Thailand’s Progress on Accession to the Cross-Border Paperless Trade Agreement
The Framework Agreement on Facilitation of Cross-Border Paperless Trade in Asia and the Pacific (CPTA) is an international agreement developed under the auspices of the United Nations Economic and Social Commission for Asia and the Pacific (UNESCAP). The CPTA entered into force on 20 February 2021, with the objective of promoting the digitalization of cross-border trade while fostering legal and technical interoperability among participating countries.
Key Objectives of the CPTA
The CPTA aims to achieve the following strategic objectives:
Facilitate international trade – Streamline cross-border trade processes by promoting digital systems and reducing reliance on paper-based documentation.
Promote the use of electronic trade documents – Encourage member countries to recognize electronic documents as legally equivalent to their paper counterparts.
Improve efficiency and transparency – Accelerate customs procedures, minimize processing errors, and enhance visibility in international trade transactions.
Reduce trade costs and processing time – Eliminate the need for printing, mailing, and storing paper documents while optimizing overall trade workflows.
Accession Procedure
While the CPTA was opening for execution from 1 October 2016 to 30 September 2017, countries that did not enter into the CPTA during this period, including Thailand, may consider becoming contracting parties to the CPTA through the formal accession process.
Accession Requirements
Submission of Instrument of Accession – The country must prepare and submit this formal document to the Secretary-General of the United Nations.
Effective Date – The CPTA becomes legally binding for the acceding country following a 90-day period after the Secretary-General receives the Instrument of Accession.
Legal and Regulatory Framework – No requirement for the contracting party to amend its domestic laws prior to accession. However, upon becoming a party, it is obligated to align its local legal framework with the obligations set forth in the agreement.
Thailand’s Current Position and Progress
On 26 August 2025, the Thai Cabinet resolved to approve Thailand’s accession to the CPTA, assigning the Ministry of Foreign Affairs to prepare the Instrument of Accession and submit it to the Secretary-General of the United Nations.
Implementation Timeline for Thailand
Preparation and Submission – The Ministry of Foreign Affairs is currently in the process of preparing the Instrument of Accession for submission to the Secretary-General of the United Nations.
Waiting Period – Observe the mandatory 90-day period following submission, after which the CPTA will become legally binding on Thailand.
Domestic Coordination – Following the 90-day period and the entry into force of the CPTA, Thailand will begin a phased implementation process. While the CPTA does not set a fixed deadline, the implementation is expected to proceed progressively based on the country’s readiness.
Conclusion
The Cabinet’s approval for Thailand to initiate the CPTA accession process demonstrates the country’s commitment to enhancing trade systems and strengthening digital cooperation in the region. While Thailand is not yet a Party to the agreement, this development represents a significant milestone that warrants close monitoring, as it may substantially influence the future of cross-border trade between Thailand contracting parties.
Cloud: Government Poised to Launch ‘Go Cloud First’ Policy – Implications and Preparations
In a significant step toward digital transformation, the Thai government is poised to fully implement its “Go Cloud First” policy, mandating the prioritization of cloud computing for public sector IT infrastructure and services. Approved by the Cabinet in September 2023 and further reinforced in June 2024, this initiative aligns with the National Strategy (2018–2037) and the Digital Government Organization Act B.E. 2562 (2019). The Digital Government Development Agency (DGA) has released key drafts in July 2025, including frameworks and guidelines, with implementation slated to begin on October 1, 2025. This move aims to enhance efficiency, security, and service delivery across government agencies, marking a pivotal shift from traditional on-premises systems to scalable cloud solutions.
The policy encompasses a comprehensive framework for cloud management, data classification, and usage guidelines, ensuring that cloud adoption supports national goals of digital economy growth while safeguarding data sovereignty. As Thailand joins global peers in leveraging cloud technology, this article explores the policy’s details, its anticipated effects, and the necessary preparations for cloud service providers.
Overview of the Cloud-First Policy and Guidelines:
The “Go Cloud First” policy requires all government entities—including central administrations, local governments, state enterprises, and independent organizations—to adopt cloud services as the primary IT approach. Key documents outline the roadmap:
Cloud Management Framework (Version 7): This draft announcement establishes preferences for public clouds, mandates data centers within Thailand (with exceptions requiring DGA approval), and requires sovereign clouds for highly sensitive data. Agencies must design cloud-native systems, implement security measures, and connect to a central management platform overseen by the DGA.
