Assembly consecutively in 2003 and in 2005. The banking industry strongly opposed to the establishment of a draft Electronic Financial Transactions Act because financial institutions would be responsible for any forgery and hacking incident of electronic financial transactions regardless of their fault or negligence. On the other hand, consumers associations are also not fully satisfied with the bill because they see that the bill imposes insufficient responsibility of financial institutions. The government-proposed bill imposes liability on financial institutions and other e-payment service providers in the event of a theft or forgery of such access media as PIN and password, on-line hacking, and other electronic incidents regardless of the institutions fault or negligence. The goal of the bill is to provide a reasonable allocation of responsibility among the participants in electronic financial transactions. It goes one step further than the liability status imposed by the current general terms for electronic financial transactions. So financial institutions are not responsible at all for customers verifiable intent or gross negligence. The bill is also about to oblige financial institutions to take safety measures such as casualty insurance, mutual aid programs or reserve accounts. Opponents to the government-initiated bill argue that the bill will encourage electronic transactions-related crimes, and create additional incentives for customers to be careless. They fear that frequent e-banking incidents could undermine the financial stability of banks by forcing damages and additional security measures to be borne by banks, and the increase of e-banking fees would ultimately thwart the e-banking transactions. Opponents also point out that the bill is contrary to the conventional legal system based on negligence liability. Nevertheless, there appears to be a significant trend of strict liability in such areas as consumer protection and environmentalism in Korea. For example, the Products Liability Act, the Soil Environment Preservation Act and Nuclear Energy Damages Compensation Act have similar strict liability clauses. Therefore, strict or no fault liability envisaged in the e-banking bill should be established for the following reasons if the public reaches national consensus in that direction: - Electronic financial transactions are inherently profitable to banks and e-payment service providers; - It is reasonable for the party who have control over incidents to be responsible for them when nobody proves to be negligent; - It is quite natural for the party introducing sophisticated technologies to pay attention to the related incidents; - It is reasonable for the party with deep pockets to invest in information security technologies with diverse spill-over effects which will be applicable to financial transactions; and - Financial institutions which have a great number of customers are required to build a bridgehead in solving the problems caused by technological developments. Also, financial institutions have ample and reasonable opportunities to mitigate the strict liability imposed upon them, e.g., via generally applicable indemnification clauses, acknowledgment of state-of-the-art security technology excuses and the segregation of B2B and B2C transactions. Thus, financial institutions will usually take the comparative liability to corporate clients, while they assume strict liability toward individual customers. Ultimately, it would be inevitable that banks are forced to spend greater sums on fortifying their systems to prevent hackers intrusions into their on-line banking services, repairing flawed technologies, purchasing new equipment, hiring on-line security consulting firms, and finally entering into casualty insurance contracts or mutual aid programs.

전자금융거래 관련법의 구조와 개선방향

손진화 가천대학교 법학연구소 2008 가천법학 Vol.1 No.1

금융이라 함은 자금의 융통 또는 수급관계를 나타내는 용어이며, 금융거래는 금융자산을 대상으로 하는 거래이다. 광의의 전자금융거래는 전자적 방법에 의한 금융거래를 뜻하며, 전자지급거래·전자증권거래·전자보험거래 기타 전자적 수단에 의한 금융거래를 포함한다. 협의의 전자금융거래는 전자지급수단에 의하여 자금을 이동시키는 거래 즉 전자지급거래를 뜻하며, 전자자금이체·전자화폐지급·선불전자지급·모바일지급 등이 이에 속한다. 전자금융거래법은 총칙(제1장), 전자금융거래 당사자의 권리와 의무(제2장), 전자금융거래의 안전성 확보 및 이용자 보호(제3장), 전자금융업의 허가와 등록 및 업무(제4장), 전자금융업무의 감독(제5장), 보칙(제6장)과 벌칙(제7장)의 7개 장, 51개 조로 구성되어 있다. 이 논문은 전자금융거래법의 개선방안에 관하여 다음의 5가지 문제를 다루고 있다: (a) 전자금융거래법의 기본법으로서의 위상 정립 (b) 전자금융거래의 안정성 확보 및 이용자보호에 관한 개선 (c) 전자금융업 허가·등록의 자격요건 및 절차의 보완 (d) 전자금융업무 감독 규정에 관한 보완 (e)전자금융거래 약관의 개선 Electronic financial system is a system which brings automation, electronic process and networking of financial transaction by applying information and network technology to the transaction. The Electronic Financial Transaction Act of 2008[EFTA] defines electronic financial transaction[EFT] as any transaction whereby a financial institution or an electronic financial service provider provides financial items and services through electronic apparatuses and the users use them in a non-facing and automated manner without any direct contact with the financial institution or the employees of the electronic financial business operator. The EFTA is composed of seven chapters: Chapter Ⅰ General Provisions, Chapter Ⅱ Rights and Duties of Parties to Electronic Financial Transaction, Chapter Ⅲ Securing of Saftety of Electronic Financial Transactions and Protection of Users, Chapter Ⅳ Permission, Registration and Functions of Electronic Financial Business, Chapter Ⅴ Supervision of Electronic Financial Business, Chapter Ⅵ Supplementary Provisions, and Chapter Ⅶ Penal Provisions. This Article suggests the following proposals on the improvement of current EFTA: (a) establishment of the status as a basic law of the EFTA, (b) improvement of securing of safety and protection of users relating to electronic financial transactions, (c) improvement of procedures relating to the permission and registration of electronic financial business, (d) improvement of provisions relating to the supervision of electronic financial business, and (e) improvement of the terms and conditions of electronic financial transactions.

