Cabinet Approves “Cybersecurity Emergency Decree” to Hold Banks and Telecom Providers Accountable
The Thai Cabinet has approved in principle the draft “Cybersecurity Emergency Decree,” proposed by the Ministry of Digital Economy and Society (MDES), to tackle call center scams and cybercrime. This new regulation will impose stricter penalties and hold banks and mobile network operators jointly responsible for damages caused by fraud. The decree is expected to take effect in February 2025.
Urgent Measures to Address Economic Losses
Jirayu Huangsap, the government spokesperson, announced the Cabinet’s decision, highlighting the urgency to combat rising cybercrime. The government found that daily losses due to online fraud average between 60-70 million baht. The existing decree, enacted in 2023, lacks the authority to address critical issues such as managing fraudulent peer-to-peer (P2P) platforms, recovering stolen funds, and holding relevant parties accountable for negligence.
Key Provisions of the New Decree
The proposed amendments to the 2023 Cybersecurity Emergency Decree include the following:
- Enhanced Authority: Expands regulatory powers to address fraudulent activities on P2P platforms.
- Telecom Providers’ Obligations: Requires mobile network operators to immediately deactivate SIM cards involved in fraudulent activities.
- Faster Fund Recovery: Mandates banks to report mule accounts to the Anti-Money Laundering Office (AMLO) to expedite the return of stolen funds.
- Penalties for Non-Compliance: Introduces penalties for financial institutions and P2P platforms that fail to prevent fraudsters from opening accounts.
- Data Protection: Increases penalties for the unauthorized disclosure of personal data.
- Joint Responsibility: Holds financial institutions, telecom providers, and social media platforms accountable for damages arising from cybercrime.
Support and Implementation Timeline
Prime Minister emphasized the need for immediate action and sought input from related agencies on the decree’s enforcement. The Office of the Council of State affirmed that the decree qualifies as an urgent measure to safeguard public safety and the nation’s economic security.
Deputy Prime Minister and MDES Minister Prasert Jantararuangtong assured that the decree would significantly benefit the public and enhance the government’s ability to prevent and combat cybercrime.
Following Cabinet approval, the draft decree will undergo a final review by the Office of the Council of State before being published in the Royal Gazette. The implementation process is expected to take no more than 30 days, enabling the law to be enforced by February 2025.
A Collaborative Approach to Combat Cybercrime
The decree is part of a broader strategy to dismantle call center scams and other forms of cybercrime. Thailand is also working with neighboring countries to target cross-border criminal networks, especially those operating near border areas.
During the latest ASEAN Digital Ministers’ Meeting, member states agreed to prioritize combating call center scams and social media fraud, recognizing them as transnational threats requiring collective action.
The new decree underscores the Thai government’s commitment to protecting its citizens and bolstering cybersecurity in an increasingly digital world.