Cloud Data Classification Guideline (Version 1.0): Data is categorized into three levels—Official (low-risk), Protected (medium-risk), and Highly Protected (high-risk)—based on the CIA triad (Confidentiality, Integrity, and Availability) and risk assessments. Highly Protected Data must use community or sovereign clouds to maintain sovereignty and comply with laws like the Personal Data Protection Act B.E. 2562 (2019).
Government Cloud Usage Guideline (Version 1.0): This provides principles for procurement, security, and best practices, emphasizing public clouds first, followed by private, community, or hybrid models. It covers service types (IaaS, PaaS, SaaS), migration strategies, cost management, backup protocols, and exit planning to avoid vendor lock-in.
These guidelines, developed by the DGA and approved for consultation by the Digital Government Development Committee (DGDC) in July 2025, ensure procurement aligns with the Public Procurement and Supplies Administration Act B.E. 2560 (2017), promoting transparency and value for money.
Effects of the Policy Implementation:
The adoption of cloud usage under the “Go Cloud First” policy is expected to yield multifaceted benefits, transforming government operations and the broader economy. Key effects include:
Enhanced Efficiency and Service Delivery
By shifting to cloud-based systems, government agencies can achieve greater scalability and flexibility, enabling faster deployment of digital services. This will reduce downtime, streamline data sharing among agencies, and improve citizen access to services such as e-government portals, potentially cutting administrative delays by up to 50% in routine processes. The policy’s emphasis on cloud-native designs will foster innovation, allowing for rapid updates and integration with emerging technologies like AI and big data analytics.
Cost Savings and Resource Optimization
Traditional IT infrastructure often involves high upfront costs for hardware and maintenance. The pay-per-use model of cloud services is projected to lower expenses by 20-30%, freeing up budgets for other priorities. Tools like pricing calculators and billing alerts will enable real-time monitoring, preventing overspending and promoting fiscal responsibility.
Improved Security and Data Sovereignty
With mandatory data classification and security standards aligned with the Cybersecurity Act B.E. 2562 (2019), the policy will bolster defenses against cyber threats. Requiring data storage in Thailand enhances sovereignty, reducing risks from foreign data breaches and ensuring compliance with national laws. This could lead to fewer incidents of data loss, build public trust in digital government services.
Economic and Societal Impacts
On a macro level, the policy will stimulate the domestic cloud market, creating jobs in IT and related sectors while attracting investments from global providers. It supports Thailand’s digital economy ambitions, potentially boosting GDP growth through increased productivity. However, challenges such as the need for workforce upskilling and potential initial disruptions during migration must be managed to mitigate short-term effects.
Overall, these effects position Thailand as a regional leader in digital governance, aligning with ASEAN’s digital integration goals.
Addressing Potential Concerns and Global Precedents:
While the “Go Cloud First” policy promises substantial advantages, it has sparked debates regarding potential risks, particularly in areas of national security, data sovereignty, and privacy. Critics argue that relying on cloud services, especially from foreign providers, could lead to loss of control over sensitive data transferred abroad, increasing vulnerabilities to cyber-attacks or unauthorized access. Concerns include jurisdictional ambiguities, where foreign governments might compel access to data under their laws, potentially violating Thai data secrecy and personal privacy protections. Additionally, there are worries about unencrypted data exposure, misuse through AI analysis by providers for business or intelligence purposes, and broader implications for financial institutions handling critical economic data. These issues underscore the need for robust local cloud development, stringent data classification, encryption, multi-factor authentication, and continuous monitoring to safeguard national interests.
However, these concerns can be effectively mitigated, as evidenced by successful cloud adoptions in Western financial sectors. Major banks in the US and Europe have embraced cloud technologies from providers like AWS, Azure, and Google Cloud, demonstrating that with proper safeguards, the benefits outweigh the risks. For instance, JPMorgan Chase and Bank of America have partnered with Microsoft Azure to enhance their operations, leveraging the platform for improved resilience and innovation in services like fraud detection and customer analytics. Wells Fargo employs a multi-cloud strategy with both Azure and Google Cloud, focusing on scalability and data management while maintaining compliance with stringent regulations such as the Gramm-Leach-Bliley Act. In Europe, HSBC and Barclays have integrated AWS for core banking functions, achieving cost efficiencies and faster digital transformations without compromising security. Capital One, a prominent US bank, completed a full migration to AWS, resulting in enhanced agility and reduced infrastructure costs, serving as a model for secure cloud usage in regulated environments. These examples illustrate how Western banks navigate similar sovereignty and privacy challenges through hybrid models, data localization where required, and advanced encryption, leading to operational improvements and regulatory adherence.