전자금융거래법의 체계와 최근 개정 논의에 대한 비판적 검토

정경영 한국상사법학회 2020 商事法硏究 Vol.39 No.3

The Electronic Financial Transactions Act has maintained the legal stability of the nation's electronic financial transactions for decades. There have been many controversies and precedents regarding the responsibility of electronic financiers (Article 9 of the same Act) and some revisions to the liability-related regulations and supervisory regulations, but the framework has been well preserved. The debate over the distinction between electronic currency and prepaid electronic payment means can also be assessed as having a future-oriented nature, given that the possibility of the emergence of genuine electronic currency (CBDC) has made it distinct from prepaid electronic payment means having the substance of electronic gift certificates. Unlike other financial regulatory laws, the Electronic Financial Transactions Act is a mixture of trading laws that regulate electronic financial transactions, and supervisory laws that regulate financial institutions that execute transactions. However, it is not only impossible but also inappropriate to understand this as a simple financial regulatory law and to discipline all of the new FinTech technologies that emerge and disappear rapidly from the perspective of supervision. The classification of funds transfers (including debit), electronic currency and prepaid types of operations on the basis of electronic means of payment is an appropriate classification based on the transaction method, which has the advantage of being able to apply existing provisions or to be classified in the Enforcement Decree of the Electronic Financial Transactions Act, even if a new type of electronic payment method emerges. Though new FinTech technologies (such as payment instruction services) emerge, the concept of electronic financial assistance business is already established in the Electronic Financial Transactions Act, and if regulations are required, it can be implemented in the Enforcement Decree of the same Act. I believe that the introduction of a comprehensive payment settlement business can also be completed instead by granting the right to open a payment account to the fund management business while allowing integrated approval and registration, which can replace the introduction of new operators and avoid overlapping operations. Finally, while securing the legal basis of the electronic payment system and its operating agencies is necessary for international convergence, it is appropriate to introduce a new concept of a payment transaction liquidation system, not subject to supervision, and to regulate it consistently in relation to monitoring obligations in the Bank of Korea Act rather than as stipulated in the Electronic Financial Transactions Act. 전자금융거래법은 십수년간 우리나라의 전자금융거래의 법적 안정성을 유지시켜온 법률이다. 전자금융업자의 책임(동법 제9조)에 관한 많은 논란과 판례가 있었고 책임관련 규정과 감독규정에 일부 개정이 있었지만 그 틀을 잘 보존해 왔다. 전자화폐와 선불전자지급수단의 구별에 관한 논쟁도, 최근 중앙은행 발행의 디지털화폐(CBDC)라는 진정한 전자화폐의 출현 가능성으로 전자식 상품권의 실질을 가진 선불전자지급수단과 확연히 구별될 수 있게 되었다고 볼 때 동 법률은 미래지향적인 성격을 가졌다고 평가할 수 있다. 전자금융거래법은 다른 금융규제법과 달리 전자금융거래를 규율하는 거래법과 거래를 실행하는 금융기관을 규제하는 감독법이 혼합된 법률이다. 그런데 이를 단순한 금융규제법으로 이해하고 감독의 관점에서 명멸하는 새로운 핀테크의 기술을 다 규율하는 것은 불가능할 뿐만 아니라 부적절하다. 전자지급수단을 기준으로 영업의 분류하는 자금이체(직불 포함), 전자화폐, 선불형의 분류방식은 거래법에 기반을 둔 분류로서 적절하여 새로운 성격의 전자지급수단이 등장하더라도 기존의 규정을 유추적용하거나 전자금융거래법 시행령에서 세분류할 수 있는 장점이 있는 분류방식이다. 새로운 핀테크 기술(예컨대, 지급지시서비스업 등)이 등장하더라도 전자금융보조업이라는 개념이 이미 전자금융거래법에 정립되어 있으므로 그에 귀속시키고 규제가 필요할 경우 동법 시행령에서 구현이 가능하다고 본다. 종합지급결제사업자의 도입도 자금이체업에 지급계좌 개설권한을 부여하면서 통합된 인가·등록이 가능하도록 하면 새로운 사업자의 도입을 충분히 갈음할 수 있고 중복적인 영업을 피할 수 있어 경제적 입법을 완성할 수 있다고 본다. 마지막으로 전자지급시스템과 그 운영기관의 법적 기반의 확보는 국제적 정합성을 위해 필요할 뿐만 아니라, 이는 감독의 대상이 아니라 감시의 대상이므로 전자금융거래법에 지급거래청산제도라는 새로운 개념을 도입하는 것보다는 한국은행법에서 감시책무와 관련시켜 일관성 있게 규율하는 것이 적절하다고 본다.

