FinTech

Peer-to-peer funding platforms and marketplace lending

The BOT is the authority that supervises and regulates financial business and activities in Thailand. Currently, Peer-to-peer lending and consumer lending eg personal loan, nano finance and pico finance have been regulated in Thailand. The BOT is responsible for supervising the peer-to-peer lending activity whereby it requires the prospective peer-to-peer operator to participate in the BOT’s Regulatory Sandbox and be licensed before operating the peer-to-peer business.

Please see Electronic payments platforms and regulation of peer-to-peer lenders.

Blockchain, smart contracts and cryptocurrencies

The BOT has implemented the FinTech regulatory sandbox (BOT Sandbox) which will enable financial institutions, as well as FinTech companies, to experiment with and develop innovative financial products or services within a well-defined space and duration, under the BOT's supervision.

The main criteria is that the products or services in questions must be the products or services which are under supervision of BOT.  Otherwise, it could not participate in the BOT Sandbox.  Currently, the financial services to be tested in the BOT Sandbox must be (i) relevant to infrastructure or centralised standard or (ii) required by laws to participate in the BOT Sandbox. 

According to the practice guidance concerning the FinTech regulatory sandbox issued by the BOT on 15 March 2019, the financial products or services which can enter into the Sandbox must have the following criteria:

• being financial products / services regulated by the BOT;
• being financial products / services or FinTech innovation using new technology – it could be (i) a new innovation, (ii) different from currently available financial products or services in Thailand or (iii) an innovation which applies new technology to improve efficiency of existing products/services; and
• having any of the following qualifications;
  • being financial products / services which could be developed to be infrastructure or centralised standard for Thai financial sectors which shall be tested together by financial service providers; or
  • being required to participate in the Sandbox by virtue of laws or relevant supervising criteria (e.g. the regulated peer-to-peer lending).

However, if the services are not qualified under the criteria above, it could be apply to be tested under the Own Sandbox scheme.  The Own Sandbox is a separate and independent sandbox of each business operator but still under the monitor of BOT.  Quarter report on progress of the Own Sandbox is required to be submitted to BOT. 

Several FinTech companies have participated and are currently participating in the BOT Sandbox.  According to the publication of BOT, technologies tested under the BOT Sandbox are for example Standardized QR Code, Biometrics (ie facial and iris recognition), Blockchain, Machine Learning and Standardized API, etc.

Initial coin offerings and token-based products

By virtue of the Emergency Decree on Digital Asset Business B.E. 2561 (2018), since 14 May 2018, the Initial Coin Offerings (ICOs) as well as the operation of Digital Assets Business in Thailand have become the regulated activity under the supervision of the SEC. Cryptocurrencies and Digital Tokens are considered as Digital Assets thereunder.

Initial Coin Offerings (ICOs)

The ICOs under the supervision of the SEC refer to the offering of regulated Digital Tokens in Thailand.  Basically, an ICO issuer must be a private or public limited company licensed by the SEC and must offer the ICO through the ICO portals licensed by the SEC.  Currently, while three ICO portals are licensed by the SEC, no ICO issuer has been licensed by the SEC. 

Further, the SEC has prescribed the following types of qualified investors being able to subscribe for the ICO:

• Institutional Investors or Ultra High Net Worth (UHNW) Investors;
• Venture Capital or Private Equity; and
• Other investors who are subject to the capped of offering value as prescribed by the SEC.

Similarly to the securities offerings, a disclosure-based regulation theme is applicable to the ICO whereby a prospectus is required to be submitted to the SEC and effective before the ICO can be made. Nonetheless, certain types of offerings are exempted from being supervised by the SEC (e.g. an offering of Digital Tokens by the Bank of Thailand) or from the disclosure and prospectus requirements (e.g. a private placement of Digital Tokens to limited types of investors).

Operation of digital assets business

The Emergency Decree on Digital Asset Business B.E. 2561 (2018) categorised three types of business operation which are relevant to the digital assets; being (i) Digital Asset Exchange, (ii) Digital Asset Broker and (iii) Digital Asset Dealer.  These three businesses are subject to licensing requirements of the SEC prior to operating its digital assets-related business in Thailand.