Cloud providers further bolster these efforts with robust policies designed to resist unwarranted government or third-party data access. Amazon Web Services (AWS) adheres to the Clarifying Lawful Overseas Use of Data (CLOUD) Act, which requires legal processes like warrants for data disclosure, and publishes transparency reports detailing government requests while challenging overbroad demands in court. Microsoft Azure emphasizes data sovereignty through regional data centers and commitments to only disclose data when legally compelled, often pushing back against requests lacking proper authorization under frameworks like the EU’s GDPR. Google Cloud similarly prioritizes user privacy, offering tools for data residency and encryption keys managed by customers, and has a history of litigating against U.S. government surveillance orders to protect client information from unauthorized access. These policies, combined with compliance certifications like ISO 27001 and SOC 2, enable providers to safeguard data against external pressures, providing reassurance for Thai agencies adopting cloud solutions.
Preparations for Cloud Providers:
To capitalize on this opportunity, cloud service providers must align with the policy’s stringent requirements. The DGA will evaluate and certify providers, publishing an approved list for government procurement. Key preparations include:
Aspect
Requirements
Actions for Providers
Compliance and Certification
Providers must meet DGA standards for security, data classification, and management. Certification may involve fees and annual reviews.
Undergo DGA evaluations, implement controls per the Cybersecurity Standards for Cloud Systems (2024), and prepare documentation for audits.
Data Localization
Data centers and storage must be in Thailand, with sovereign cloud options for sensitive data.
Invest in local infrastructure or partner with Thai entities to ensure compliance, avoiding offshoring without approvals.
Security and Best Practices
Support VPCs, encryption, vulnerability testing, and backup/recovery tools.
Enhance offerings with features like AWS Backup or Azure Backup, provide training on secure configurations, and develop exit strategies to prevent lock-in.
Service Models and Scalability
Offer IaaS, PaaS, SaaS with flexible pricing and migration support.
Customize solutions for government needs, including pricing calculators and alerts, while ensuring interoperability with existing systems.
Ecosystem Engagement
Participate in public consultations and DGA collaborations.
Engage in training programs, contribute to the cloud ecosystem, and monitor updates via DGA resources like https://kb.dga.or.th/cloud/.
Providers who proactively address these areas will gain a competitive edge in serving Thailand’s public sector, estimated to expand significantly under the policy.
Conclusion:
The Thai government’s launch of widespread cloud usage through the “Go Cloud First” policy represents a forward-thinking commitment to digital excellence. By fostering efficiency, security, and innovation, it promises substantial benefits for citizens and the economy. While valid concerns exist, global precedents from Western banking sectors and strong provider policies demonstrate viable paths to secure implementation. Cloud providers, in turn, must prioritize compliance and localization to thrive in this evolving landscape. As implementation unfolds, ongoing collaboration between the DGA, agencies, and industry stakeholders will be crucial to realizing the full potential of this transformative initiative.
Key Takeaways:
Enhanced Data Security: Compared to the current decentralized systems used by individual agencies, the cloud-based approach with standardized security protocols and centralized oversight will provide stronger protection for government data.
Strategic Shift: Thailand’s “Go Cloud First” policy, effective October 2025, mandates cloud prioritization for government IT, aligning with national digital economy goals.
Operational Benefits: Cloud adoption will enhance efficiency, reduce costs by 20-30%, and improve service delivery through scalable, cloud-native systems.
Security and Sovereignty: Strict data classification and local storage requirements ensure compliance with Thai laws, reducing cyber risks and enhancing trust.
Global Precedents: Western banks like JPMorgan Chase and HSBC demonstrate secure cloud use, mitigating concerns about data privacy and sovereignty.
Provider Readiness: Cloud providers must invest in local infrastructure, comply with DGA standards, and offer robust security to serve Thailand’s public sector effectively.
Government Control: Regardless of which cloud provider the government uses, the government retains sovereignty and control over its data through mandated localization and policy safeguards.