전자자금이체에 관한 연구

이창운 한국금융법학회 2015 金融法硏究 Vol.12 No.1

Electronic Financial Transactions Act of Korea was enacted to solve the many issues associated with electronic financial transaction in 2007. And the amendment was made over 10 times since then. However, the problems associated with it also appears continuously in accordance with the continuous development of electronic financial transactions. Accordingly, in this paper, we studied the regulations and its problems and improvement of an electronic funds transfer among electronic financial transactions. This paper is composed of all seven chapters, the topics covered in each chapter are as follows : Chapter Ⅰ Introduction : South Korea's payment system, enactment and amendment of Electronic Financial Transactions Act, and legal issues associated with electronic funds transfer are described. Chapter Ⅱ The significance of electronic funds transfer : Regulations on electronic funds transfer and the significance of electronic funds transfer in South Korea, the significance of electronic funds transfer in the foreign law were summarized. Chapter Ⅲ Legal relationship between the parties to the electronic funds transfer : Legal relationship between the parties to transfer payment, and legal relationship between the parties to collection transfer were studied. Chapter Ⅳ Legal issues associated with electronic funds transfer : Effective time of the electronic funds transfer, transfer error, loss or theft of the access material, assignment of the access material, transfer-related accidents, failure to transfer instructions, error transfer to the recipient were studied. Also my personal opinion about it was said. Chapter Ⅴ Legal issues of telecommunications financial fraud : The significance of telecommunication financial fraud and relief of telecommunications financial fraud victims were described. Chapter Ⅵ : Problems and Solutions : We discussed the issues that require amendment of Electronic Financial Transactions Act and General Terms and Conditions for electronic financial transactions, and then proposed improvement measures. Chapter Ⅶ Conclusion : The main information of this papers was summarized.