To prevent the illegal use of digital assets, the SEC requires the secondary trading or exchange of the digital tokens to be done only through the licensed Digital Asset operators. Besides, in case where the ICO issuer and / or the Digital Asset operators receives cryptocurrencies as remuneration or part of transaction, only the cryptocurrencies tradeable or exchangeable at the licensed Digital Asset operators can be accepted.

Artificial intelligence and robo advisory systems

Currently, there are no particular laws that are specifically intended to apply to the artificial intelligence (AI) and robo advisory systems; and there is no regulatory sandbox exclusively dedicated to AI and robo advisory systems.

However, the SEC has supported the use of technology especially AI and robo advisory systems in the context of securities.  The SEC therefore has cooperated with private sectors to opening an official website under the project named ‘Five Steps to Investment with Confidence’ which is so-called ‘Wealth Advice for All’. This project is aimed to be an introductory platform for investors to easily connect with wealth advisors as licensed by the SEC with less associated investment costs and to advocate long-term financial well-being of Thai nationals.

Certain licensed operators are implementing AI and robo advisory systems when providing investment consultation services. To be qualified as a licensed wealth advisor, the operator must be licensed by the SEC to provide securities/derivatives business and shall also be equipped with reliable systems and personnel in response to the five key concerns of the SEC i.e.:

• exploring and understanding customers;
• constructing an investment portfolio;
• implementing the portfolio according to the asset allocation plan;
• monitoring and rebalancing the portfolio; and
• providing consolidated reports for clients' review.

Please see FinTech products and uses – particular rules.

Data analysis and cloud computing

Currently, there are no particular laws that are specifically intended to apply to the data analysis and cloud computing market; and there is no regulatory sandbox exclusively dedicated to data analysis and cloud computing activities.

There is no specific legal requirement for the use of cloud services. However, a service provider of electronic transactions under the Electronic Transaction Act B.E. 2544 (2001) who opts in to use the cloud services are encouraged to follow the Notification of the Electronic Transaction Committee re: Guideline on Application of Cloud Services B.E. 2562 (2019) (Cloud Guideline) which sets out the fundamental criteria and recommendations when using the cloud services regardless of whether the cloud services are provided by third parties.  Initially, the Cloud Guideline guides on key considerations in several aspects which should be factored when using the cloud services, eg policies and practices of electronic transactions service providers, efficiency of cloud services, security, data management and personal data protection.

Please see FinTech products and uses – particular rules.

General financial regulatory regime

Due to the wide range of FinTech products in the market, the regulatory authorities with responsibility will depend on the type of FinTech products involved. Currently, there are four main supervisory authorities under which FinTech activities or products may be caught:

• the Bank of Thailand (BOT);
• the Securities and Exchange Commission of Thailand (SEC);
• the Stock Exchange of Thailand (SET); and
• the Office of Insurance Commission (OIC); and
• the Board of Investment of Thailand (BOI).

General

A person cannot carry on a restricted / regulated activity in Thailand unless authorization or exemption is granted (known as the general prohibition). Most financial activity requires regulatory authorization when:

• it is identified as a specified activity in relation to a specified investment;
• it is carried on by way of business in Thailand; and
• it does not fall within any of the available exemptions.

Where FinTech products or applications involve financial activities which require regulatory authorization, the firms providing such products or applications must be authorized by the relevant supervisory authority.

FinTech regulatory sandbox

Please see FinTech products and uses – common technology products for the FinTech Regulatory Sandbox offered by the Bank of Thailand.

The SEC set up the FinTech Department and Data Management and Analytics Department (effective from 1 January 2017) to work on a strategic plan concerning innovation in capital markets.

Regulatory developments on investment platforms

A draft FinTech Act is currently under review by the relevant authorities and stakeholders. On 4 September 2017, the public hearing of the draft FinTech Act emphasized its importance and revised it to reflect comments raised by parties who may be affected by its enactment.