Trade Competition: Draft Guideline on Unfair Trade Practices in Digital Platforms
Introduction:
The rapid expansion of digital markets, particularly in e-commerce and multi-sided platform businesses, has raised significant concerns regarding unfair trade practices and monopolistic behaviors. To address these issues, the Trade Competition Commission of Thailand (TCCT) has issued the Draft Guidelines for Considering Unfair Trade Practices and Monopolistic Acts in Multi-Sided Platform Businesses, Digital Services, and E-Commerce (the “Draft Guideline”). Open for public consultation from August 19, 2025, to September 18, 2025, these guidelines aim to strengthen regulatory oversight under the Trade Competition Act B.E. 2560 (2017) (the “Act”). This document outlines the key provisions of the Draft, the types of anti-competitive conduct it targets, and its implications for stakeholders in the digital economy.
Purpose of the Guidelines:
The Act seeks to promote free and fair competition in multi-sided platform markets, including e-commerce and digital services, by establishing clear guidelines for business conduct. The Draft Guideline addresses collaborative agreements or legal arrangements between digital platform operators and other businesses in related markets, ensuring compliance with the Act and associated legal frameworks. By doing so, the TCCT aims to prevent monopolistic practices and foster a competitive environment that benefits all market participants.
Categories of Anti-Competitive Conduct:
The Draft Guideline identifies two primary categories of conduct that may undermine competition or constitute unfair trade practices: price-related and non-price-related behaviors.
The following practices are highlighted as potentially anti-competitive:
Predatory Pricing: Setting prices below the average total cost without legitimate economic justification, with the intent to eliminate competitors.
Rate Parity Clauses: Mandating uniform pricing across all sales channels, prohibiting sellers from offering lower prices on competing platforms.
Resale Price Maintenance: Imposing fixed resale prices on sellers and enforcing compliance through penalties, such as refusal to supply.
Unjustified Commissions and Fees: Levying excessive or discriminatory fees, including commissions, advertising, logistics, promotional, or payment processing fees, without reasonable justification. Examples include:
Setting fees at excessively high levels;
Aligning fees with competitors’ rates (parallel pricing);
Charging fees below average total cost to engage in predatory pricing; or
Practicing price discrimination, such as charging different rates to “mall sellers” compared to regular sellers.
Algorithmic Price Manipulation: Utilizing algorithms or automated tools to distort market prices unfairly, such as manipulating price rankings to favor certain sellers.
2. Non-Price-Related Conduct:
The Draft Guideline also addresses non-price behaviors that may restrict competition, including:
Self-Preferencing: Prioritizing the platform’s own products or those of affiliated sellers, while reducing the visibility of competitors’ offerings.
Bundling or Forced Usage: Imposing mandatory conditions, such as requiring sellers to use the platform’s proprietary payment gateway or participate in specific promotional events (e.g., “double date sales”).
Exclusive Dealing: Enforcing unconditional or predetermined exclusivity arrangements that limit sellers’ ability to engage with other platforms.
Discriminatory Practices: Engaging in unfair product rankings among sellers of identical goods or favoring the platform’s in-house logistics provider over competitors.
Data Leveraging: Using seller data collected on the platform to gain an unfair competitive advantage for the platform’s affiliated businesses.
Collusion: Coordinating with rival platforms or sellers on competitive elements, such as advertisement keyword bidding.
Other Restrictive Practices: Any conduct that results in monopolization, reduces competition, or restricts fair market practices.
Stakeholders Impacted:
The Draft Guideline will be enforced in a broad range of stakeholders who are considered to hold a dominant position in the market, including:
Digital platform operators in e-commerce and service sectors;
Sellers and merchants operating on these platforms;
Logistics and payment service providers; and
Advertisers and affiliate partners.
Businesses will face increased scrutiny, particularly where practices lack reasonable economic, business, or technological justification. Common practices, such as mandatory use of logistics partners or rate-parity clauses, may now be subject to regulatory challenge.
Conclusion:
The Draft Guideline reflects the TCCT’s heightened focus on regulating the digital economy, particularly platforms with significant market influence. Businesses operating in multi-sided platform markets must review their commercial strategies, pricing structures, and data practices to ensure compliance with the proposed regulations.
Key Takeaways:
Businesses must evaluate their practices to ensure compliance, particularly regarding pricing, data usage, and contractual arrangements.
The TCCT’s Draft Guideline targets unfair trade practices and monopolistic behaviors in digital platforms, with a focus on e-commerce and multi-sided markets.
Anti-competitive conduct is categorized into price-related (e.g., predatory pricing and rate parity clauses) and non-price-related behaviors (e.g., self-preferencing and exclusive dealing).
Stakeholders, including platform operators, sellers, logistics providers, and advertisers, will face increased regulatory scrutiny.