명의도용 전자금융거래와 금융소비자 보호 방안

정진성 제주대학교 법과정책연구원 2024 法과 政策 Vol.30 No.2

서울중앙지방법원 2022. 4. 5. 선고 2021가단16087판결(이하 '대상판결' 이라 한다)은 비대면 전자금융거래 시 금융회사등이 취해야 할 본인확인의무 또는 피해방지의무를 제대로 이행하였는지에 대한 판단기준으로 '비대면 실명확인방안' 이라는 명확한 기준을 제시하고 전자문서법 제7조 제2항 제2호의 정당한 이유의 판단에 있어 명의인의 귀책성을 고려한 점에서 의미가 있다. 하지만 본인확인 절차를 거친 외관이 존재하면 명의를 도용당한 경우에도 명의인에게 전자금융거래의 효과가 귀속될 우려가 존재하고, 금융회사의 가중된 주의의무를 충분히 고려하지 않은 점에 있어 아쉬움이 있다. 또한 이용자의 과실과 전자금융거래의 의심스러운 정황 등을 언급하면서도 금융회사의 책임을 이용자의 고의가 있었던 경우가 같이 전부 면책시킴으로써 금융소비자를 보호하기 위한 전자금융거래법 제9조의 입법취지를 충분히 반영하지 못하였다는 점을 지적할 필요가 있었다. 전자문서법 제7조 제2항 제2호의 외관신뢰보호법리를 적용하기 위해서는 본인의 행위라는 외관 형성에 대한 명의인의 귀책성과 통상적으로 볼 수 없는 이상 거래 등 특별한 사정이 있는 경우에는 금융회사에 가중된 주의의무를 인정하여 ‘정당한 이유’를 제한적으로 판단하여야 한다. 법원은 금융회사의 책임감면 사유인 이용자의 중과실을 확대해석하는 경향이 있어 이용자가 전자금융사고로인해 발생한 손해에 대하여 금융회사로부터 배상받을 수 있는 폭을 축소시키고 있다. 금융회사 입장에서는 비대면 실명확인방안에서 정한 본인확인 절차를 거치기만 하면 무권한 거래로 인한 손해에 대해 책임을 분담하지 않게 되므로 이용자 보호를 위한 선진 금융보안 기술 도입에 소극적이 되지 않을까 우려된다. 비대면 전자금융거래의 신속성과 편리성을 계속하여 누리기 위해서는 전자금융거래의 안전성과 신뢰성을 확보할 수 있도록 금융회사가 본인확인 절차에 더욱 주의를 기울일 책임이 있다. 전자금융거래법 제9조가 입법취지에 맞는 역할을 하기 위해서 법원은 금융사기 피해자인 이용자들의 고의나 중과실에 집중할 것이 아니라 전자금융거래시스템을 관리・운영하는 은행의 우월적 지위에 주목하여 보다 적극적으로 피해자들을 구제하는 법의 해석을 하여야 할 것이다. 더 나아가 국회는 이용자의 과실 정도와 금융회사의 사고예방노력정도를 단계별로 구분하는 법령을 마련하여 구체적인 판단기준을 제시하여야 한다. 전자통신기술이 발전하는 만큼 전자금융범죄 수법도 진화를 거듭하여 새로운 유형・높은 위험의 전자금융거래 사기 발생빈도가 높아지고 있으므로 전자금융거래에서 금융소비자를 완전하게 보호하기 위한 체제를 지속적으로 구축해 나아가야 할 것이다. The Judgement acts as a judgement criterion for implementation of identity verification, or damage prevention obligation carried out by financial companies during electronic financial transaction, presenting ‘Untact real-name verification method’, a definite criterion, significant in taking concern of the imputation of the holder when deciding justifiable ground in accordance with Article 7 (2) (ⅱ) of the Electronic Documents Act. However, in presence of visual identity inspection, lies concern of the effect of electronic financial transaction to be vested in the holder even when one’s title had been stolen by deception. In addition, despite the mentioning of suspicious reasons and degree of culpability, realizing the exemptions being made to all responsibilities belonging to financial companies along with intentional cases of the users, it was necessary to point out the lack of appliance of the legislative intent in Article 9 of Electronic Financial Transactions Act in purpose of protecting financial consumers. To apply legal principles of apparent authority mentioned in Article 7 (2) (ⅱ) of the Electronic Documents Act, there should be limited judgement of ‘justifiable grounds’ through understanding the overloaded duty of care on financial companies, in special cases attributable to the holder, of abnormal, unusual transactions, etc. The court, being inclined to overinterpret gross negligence of the user for which acts as reason for waiver of responsibility obliged to financial companies, causes decrease in the range of compensation from financial companies for the loss resulted in electronic financial accident. For financial companies, it is concerned that companies will be less active in terms of introducing advanced technology for financial security, as the identification process stated by ‘Untact real-name verification method’ prevents division of responsibility of loss during unauthorized transactions. It is necessary for financial companies to take serious care in identification process to obtain reliability and stability, to continuously provide the quick and easy untact electronic financial transactions. For the Article 9 of Electronic Financial Transactions Act to take on the role of its principle, the court must provide legal interpretation for saving the victims, by focusing on the superior status of banks, in charge of operating and managing Electronic financial transaction system, rather than the fault and purposefulness of the users;the victims of financial fraud. Furthermore, it is suggested for the National Assembly to propose specific judgement criteria through legislation to classify levels of efforts preventing accidents of financial companies as well as the range of negligence of the user. The frequency of occurrence of new, high-risk electronic financial transaction fraud is increasing due to advancement of crime methods followed by development of electronic communication technology, resulting in need to consistently estabilish a system for protecting financial consumers completely.

