On April 12, 2025, Thailand published an amendment to the Emergency Decree on Measures for the Prevention and Suppression of Technological Crimes in the Government Gazette, with the regulation taking effect the following day.
Drafts of the amendment had been shared in recent months, and the final amendment of the decree contains some additional key revisions, such as narrowing the business operators subject to the decree’s requirements, reducing operators’ obligations, and establishing collaboration between relevant stakeholders to tackle technology crime.
These key revisions to the amendment are detailed below.
- Business operators subject to the decree: The business operators covered under the decree now include only payment service providers under the Payment System Act and digital asset operators under the Royal Decree on Digital Asset Businesses. Digital platform services under the Royal Decree on Digital Platform Service Businesses That Are Subject to Prior Notification are no longer within the scope of the decree.
- Definition of technology crime: The final version of the amendment removed the expanded definition of technology crime that had been included in a previous draft, leaving the decree’s existing definition unchanged.
- Telecommunications provider obligations: Mobile and telecommunications service providers now have an obligation to monitor and screen for content that may be related to technology crime and suspend SIM cards when instructed to do so by the National Broadcasting and Telecommunications Commission (NBTC).
- Transaction and account suspension: The amendment removes the decree’s complex transaction suspension procedures and leaves room for business-specific regulators (e.g., Bank of Thailand, Securities and Exchange Commission, NBTC) to impose various technology crime suspension requirements on business operators under their supervision. The newly established Center for Prevention and Suppression of Technology Crimes can also notify financial institutions and business operators of names or digital asset wallet addresses that may be related to technology crime, triggering an obligation to suspend the accounts.
- Shared liability: Although digital platform service providers are not in the scope of business operators under the amended decree, online social media platform operators are still jointly accountable with other operators (i.e., financial institutions, business operators, and related service providers) for damages from technology crime. To be released from this liability, operators have to prove their compliance with the technology crime standards and measures stipulated by their regulators (safe harbor rules).
Business operators will need to wait and see how their sector-specific regulators impose requirements to combat technology crime. Online social media platforms should closely monitor the safe harbor rules, which are expected to be issued soon.
