Key Amendments and Enhanced Compliance Duties under Thailand’s Emergency Decree on Technological Crime Prevention (No. 2), B.E. 2568 (2025)

Highlights

Key Amendments:
Digital asset business operators outside Thailand must obtain a license under Thai law if they target users in Thailand via any of the following:

Triggers for Licensing Obligation

📌 Trigger

💬 Description

🌐 Thai Language Interface

Platform/service available in Thai

🌍 Thai Domain Names

Uses “.th”, “.ไทย”, domains in Thai or suggesting Thai affiliation

💰 Thai Currency Payment Options

Accepts or enables THB payments or Thai wallets/accounts

⚖️ Thai Legal Jurisdiction

Transactions governed by Thai law or Thai courts

🔎 Search Ads Targeting Thailand

Pays for search ads aimed at Thai users

🏢 Local Support Presence

Office, staff, or customer support located in Thailand

————————————————————

The Emergency Decree on Measures for the Prevention and Suppression of Technological Crimes (No. 2) B.E. 2568 (2025) (“Emergency Decree”), which took effect on 13 April 2025, introduces several significant amendments to its predecessor.

The recent amendments are designed to strengthen protections for Thai investors by introducing more comprehensive measures to prevent and suppress technology-related crimes.

Key changes include enhancements to measures required to be performed by the financial institutions and other business operators for the prevention and suppression of technology related-crimes, the enhancement of victim compensation process, the imposition of joint liability on financial institutions and business operators for damages arising from technology-related crimes, and the introduction of stricter penalties for offenses related to technological crimes. The amendments also expand the responsibilities of financial institutions, telecommunications providers, and digital platforms, requiring them to take proactive steps in detecting, reporting, and mitigating technology-related crime risks

In the following sections, we will outline the major amendments and analyze their impact on financial institutions and business operators in the relevant sectors.

Business Operator Definition

The scope of “business operator” under the Emergency Decree is now expanded to cover Digital Assets Business Operators under the Emergency Decree on Digital Asset Business B.E. 2561 (2018) (“Emergency Decree on Digital Asset Business”). As a result, the Emergency Decree now includes business operators under the Payment System Act B.E. 2560 (2017) and business operators under the Royal Decree on Digital Asset Business.

Imposition of Additional Duties

The Emergency Decree imposes several duties, which essentially include, for example:

  1. Financial institutions and digital asset business operators are now required to adhere to specific procedures and measures aimed at combating technology-related crimes. These obligations include disclosing or exchanging information with other business operators and financial institutions, and must also comply with requirements to refuse the opening of accounts, suspend services or transactions, or close accounts that are linked to technology-related crimes.
  2. Telecom operators or other related service providers are now required to actively monitor and screen the use of short message service (SMS) communications that may be linked to technology-related crimes. Upon receiving an order from relevant government authorities, these providers must promptly suspend the provision of telecommunications services as necessary to prevent or halt criminal activities.

Imposing Additional Authorities on Relevant Government Agencies

The Emergency Decree grants extensive powers to relevant government agencies to combat technology-related crimes. Key examples of these powers include:

  1. Empowering the Transaction Committee under the Anti-Money Laundering laws to consider and authorize fund return to victims without requiring court proceedings.
  2. Empowering the Ministry of Digital Economy and Society (MDES), through its authorized officials, to take action against any website or application operated by digital asset business operators who have not obtained the required license under the Emergency Decree on Digital Asset Business. This authority includes the power to block access to websites or applications operated by foreign digital asset business operators that provide services within the Kingdom of Thailand without the required license.

Victim compensation

Business operators, financial institutions, and telecom operators are required to share liability for compensating victims of technology-related crimes, unless they can prove that they have complied with the standards and procedures determined by the relevant government agencies.

Additional Penalties.

Any Business operators, financial institutions or telecom operators who fail to comply with the duties under the Emergency Decree may be subject to a fine or imprisonment depending on the applicable violation.

————————————————————

For more in-depth information on any of the above, please reach out to Sittiwate Jewsittiprapai at
sittiwate.j@wiseequitylegal.com or Noraseth Ohpanayikool at noraseth.o@wiseequitylegal.com or Teerachai Boonyaratgalin at teerachai.b@wiseequitylegal.com.

Related Professionals

Sittiwate

Sittiwate Jewsittiprapai

Email

Noraseth Ohpanayikool

Email

Teerachai Boonyaratgalin

Email

Company

Home

Our Firm

Success Deals

Legal Insights

News Activities

Our Services

Corporate M&A

Capital Markets

Regulatory Advice

Dispute Resolution

Tax

Contact Info

© 2025 Wise Equity All Rights Reserved | Terms & Conditions | Privacy Policy