Electronic payments platforms and regulation of peer-to-peer lenders

Electronic payment platforms

The Payment System Act B.E. 2560 (2017) (PSA) has been enacted to regulate electronic payment businesses in Thailand. The PSA has categorised three types of payment-related businesses under the supervision of the BOT as follows:

• Highly Important Payment Systems: These are payment systems that are a principal infrastructure of the country whose problems or disruptions would be likely to affect members systemically, and handle large value fund transfers or used for clearing or settlement between members; including the payment systems operated by the BOT which are the inter-bank large value funds transfer systems (BAHTNET) and Imaged Cheque Clearing and Archive System (ICAS). In addition, the Minister of Finance is empowered to designate other payment systems to be the highly important payment systems.
• Designated Payment Systems: These are payment systems that (i) are the center or network between system users for handling funds transfer, clearing or settlement eg retail funds transfer systems, payment card network, settlement system, etc, and or (ii) may affect public interests, public confidence or stability and security of the payment systems.
• Designated Payment Services: The regualted payment services are (i) credit card, debit card, or ATM card services, (ii) electronic money services, (iii) acceptance of electronic payment for and on behalf of others, (iv) electronic money transfer services, and (v) other payment services which may affect payment systems or public interests.

In order to legally operate an electronic payment business in Thailand, prospective operators (either natural or juristic persons) need to comply with applicable requirements before operating permitted electronic payment activities. The applicable requirements depend on the types of electronic payment activities to be conducted but would be either to register or to obtain a license from the BOT. Further details regarding regulation of electronic payment platforms can be found on the BOT website.

Peer-to-peer lenders

Due to the enactment of the MOF Notification re Business Subject to Approval to Clause 5 of the Revolutionary Council Decree 58 (Regulated Peer-to-Peer Lending Platform Business) and the BOT Notification No. SorNorSor. 4/2562 re Regulations, Procedures and Conditions for Conducting Peer-to-Peer Lending Business through Electronic System/Platform (BOT Notification re Peer-to-Peer Lending), the peer-to-peer lending is a regulated activity in Thailand.

The BOT has been authorised to be an in-charge authority for:

• receiving an application form;
• specifying applicable regulations; and
• requiring a business operator to apply for an application to the BOT's Regulatory Sandbox.

According to the BOT Notification re Peer-to-Peer Lending, the BOT requires an operator who wishes to conduct the peer-to-peer lending business through electronic system/platform to:

• make an individual consultation to the BOT;
• participate in the BOT's Regulatory Sandbox until reaching successful outcome; and
• apply for the application of the peer-to-peer lending business through electronic system/platform prior to legally operate the peer-to-peer lending business through electronic system/platform in Thailand.

Please note the operator must be a company incorporated in Thailand with the registered and paid-up capital of at least THB5 million (including shareholder's equity) and have a Thai shareholder holding not less than 75% of total shares with the right to vote.

Scope of business activity of peer-to-peer lending business through electronic system/platform is being an online market place or matchmaker whereby a loan agreement between a lender and a natural person borrower will be made through electronic system/platform and the loan must be granted in THB currency. 

The maximum of the total amount of loan granted by each lender through any peer-to-peer ending operators is not exceeding THB500,000 per lender within any 12-month period unless such lender that is a qualified institutional investor, a private equity, a venture capital or a specific investor.  The interest chargeable is not exceeding 15% per annum.

Apart from the above, the general principle for monetary lending under the Civil and Commercial Code of Thailand (CCC) is that borrowing of money in amounts above THB2,000 must be evidenced in writing and signed by the borrower. If such formalities are not complied with, a claim cannot be made against the other party to the transaction. According to the Electronic Transaction Act B.E. 2544, such evidence can be in an electronic form, since electronic data and signatures are enforceable if such electronic data is accessible and usable for subsequent reference without its meaning being altered and if the electronic signatures are made using a reliable method to identify the signatories.

