In an announcement made on 15 February 2021, the Bank of Thailand introduced additional regulations surrounding the supervision of Security of Information Technology Systems by e-payment services providers, specifically non-bank institutions, in order to improve resiliency against mounting cybersecurity risks, protect consumers, and to ensure Thailand’s e-payment infrastructure is in line with industry best practices. The central bank has stated that the criteria underlined by the new regulations will be applicable to only non-bank institutions that provide e-payment services. The requirements under the new regulations feature the same criteria as existing regulations controlling the security of information technology systems for financial institutions.
Sirithida Panomwon Na Ayudhya, assistant governor of payment systems policy and financial technology, broke down the regulations into two main areas: cyber-hygiene, which refers to building and improving security infrastructure for protection against malware and other malicious software, and IT risk management. Service providers will be required to implement six primary facets relevant to cyberhygiene starting 29 April 2021,…