주제별 논단 : 연구논문 ; 전기통신금융사기와 관련된 전자금융거래법상 금융기관의 책임

김홍식 ( Hong Sik Kim ) 한국금융법학회 2015 金融法硏究 Vol.12 No.3

Electronic Financial Transactions Act (EFTA) of Korea was amended on May 22, 2013. Among the amendment Section 9 of EFTA got a important issue because section 9 of EFTA is about Liability of Financial Institution related to Electronic Financial Transaction Fraud. Below is the section 9 of EFTA andunderlined is a new one that was not existed before amendment. Article 9 (Liability of Financial Institution or Electronic Financial Business Operator) ① the financial institution or electronic financial business operator concerned shall be liable for indemnifying him/her for the loss, in case of a user suffers any loss as a result of an accident under any of the following subparagraphs : 1. An accident arising out of forgery or alteration of the means of access. 2. An accident arising in the course of electronically transmitting or processing the conclusion of a contract or a transaction request. 3. An accident arising due to the use of the means of access acquired through deception or other improper means and unauthorized accessing of electronic devices or telecommunications networks for electronic financial transactions. As a result of amendment, Sec 9, paragraph 3, subparagraph 1 could be applied to electronic financial transaction fraud such as voice phishing, messenger phishing, pharming, memory hacking including reissuance of digital certificate. Also the scope of liability of financial Institution can be expand. In this research paper, some disputed points are discussed as below ; 1. What is an detailed content of EFTA sec 9 and 3 sort of accidents of sec 9, paragraph 1 of EFTA? 2. What kinds of electronic financial transaction fraud can be applied to accidents of sec 9, paragraph 1 of EFTA? 3. When can the user bear the liability that is originally belong to financial institution?

주제별 논단 : 연구논문 ; 전자자금이체에 관한 연구

이창운 ( Chang Woon Lee ) 한국금융법학회 2015 金融法硏究 Vol.12 No.1

Electronic Financial Transactions Act of Korea was enacted to solve the many issues associated with electronic financial transaction in 2007. And the amendment was made over 10 times since then. However, the problems associated with it also appears continuously in accordance with the continuous development of electronic financial transactions. Accordingly, in this paper, we studied the regulations and its problems and improvement of an electronic funds transfer among electronic financial transactions. This paper is composed of all seven chapters, the topics covered in each chapter are as follows : Chapter Ⅰ Introduction : South Korea``s payment system, enactment and amendment of Electronic Financial Transactions Act, and legal issues associated with electronic funds transfer are described. Chapter Ⅱ The significance of electronic funds transfer : Regulations on electronic funds transfer and the significance of electronic funds transfer in South Korea, the significance of electronic funds transfer in the foreign law were summarized. Chapter Ⅲ Legal relationship between the parties to the electronic funds transfer : Legal relationship between the parties to transfer payment, and legal relationship between the parties to collection transfer were studied. Chapter Ⅳ Legal issues associated with electronic funds transfer : Effective time of the electronic funds transfer, transfer error, loss or theft of the access material, assignment of the access material, transfer-related accidents, failure to transfer instructions, error transfer to the recipient were studied. Also my personal opinion about it was said. Chapter Ⅴ Legal issues of telecommunications financial fraud : The significance of telecommunication financial fraud and relief of telecommunications financial fraud victims were described. Chapter Ⅵ Problems and Solutions : We discussed the issues that require amendment of Electronic Financial Transactions Act and General Terms and Conditions for electronic financial transactions, and then proposed improvement measures. Chapter Ⅶ Conclusion : The main information of this papers was summarized.