Regulation of payment services

Please see Electronic payments platforms and regulation of peer-to-peer lenders above.

Application of data protection and consumer laws

Data protection law

The Personal Data Protection Act B.E. 2562 (2019) (PDPA) has recently been enacted on 28 May 2019.  Due to the one-year grace period, the PDPA will fully be enforceable on 28 May 2020. The PDPA signals a new dawn in the handling of personal data in Thailand because prior to the PDPA, Thailand did not have an overarching law governing the protection of personally identifiable information. The collection, use and disclosure of personal data in Thailand were regulated to an extent by a patchwork of laws including the Constitution, sector-specific legislation and various self-regulatory codes. The PDPA is mainly similar to the EU General Data Protection Regulation regime, bringing personal data protection law in Thailand in line with other jurisdictions.

The PDPA introduces two key roles in collecting, processing and transfer of personal data. The Personal Data Administrator (Data Administrator) will have overall responsibility to determine and control the use of personal data. The Personal Data Processor (Data Processor) will be responsible for using, disclosing or processing the data on behalf of, or in accordance with, the instructions of a Data Administrator.

Affirmative consent must be obtained from the data subject in order for Data Administrators to legitimately collect personal data. Data Administrators must obtain consent for any use or disclosure of data that is beyond the original collection request. There are however limited circumstances in which Data Administrators may be exempt from obtaining the data subject’s consent.

The PDPA applies to all organisations that collect, use or disclose personal data in Thailand. This is regardless of whether they are formed or recognised under Thai law; and whether they have residence, office or place of business in Thailand. Cross-border transfer of personal data outside of Thailand is prohibited, unless the recipient country’s data protection standard is equivalent or higher than the PDPA but limited exceptions are available.

Consumer law

The Consumer Protection Act B.E. 2522 (CPA) has been enforced with an aim to provide protection for consumers who buy or obtain services or are offered goods or services. The CPA applies to business operators who are:

• sellers, manufacturers or importers of goods or are purchasers of such goods for re-sale; and
• service providers, including those who operate an advertising business.

The CPA provides protection for consumers in several aspects eg advertisement, unsafe goods, labelling and contractual requirements etc. To ensure the consumer protection, the Consumer Case Procedure Act B.E. 2551 (2008) has been enacted to provide specific procedural requirements in relation to a consumer litigation.

Money laundering regulations

In addition to commercial banks and other governmental authorities, certain other business operators are subject to anti-money laundering laws in Thailand. According to the Anti-Money Laundering Act B.E. 2542 (1999) (AMLA) and subordinated regulations, certain business operators are subject to the requirements under AMLA to:

• report required transactions (e.g. cash transactions with amounts exceeding specified thresholds);
• procure know-your-customer (KYC) checks; and
• arrange customer due diligence.

Apart from financial institutions (eg commercial banks, finance companies, credit foncier companies, securities companies, insurance companies and operators of regulated payment systems or services, etc.), certain non-financial institution business operators covered by the AMLA include:

• non-financial institutions providing advice or acting as advisors in transactions relating to the investment or movement of funds under the law governing securities and the stock exchange;
• operators trading precious stones, diamonds, gems, gold, or ornaments decorated with precious stones, diamonds, gems or gold;
• operators trading in or providing the hire-purchase of cars;
• operators acting as brokers or agents in respect of the purchase or sale of immovable property;
• operators trading antiques under laws governing the sale by auction and trading of antiques;
• operators providing personal loans under the supervision of businesses that are not financial institutions or who are not caught by the Ministry of Finance's notification requirements in respect of personal loan businesses or who do not otherwise fall under the supervision of the laws governing financial institution businesses;
• operators transacting in electronic money that are not financial institutions caught by the Ministry of Finance's notification requirements in respect of electronic money or that are not otherwise subject to the laws governing financial institution businesses;
• non-financial institution operators conducting credit card business;
• electronic payment operators governed by laws relating to the supervision of electronic payment service business; and
• non-financial institution operators carrying out currency exchange activities as specified in the relevant ministerial regulation.

