How to Use This Bible
This document is the single source of truth for AI compliance in South Korea. It covers the AI Basic Act (Act No. 20771), the Personal Information Protection Act (PIPA), and all intersecting regulations as of June 2026. Each chapter builds on the previous one. Read Chapter 1 for the regulatory landscape, Chapter 2 for risk classification, and proceed through to the practical checklist in Chapter 8. Korean legal terms are provided in parentheses where they aid precision.
Want to monitor your AI compliance automatically? Try AIOS — your AI compliance OS. https://mmoww.net/ai/app/
Quick Decision Matrix
Use this matrix to determine your AI compliance obligations.
| Your Situation | Risk Level | Priority Action | Go To |
|---|---|---|---|
| Deploying AI that affects employment decisions | High | Impact assessment required | Chapter 3 |
| Using AI for customer-facing services | Medium-High | Transparency obligations apply | Chapter 4 |
| Internal AI tools (analytics, automation) | Medium | Document and monitor | Chapter 5 |
| AI in regulated sector (finance, health) | High | Sector-specific rules apply | Chapter 3 |
| Procuring AI from third-party vendor | Medium | Vendor due diligence needed | Chapter 5 |
| Just exploring AI for the first time | Low | Start with governance framework | Chapter 2 |
5-second answer: If your AI system makes decisions that affect people, you have compliance obligations. Start with Chapter 2 for the regulatory framework, then Chapter 3 for your specific obligations.