전자금융거래법상 금융회사의 책임

박진근 한국법정책학회 2015 법과 정책연구 Vol.15 No.4

We are frequently encountered the term as e-commerce, online transactions, electronic banking. Continuous development of computers and communications has had a great influence on the development of e-commerce, e-banking ande-banking. In e-banking Exchange Act was enacted to clarify the legal relationship of the parties and to the national electronic financial transactions on electronic banking supervision accordingly. This law was clearly the rights, obligations and liabilities of finance companies and users of the Framework Act on Electronic Financial Transactions. Cause of the accident electronic banking occurring in reality can be divided into cases caused by the user and caused by the financial companies. Most e-banking transactions are often caused by intention or fault of the user. However, the legal discussion of e-banking incidents were limited to electronic financial transactions accident caused by the user. But e-banking incidents caused by the financial institutions do not become relatively discussion. Electronic Banking accidents caused by the financial companies are thought to be due to lower than by the user. Bute ㄷe-banking incidents caused by the financial company has a problem in that more widespread and severe by users. Nevertheless, the legal discussion of e-banking incident is a situation that is not even being discussed. 오늘날, 전자통신기술의 발달로 인하여 인터넷이 보편화되면서 전자금융거래를 통한 금융거래가 활발히 이루어지고 있다. 그러나 전자금융거래가 발달함에 따라 그 역기능으로서 전자금융사기로 인한 피해가 증가하여 금융회사가 이로 인해 발생한 손해를 배상할 책임에 대하여 2013년 5월 개정된 ‘전자금융거래법’ 제9조 제1항 또는 ‘정보통신망 이용촉진 및 정보보호 등에 관한 법률’ 제2조 제1항 제1호에 따라 금융기관에 대하여 무과실 책임을 부담시키고 있다. 그러나 금융회사가 이용자의 고의·중과실을 입증하는 것은 매우 어려운데 이를 매우 엄격하게 해석하여 이용자의 중과실을 거의 인정하지 않는 추세이다. 이에 따라 판례나 학설의 논의는 주로 이용자의 중과실에 집중되어 왔을 뿐, 금융회사에 의해 발생한 전자금융거래 사고에 관한 논의는 전혀 이루어지지 않고 있는 현실이다. 금융회사에 의해 발생한 사고는 발생할 여지가 상당히 적지만 그 내용에 있어서 훨씬 광범위하고 심각할 수 밖에 없어 이에 대한 연구가 필요하다.