Digital Economy: Government Approves Comprehensive Three-Year Data Strategy and Advances AI and Smart City Initiatives
On August 21, 2025, the National Digital Economy and Society Committee convened to approve a series of transformative resolutions aimed at bolstering digital infrastructure, artificial intelligence (AI) development, and smart city initiatives. These decisions underscore the government’s commitment to fostering economic growth, enhancing national competitiveness, and ensuring a sustainable digital future for all citizens.
National Data Strategy:
The committee approved a three-year National Data Policy and Strategy, designed to provide a robust framework for digital transformation. The strategy focuses on four key pillars:
Data Infrastructure: Developing a resilient foundation for managing large-scale datasets to support digital innovation.
Data Governance: Establishing clear standards to enhance trust and efficiency in digital services.
Data Utilization: Promoting secure and widespread use of data across public and private sectors.
Digital Workforce: Cultivating a skilled workforce to meet the demands of the digital economy.
National Artificial Intelligence Committee:
A National AI Committee was established to oversee the implementation of the country’s AI action plan. The committee’s objectives include:
Advancing local talent and technological innovation in AI.
Leveraging AI to drive economic competitiveness.
Utilizing AI to address social and environmental challenges, thereby improving the quality of life.
Smart City Development:
The committee extended Smart City certifications for 16 existing projects and granted a new Smart Area certification to the Phuket Tinicon Valley Project, increasing the total number of certified smart cities to 37 across 25 provinces. Notable projects include Mae Moh Smart Living City (Lampang), Khlong Phadung Krung Kasem (Bangkok), Yala Smart City for Civic Engagement, and Samyan Smart City (Bangkok), each achieving over 80% progress. Since 2021, private sector investment in smart city development has surpassed 30.9 billion baht, driven by tax incentives and public procurement privileges. These initiatives integrate advanced technologies, such as intelligent transportation systems and clean energy management, to enhance urban living standards.
Public Internet Network Expansion:
The committee endorsed the management of the National Broadband Network, “Net Pracharat,” under an Open Access Network model. This initiative aims to ensure equitable and universal internet access, particularly in underserved areas. The Office of the National Digital Economy and Society Commission will lead the implementation, focusing on:
Economic Empowerment: Enabling citizens in remote areas to access online markets, thereby increasing income opportunities through activities such as selling agricultural products and handicrafts.
Cost Reduction: Lowering internet service costs by expanding access through government-supported infrastructure and making digital services more affordable.
Economic and Social Impacts:
The approved initiatives are poised to deliver significant economic and social benefits. The public internet network will bridge the digital divide, fostering economic inclusion and reducing connectivity costs. Smart city developments will enhance urban management, attract private investment, and improve residents’ quality of life through sustainable and innovative solutions.
Key Takeaways:
These initiatives reflect a commitment to building a competitive, inclusive, and sustainable digital economy.
The three-year National Data Strategy emphasizes data infrastructure, governance, utilization, and workforce development to drive digital transformation.
The establishment of a National AI Committee will advance AI innovation, economic growth, and solutions for social and environmental challenges.
Smart city certifications have been extended to 16 projects, with a new certification for the Phuket Tinicon Valley Project, contributing to 37 smart cities across 25 provinces.
The Open Access Network model for “Net Pracharat” will enhance internet accessibility, reduce costs, and create economic opportunities for citizens.
The outbreak of the COVID-19 pandemic has significantly altered consumer behavior, leading to a surge in reliance on digital platforms for activities like shopping and food delivery. This shift has played a pivotal role in the rapid growth of the digital economy, both in Thailand and globally. Citizens have become increasingly dependent on these platforms, which offer convenience and ease in daily life. As digital platforms now cover almost every facet of modern existence, the government has recognized the need to regulate these services to ensure economic and social stability, enhance credibility, and mitigate any potential risks to the public at large.
In response to this, Thailand initially enacted the Royal Decree on the Operation of Digital Platform Service Business Subject to Prior Notification B.E. 2565 (2022) (“Royal Decree”), which regulates and imposes obligations on digital platform service operators. These operators, such as Shopee or Lazada, manage platforms that connect business users and consumers through data networks to facilitate electronic transactions. However, recognizing the evolving landscape, the Ministry of Digital Economy and Society (“MDES“) has proposed the Draft Digital Platform Economy Act B.E. …. (the “Draft Bill”), which aims to expand regulation to include a broader range of platform services not covered under the Royal Decree, also known as, digital media services.
