Natthapon Thepchalerm (Por) | Country Manager (Thailand) Application and Data Security
More About This Author >
Natthapon Thepchalerm (Por) | Country Manager (Thailand) Application and Data Security
More About This Author >
Thailand is in a period of unprecedented digital growth, with 15% of its total GDP coming from the digital economy (potentially soon to be 20%). As the country’s digital landscape expands, financial institutions are caught in the crossfire of change.
New threats mean new regulations. Thales’s strong track record of helping financial organizations comply with local, national, and international cybersecurity standards provides a solid template for Thailand’s own financial sector to follow.
The message is clear. If Thailand’s Financial Services Institute (FSI) organizations are to maintain equilibrium despite constant digital upheaval, they must be compliant with local and global data security regulations.
This blog will review how Thales’s solutions are primed to support Thailand’s banks, insurers, credit unions, and lenders as they navigate a new era of regulatory evolution.
Thailand is in a period of unprecedented digital growth, with 15% of its total GDP coming from the digital economy (potentially soon to be 20%). As the country’s digital landscape expands, financial institutions are caught in the crossfire of change.
New threats mean new regulations. Thales’s strong track record of helping financial organizations comply with local, national, and international cybersecurity standards provides a solid template for Thailand’s own financial sector to follow.
The message is clear. If Thailand’s Financial Services Institute (FSI) organizations are to maintain equilibrium despite constant digital upheaval, they must be compliant with local and global data security regulations.
This blog will review how Thales’s solutions are primed to support Thailand’s banks, insurers, credit unions, and lenders as they navigate a new era of regulatory evolution.
The Securities and Exchange Commission (SEC), Thailand: Guidelines for the Provision of Information Technology Systems
What Are the Requirements?
The Guidelines for the Provision of Information Technology Systems issued by the Securities and Exchange Commission (SEC) of Thailand (แนวปฏิบัติในการจัดให้มีระบบเทคโนโลยีสารสนเทศนป. 6/2567)require all Thai securities organizations to adhere to the compliance and regulation requirements, Thales’s solution can help them to address 6 requirements in Chapter 2 with Data and Application Security as well as Identity & Access Management.
Chapter 2 – Information Technology Security
- 2.2 Human Resource Management and External Personnel
- 2.4 Data Security
- 2.5 Access Control of Information and IT Systems
- 2.6 Cryptographic Control
- 2.8 IT Operations Security
- 2.10 IT Project Management
For a complete overview of how Thales helps companies comply with SEC Guidelines for the Provision of Information Technology Systems, download this compliance brief.
Office of Insurance Commission (OIC), Thailand: Supervision and Management of IT Risks
What Are the Requirements?
The Guidelines for the Supervision and Management of IT Risks by the Office of Insurance Commission (OIC) of Thailand (หลักเกณฑ์การกำกับดูแลและบริหารจัดการความเสี่ยงด้านเทคโนโลยีสารสน เทศของบริษัทประกันชีวิต พ.ศ. ๒๕๖๓)compliance and regulation requirements, Thales’s solutions support them by complying with the two categories on IT Security and Cybersecurity Governance and Risk Management with Data and Application Security as well as Identity and Access Management.
For a complete overview of how Thales helps companies comply with OIC Guidelines for the Supervision and Management of IT Risks, see here.
Bank of Thailand (BOT): IT Risk Management Guidelines
What Are the Requirements?
IT Best Practices Guidelines (แนวปฏิบัติในการบริหารความเสี่ยงด้านเทคโนโลยีสารสนเทศ)issued by the Bank of Thailand (BOT) mandate that Thailand’s banks, insurers, and financial organizations adhere tothe standards, Thales’s solutions can help financial institutions to comply with 8 requirements in Chapter 2 – Information Technology Security below with data and application security as well as Identity and Access Management.
8 requirements in Chapter 2 – Information Technology Security
- 2.2 Information Security
- 2.5 Communications Security
- 2.6 IT Operations Security
- 2.6.7 Vulnerability Management and Penetration Test
- 2.6.9 Endpoint Security
- 2.7 System Acquisition and Development
- 2.10 Third Party Management
For a complete overview of how Thales helps companies comply with BOT Information Technology Risk Management Guidelines, see here.
Thailand’s FSI Sector Must Step Up as Threats Increase
According to Kaspersky, the number of cyber incidents in Thailand tripled between Q2 2023 and Q2 2025, two years later; quarter-over-quarter, Q3 2025 has seen an increase of 16.7%.
In response, Thailand’s data protection regulatory has experienced great growth since the start of the year. As evidence, the Personal Data Protection Committee (PDPC) has stepped up enforcement (see their August crackdown) and transitioned to actively monitoring incidents that even have the potential of becoming publicly harmful breaches.
While compliance has never equaled security, staying compliant is an essential part of staying competitive – and operational - within Thailand’s FSI sector.
As Thai financial institutions feel the pressure of increased oversight, Thales can help. Partnering with a company that understands regional data privacy standards - and offers industry-leading technologies to support them - is invaluable to FSI organizations looking to pass audits, avoid breaches, and build a future-proof compliance architecture that can scale with digital growth.
Contact a Thales expert to learn more.