전자금융거래법 제9조에 따른 금융기관등의 책임

강희주(Kang, Hee Jeu),이상민(Lee, Sang Min) 한국증권법학회 2014 증권법연구 Vol.15 No.1

2006년 보이스피싱으로 대표되는 전자금융사기 수법이 우리 사회에 등장한지 8년 정도가 지났다. 그 동안 전자금융사기로 인한 누적 피해액은 약 4,000억원을 넘는다고 한다. 금융기관은 이를 방지하기 위하여 전산 및 보안시스템 구축에 천문학적인 투자를 하고 있으나, 전자금융사기는 여전히 줄어들지 않고 더 교묘한 수법으로 진화하고 있다. 전자금융사기의 가해자를 검거하는 것이 쉽지 않은 상황에서, 피해자들은 전자금융거래법 제9조를 근거로 금융기관들에게 전자금융사기로 인한 손해의 배상을 구하는 예가 늘어나고 있다. 최근 이와 관련된 금융기관의 책임에 관한 대법원 판결이 나왔으나 다양한 쟁점을 다루고 있지는 않으므로, 현재로서는 하급심 판결이 판시한 내용을 바탕으로 하여 관련 법적 쟁점을 살펴보아야 할 것이다. 근간에 전자금융거래법이 2013. 5. 22. 일부개정되어 2013. 11. 23.부터 시행되었다. 주요한 개정조항 중의 하나가 전자금융거래법 제9조이다. 개정 전 전자금융거래법 제9조 제1항은 “금융기관등 또는 전자금융업자는 접근매체의 위조?변조로 발생한 사고, 계약체결 또는 거래지시의 전자적 전송이나 처리 과정에서 발생한 사고로 인하여 이용자에게 손해가 발생한 경우에는 그 손해를 배상할 책임을 진다”고 규정하였다. 그런데 위 조항만으로는 개인정보 해킹, 피싱, 파밍, 공인인증서 해킹, 메모리 해킹 등 전자금융사기의 다양한 유형을 포섭하기 어렵다는 문제가 있었다. 이에 2013. 11. 23. 개정법에서는 “전자금융거래를 위한 전자적 장치 또는 정보통신망에 침입하여 거짓이나 그 밖의 부정한 방법으로 획득한 접근매체의 이용으로 발생한 사고”가 전자금융거래법 제9조 제1항에 추가되었다. 개정으로 인하여 금융기관의 손해배상책임의 범위가 확대되었으나, 그 범위에 대한 논의가 추가적으로 필요한 상황이다. 본 논문은 하급심 판례를 중심으로 전자금융사기의 유형에 따라서 금융기관의 책임을 검토하여, 전자금융거래법 제9조에 따른 금융기관의 책임에 대한 일응의 기준을 제시하고자 한다. 본 논문을 계기로 금융기관의 책임에 대한 논의가 활발해지기를 기대해 본다. 본 논문에서는 우선 다양한 전자금융사기의 형태를 유형별로 분류하고, 금융기관이 각 유형별로 전자금융거래법 제9조 제1항에 따른 책임을 부담하는지 여부를 살핀다. 나아가 금융기관의 면책사유인 피해자의 고의?중과실의 범위, 금융기관의 손해배상책임이 인정되는 경우 그 책임의 범위, 과실상계 인정 여부, 다른 손해배상책임과의 관계도 함께 검토한다. Approximately 8 years have now passed since the form of electronic financial transaction fraud known as “voice phishing” came to the fore as a significant problem in Korea. Reports indicate that the cumulative value of harm caused by such electronic financial transaction fraud during this period comes to approximately KRW 400,000,000,000. Financial institutions have been investing heavily in the establishment of computer and security systems designed to combat this problem, but the extent of electronic financial transaction fraud remains undiminished, as increasingly devious phishing techniques continue to evolve. Given the difficulties associated with making criminal arrests of perpetrators in cases involving electronic financial transaction fraud, instances of victims seeking compensatory damages, based on the provisions of Article 9 of the Electronic Financial Transaction Act (“EFTA”) are on the rise. Thus far there has been no direct ruling by the Supreme Court concerning the liability of financial institutions in this regard, but the number of lower court rulings on such issues has been steadily accumulating. The EFTA was partially amended on May 22, 2013 and the amendment became effective as of November 23, 2013. Prior to amendment, the EFTA provided, in Article 9, Paragraph 1, that: “financial institutions or other companies engaging in electronic financial business shall be liable for providing compensation for losses incurred by users due to incidents [of fraud] involving counterfeit/falsified means of access, or incidents involving errors in the handling of electronic transmission of instructions or execution of contracts.” This provision of the EFTA has proven to be problematical, however, as a result of leaving the door open to interpretations asserting that it does not include within its scope losses arising due to various forms of electronic financial transaction fraud such as phishing, pharming, hacking of signature verification hacking, memory hacking, etc. The above-mentioned amendment has therefore added the following language to Article 9, Paragraph 1 of the EFTA: “any incident [of harm or loss] arising due to the use of the means of access acquired through deception or other improper means and unauthorized accessing of electronic devices or telecommunications networks for electronic financial transactions.” As a result of this amendment, the scope of compensatory liability borne by financial institutions has been expanded. It has therefore become necessary to focus additional attention and discussion upon the ramifications of such expanded scope of liability. The purpose of this paper is to propose standards, primarily derived from an examination of available lower-court rulings concerning financial institution liability in relation to types of electronic financial transaction fraud, which will serve, for the time being, as a reasonably clear point of reference with regard to the liability of financial institutions under Article 9 of the EFTA. It is hoped that this paper will also provide an impetus for promoting more active general discussions of financial institution liability in this area.