The Draft Bill seeks to regulate various digital platform services more comprehensively, promoting fair trade, encouraging self-regulation, and supporting operators in adopting good governance principles. Below are the key aspects of the Draft Bill.
Categorization of Digital Media Services
The Draft Bill defines Digital Media Services as any service provided over a computer network, internet system, or telecommunications network that acts as a medium between the sender and the data receiver. It categorizes these services into three types, each with distinct legal responsibilities for the operators:
Mere Conduit Service: This refers to the provision of electronic data transmission services or access to an electronic communications network. Mere conduit providers are not liable for illegal activities during data transmission, as long as they can prove they neither initiated the data nor altered it in any way.
Caching Service: Caching services involve temporary data storage for faster transmission. Providers are not held responsible for illegal activities, provided they meet the terms for data access and follow standard industry practices.
Hosting Service: Hosting services provide data storage on behalf of users. These providers are only held accountable if they are aware of illegal content stored and fail to take action by either removing or blocking access to it.
General Obligations for Digital Media Services Platform Operators
Under the Draft Bill, platform operators are required to comply with obligations prescribed in Chapter 3 of the Draft Bill, which includes notifying the users of their rights and obligations, as well as the risks associated with using digital media services; providing a complaint resolution channel that responds within 24 hours and reports on the investigation outcome within 60 days; disclosing advertising information, publishing clear terms and conditions, as mandated by the law, and appointing a point of contact to liaise with the Electronic Transactions Development Agency (“ETDA“).
Very Large Online Platform (VLOP)
The Draft Bill introduces the concept of Very Large Online Platforms (“VLOP“). To qualify as a VLOP, a platform must meet one of the following criteria:
A net income (before expenses) of over 1,000 million Baht per year from the provision of services in Thailand.
More than 6 million active users per month.
Poses a high risk to the economic or social security of Thailand, as determined by the ETDA.
VLOPs are subject to additional obligations, such as reporting data to the ETDA, tracking business users’ activities, suspending services for users engaged in serious illegal activities, and submitting annual transparency reports.
Core Platform Services & Gatekeepers
Chapter 5 of the Draft Bill defines core platform services and identifies platform operators that act as “gatekeepers” to other service providers. Core platform services currently include 10 types of digital media services such as online search engines, video-sharing services, cloud computing, and online advertising services, among others. A platform operator may be classified as a gatekeeper if it meets three criteria:
Significant impact on the economy, with annual income (before expenses) exceeding 7 billion Baht.
Serves as a critical gateway for business users to reach end users, with more than 15 million consumer users and 10,000 business users annually.
Has the power to limit competition from other platform service providers, maintaining a dominant position.
Gatekeepers are subject to additional responsibilities, such as ensuring fair treatment of business users, facilitating free communication between consumers and businesses, preventing unfair practices that hinder competition, and more.
ETDA and Digital Platform Economy Committee’s Power to Enforce Data Platform’s Compliance
In order to enforce the Draft Bill effectively, the Draft Bill grants ETDA various powers to enforce compliance, including but not limited to the power to request data from platform operators to assess compliance, power to access and inspect platforms’ computer systems and physical premises if there is reasonable suspicion of illegal activities, the power to impose fines, service suspensions, or even criminal charges for severe violations.
Regulatory Transition
To ensure a smooth transition in the enforcement of this Draft Bill from the existing Royal Decree, the Draft Bill includes a grandfather clause allowing the platform operators who have already submitted notification under the Royal Decree to be deemed to have been notified under this Draft Bill as well. Nonetheless, they are required to update their information to align with the new requirement within 120 days of its enactment. Whilst the Royal Decree shall cease to be effective on the enforcement date of this Draft Bill, the sub-ordinate regulations issued under the Royal Decree shall remain in effect for as long as they do not conflict with the Draft Bill, or the new-subordinate regulation to be issued under the Draft Bill.
Conclusion
The Draft Bill represents a proactive step toward regulating the rapidly expanding digital economy in Thailand. By establishing clear guidelines for digital platform operators, categorizing services, and introducing additional obligations for large and influential platforms, the Draft Bill aims to foster fair competition, ensure consumer protection, and maintain economic stability. As digital platforms continue to play an integral role in modern society, this legislation will be crucial in balancing innovation with accountability, ensuring that the digital economy can thrive in a secure and sustainable manner. As such, the passage of the Draft Bill will likely have far-reaching implications, not only for platform operators but also for the broader economy and society.