인터넷전문은행에 관한 연구

김홍식(Kim, Hong Sik) 서강대학교 법학연구소 2018 법과기업연구 Vol.8 No.2

인터넷전문은행이란 전자금융거래의 방법인 인터넷에 기반한 비대면방식으로 은행업무를 수행하는 금융기관으로 파악할 수 있겠다. 인터넷전문은행은 기존의 은행들과는 태생적으로 다른 유형의 은행이라고 할 수 있기에, 기존의 은행들에게 적용되는 은행법과는 다르게 특례법의 형태로 인터넷전문은행과 관련된 법률관계를 규율하는 것이 바람직 하다고 본다. 인터넷전문은행도 현행법제상 은행법의 적용을 받는 은행이기에 전자금융거래법의 적용을 받게 되는데, 이러한 전자금융거래법과 관련된 법적논점은 다음과 같다. 먼저 인터넷전문은행은 설립초기에 과도한 비용부담 등을 감안하여 IT전문업체 등에 대하여 전산설비의 위탁을 허용하였는데, 전산설비를 위탁받은 IT전문업체는 전자금융거래법 및 전자금융 감독규정을 종합적으로 고려하여 볼 때 전자금융보조업자의 일종으로 볼 수 있겠다. 전자금융거래법상 정의된 접근매체이외에 거래지시를 하는데 사용되는 수단이나 정보를 ‘접근도구’라는 개념의 신설에 대하여 긍정적인 방향이라고 생각하나, 전자금융거래법에 규정된 전자금융사고의 3가지 유형을 대체하는 무권한 거래개념을 신설하여 금융기관이 이러한 무권한거래에 대하여 무과실 책임을 부담한다는 설정은 과도한 측면이 있다. 또한 이용자 입장에서는 금융사고의 원인이 접근매체의 위조·변조인지 해킹인지 기술적으로 접근하여 그 유형 및 경위를 입증해 낸다는 것은 사실상 불가능에 가까운 경우가 많기에 전자금융시스템 및 기술적 영역을 지배·관리할 수 있는 금융기관이 법에서 정한 금융사고의 원인이 아니었음을 입증하는 것이 타당하다. 그리고 금융기관의 면책사유인 고의·중과실 요건을 삭제하고 기간내 이의미제기라는 사유 만을 금융기관의 면책사유로 본다는 것은 다양하게 나타날 수 있는 고의·중과실의 태양을 배제하는 것이 되며, 이용자가 일정기간 내 이의제기를 한 것만으로 고의·중과실 여부를 묻지 않고 금융기관이 원칙적으로 무과실 책임을 부담한다는 것도 금융기관으로서는 가혹할 수 있다. 전자금융거래법 개정안은 접근매체의 도난·분실로 인하여 이용자에게 발생한 손해에 대해서 통지 전에 발생한 손해라도 원칙적으로 금융기관이 손해배상책임을 부담하며, 다만 이용자가 언제 통지하였는지에 따라 금융기관과 이용자 간의 손해배상책임을 배분하고 있는데, 이렇게 이용자의 자의적인 통지시점에 따라 손해배상액을 배분한다는 것은 합리적이지 않으며, 자칫 이용자의 도덕적 해의가 발생할 가능성이 있다. An Internet-only bank can be identified as a financial institution that performs banking operations in a non-faced manner, a method of electronic financial transactions. Since Internet-only banks are inherently different from traditional banks, special type of laws should be applied to Internet-only banks(hereinafter IOB). IOB are subject to Electronic Financial Transactions Act(hereinafter EFTA) because they are basically banks subject to the Banking Law. The legal issues related to EFTA are as follows. First, IOB will allow IT professional company to outsource computer equipment in consideration of excessive cost. IT professional company can be regarded as a subsidiary electronic financial business entity who assists in electronic financial transactions by EFTA. It is positive to create the concept of "access tools" in terms of the means or information used to direct transactions other than Means of Access in EFTA. However, it is not reasonable to create Unauthorized transaction to replace electronic financial incident in EFTA. In addition, for users, it is often virtually impossible to prove the type and circumstances of financial incident by technically approaching whether the cause of incident is fraud, modulation, or hacking by mean of access. It is reasonable to verify that the financial institution that can manage the electronic financial system was responsible for verifying malice of financial institutions was not the cause of financial incident. It is unreasonable to replace the intentional and gross negligence requirements, which are the reasons for immunity of financial institutions, with no objection within the period. Finally, revision of EFTA assumes the responsibility of financial institutions in principle to compensate users for damages incurred prior to notification of damages caused by theft or loss of means of access. However, responsibility for damages is allocated between financial institutions and users according to when they are notified. It is not reasonable to allocate damages according to the users" arbitrary notice. There is a potential for moral hazard to users.