BOI Launches New Measures to Boost Affordable Housing Investment
BOI Launches New Measures to Boost Affordable Housing Investment
The Board of Investment (BOI) has unveiled special new measures aimed at stimulating investment in residential housing projects priced at 1.5 million baht or less. This initiative is part of a collaborative effort with the Government Housing Bank to expand homeownership opportunities for low-income Thai families.
Under the new promotion, property developers can apply for BOI investment incentives to construct housing projects capped at 1.5 million baht per unit. The Government Housing Bank will evaluate and certify qualifying developers, who can then submit applications for BOI promotion by the end of 2025.
“Affordable housing is a national priority to ensure all Thai citizens can realize the dream of home ownership,” said BOI Secretary General. “These new measures provide tax incentives to developers to increase the supply of moderately priced housing stock.”
To be eligible, residential projects must meet specific criteria set by the Government Housing Bank:
For condominiums, a usable area must be at least 24 sq.m. per unit
For townhouses/detached homes, the usable area must be at least 70 sq.m.
Projects must include amenities like parking, security, cleaning services, and common areas
Developers must first obtain construction permits and Government Housing Bank certification before applying to the BOI for promotion privileges.
Once approved, developers will receive corporate income tax exemption for 3 years capped at their total investment amount. Only construction costs for utilities, roads, and public amenities within the project qualify for the tax break.
“The high costs of land and construction make it very difficult for developers to profitably build housing below 1.5 million baht,” noted BOI Secretary General. “This incentive helps make those moderately-priced projects financially viable.”
The Government Housing Bank has already opened an online application portal at www.ghbank.co.th for developers seeking certification to apply for BOI promotion.
Both the BOI and Government Housing Bank see this joint investment promotion as critically enhancing residential options for lower-income Thai families striving for home ownership.
The National Cyber Security Agency (NCSA) has recognized the growing reliance on cloud services by both government agencies and private sectors, along with the increasing number of cyberattacks targeting users. In response, the agency has drafted the Notification on Cloud System Cyber Security Standard (“Notification“), aiming to establish a robust standard of security measures for cloud systems.
Applicable Entities and Scope: The draft Notification is applicable to government agencies, supervising or regulating organizations, and organizations of critical information infrastructure (as defined under the Cybersecurity Act B.E. 2562 (2019)) that utilize cloud services and have official contracts with Cloud Service Providers (CSPs). These entities are collectively referred to as Cloud Service Customers (CSCs).
Risk Assessment and Categorization: According to the draft Notification, the risks associated with cloud system usage can originate from either the CSC or the CSP. Despite the fact that the draft Notification’s applicability is extended to only the CSCs, the CSPs are to be bound by its service agreement with CSCs to comply with the requirements of the draft Notification as well. CSCs and CSPs are mandated to assess the level of risk in accordance with the security objectives prescribed by another NCSA’s notification. The risk levels are categorized as low, moderate, and high, each with different minimum requirements for security standards, CSC and CSP assessments, and certifications.
Minimum Requirements: The minimum requirements for cloud security depend on the assessed risk level and the related security objectives. These requirements may encompass various aspects, including:
Cloud security governance, encompassing information security policies, organization of information security, supplier relationships, and compliance with rules and regulations.
Cloud infrastructure security and operations, covering human resources security, asset management, access control, cryptography, physical and environmental security, operations security, communication security, system acquisition, development and maintenance, supplier relationships, and information security incident management.
Assessment and Certification: Depending on the risk level and the related security objectives, CSCs or CSPs may be required to conduct compliance assessments as follows:
Self-assessment, conducted in accordance with NCSA’s prescribed requirements.
Assessment by a regulator or regulatory agency (attestation).
Assessment by an advanced certified body.
The frequency of assessments and certifications will also depend on the assessed risk level.
The draft Notification provides greater details, and CSPs and CSCs subject to its provisions are required to carefully assess their associated risks and obligations.
Conclusion: The NCSA’s draft Notification aims to establish a comprehensive framework for ensuring the security of cloud systems used by government agencies, regulatory bodies, and critical infrastructure organizations. By introducing risk-based minimum requirements, assessments, and certifications, the agency seeks to address the growing cybersecurity threats and enhance the overall resilience of cloud services within the country.
The Financial Revolution: Thailand Prepares for the First Virtual Banking?
Thailand’s financial landscape is on the verge of a transformative revolution. Virtual banks, the technological-driven and user-centric financial services.
The Digital Leap for Ease of Doing Business in Thailand
In a significant move to enhance the ease of doing business in Thailand, a joint collaboration between government agencies and private sector organizations was unveiled. The Thai Chamber of Commerce, the Board of Trade of Thailand, the Office of the Public Sector Development Commission (OPDC), and the Department of Business Development (DBD) took the stage to announce the “Joint Corporate Data Linkage” initiative.
This groundbreaking project aims to revolutionize the way businesses interact with government entities by eliminating the need for physical document submissions, such as copies of national ID cards, house registration documents, and company affidavits. Through an online system, legal entity information will be seamlessly linked and shared among participating agencies, reducing redundancies and streamlining processes.
The Chairman of the Thai Chamber of Commerce and the Board of Trade of Thailand emphasized the importance of efficient government services in enhancing the country’s competitiveness. “For too long, entrepreneurs have been burdened with the task of submitting countless documents for various proceedings,” the Chairman stated. “This initiative marks a significant step forward in leveraging digital technology to alleviate those burdens and foster a more business-friendly environment.”
The Joint Corporate Data Linkage is the culmination of years of legal and technological advancements, including the Licensing Facilitation Act B.E. 2558 (2015), the Digitalization of Public Administration and Services Delivery Act B.E. 2562 (2019), and the Act on Management of State Affairs by Electronic Means B.E. 2565 (2022). These legislative efforts have paved the way for a seamless integration of government services into the digital age.
Initially, ten government agencies have pledged their commitment to this initiative, including the Food and Drug Administration (FDA), the Department of Lands (DOL), the Treasury Department, the Board of Investment of Thailand (BOI), the Department of Industrial Works (DIW), the Excise Department, the Bank of Thailand (BOT), the Thai Customs Department, the Comptroller General’s Department, and the Revenue Department (RD).
The Secretary-General of the OPDC highlighted the significance of this collaboration, stating, “The OPDC recognizes the importance of harnessing digital technologies to enhance the efficiency of government services. By fostering cooperation between public and private entities, we aim to provide convenient, cost-effective, and inclusive services to businesses and citizens alike.”
The benefits of the Joint Corporate Data Linkage are multifaceted. According to projections, the initiative is expected to reduce up to 392 document retrieval procedures, resulting in substantial cost savings of approximately 800 Thai Baht per transaction. This translates into an estimated annual saving of around 7 billion Baht, factoring in time, document usage, accounting costs, and opportunity costs.
The Director-General of the DBD underscored the technological advancements underpinning this endeavor. “We have developed a robust system that enables real-time, accurate, and secure data exchange between agencies,” the Director-General explained. “By leveraging the Central Data Exchange system (GDX), we can ensure efficient and seamless information flow, further enhancing the overall experience for businesses.”
The Joint Corporate Data Linkage is not only a testament to Thailand’s commitment to digital transformation but also a beacon of opportunity for investors. As the system matures and expands, investors may find lucrative opportunities in public-private partnerships, collaborating with government agencies to further develop and enhance the platform, potentially yielding long-term returns on investment.
With the formal commencement of the Joint Corporate Data Linkage on May 1st, 2024, Thailand takes a significant stride towards a future where doing business is streamlined, efficient, and aligned with the digital era. This initiative sets the stage for continued innovation and collaboration between the public and private sectors, positioning Thailand as a frontrunner in the global race for competitiveness and business-friendly practices.
The Office of the Board of Investment (BOI) has declared tax incentives for property developers engaged in the construction of residential properties, including houses and condominiums, aimed at catering to low-income individuals. These incentives are applicable to properties priced at 1.5 million THB or below.
The privileges were approved by the Board of Investment on March 15th, 2024, in accordance with the third phase of the Government Housing Bank (GHB)’s initiative to extend loans to low-income individuals for the acquisition of houses and condominium units and consistent with the government’s economic stimulus measure through the real estate sector.
Projects meeting the eligibility criteria, which include a minimum requirement of 70 square meters of space for housing projects and at least 24 square meters of condominium space floor, will qualify for a three-year exemption from corporate income tax. This exemption applies to and shall not exceed the investment costs associated with infrastructure development such as roads, public facilities, and amenities for public use within the projects.
By extending tax privileges to developers constructing residential properties priced at 1.5 million THB or below, the BOI aims to stimulate the supply of affordable housing options and enhance accessibility for low-income segments of the population. Importantly, this initiative promotes social welfare of low-income populations and stimulate inclusive economic development in the real estate sector.