The Anti-Money Laundering Office is the supervisory authority of the AMLA.

Early stage

Seed investment

Initial investment in FinTech businesses may be provided by family and friends of the founders and other high-net-worth individuals (often known as business angels) in return for an equity stake. Such seed investment is often used to fund the establishment and early growth of the business before larger investment is available. The investing individuals may also provide know-how and expertise to assist in the company's development. The seed investors would typically not require the same controls over the business as, for example, venture capital (VC) providers.

Crowdfunding

Crowdfunding platforms are currently available under the supervision of the Thai Securities and Exchange Commission (SEC). The funding portal used for screening the offering company, disclosing information and educating investors must be approved by the SEC. Moreover, the approved funding portal must also categorize its members as either retail investors or non-retail investors (eg VC, private equity trust and qualified investors). Retail investors will be subject to a limit on investment while non-retail investors will not be subject to such a limit.

Currently, both equity and debt crowdfunding are permitted in Thailand.

Crowdfunding offers a large number of private investors an opportunity to make small-scale investments in early-stage businesses to which they may otherwise not have had access.

Accelerators

There are various incubators or accelerators in the Thai market which offer support, facilities and funding for startups, often in return for an equity stake.

Venture capital and debt

VC funding is a type of equity investment usually targeted at early-stage FinTech companies with an established business and some trading history. VC provides a viable alternative to traditional lending given that the business is unlikely to have the tangible asset base or long track record needed to attract traditional debt funding from financial institutions.

Corporate venture capital (CVC) is a type of VC and involves an equity investment by a corporate fund, examples of which include Beacon Venture Capital (being a CVC vehicle of Kasikorn Bank PLC) or Digital Ventures (being a CVC vehicle of Siam Commercial Bank). Both CVCs are targeting FinTech startups. The benefit of having a CVC as an investor for a FinTech startup is that the fund is able to share its knowledge and expertise of the FinTech sector with the company and act as an advisor.

VC debt is not available in the funding market as the corporate laws in Thailand do not allow conversion of debt to equity or the issuance of convertible debt instruments by a private limited company (which is the form of business vehicle commonly used by startups in Thailand). However, we have been working with the relevant authorities to amend the relevant laws and regulations to facilitate the funding market for startups in Thailand, including amendments to allow debt-to-equity conversion and the issuance of convertible debt instruments by private limited companies in Thailand.

In addition, proposed amendments to corporate law to promote and facilitate the funding market for startups include changes to:

• allow the offer of shares in a private limited company to employees / directors under an Employee Stock Option Plan (ESOP) and creditors under debt-to-equity conversion programs or convertible debt instruments;
• enable the rights attached to preference shares to be amended by special resolution of shareholders; and
• enable a private limited company to buy back its shares, subject to certain requirements and criteria being met.

Warehouse and platform funding

The SEC is currently actively monitoring the SEC FinTech regulatory sandbox relating to investment advisors, private funds, clearing and settlement activities and electronic trading platforms (ETP).

In addition to the FinTech regulatory sandbox, there is also a know-your-customer (KYC) regulatory sandbox which enables temporary rules to apply to business activities which do not need to be supervised by the FinTech regulatory sandbox. Temporary rules for Limited Brokerage Dealing and Underwriting (LBDU) are now also available.

To participate in the SEC FinTech regulatory sandbox, FinTech companies must fulfil the requirements set out in relevant SEC regulations. Generally, to enter into the FinTech regulatory sandbox, businesses need to:

• involve innovation in financial services;
• be operationally ready in terms of capital, work systems, human resources, risk management processes and customer contact processes; and
• have an exit strategy.

Please see FinTech products and uses – particular rules.

Senior bank debt and capital markets funding

Senior bank debt

Once a FinTech company is established and has a track record, bank debt becomes a more viable source of funding, either on a secured or unsecured basis depending on the creditworthiness and asset base of the business. In contrast to capital markets funding which is often covenant-lite, bank funding will generally involve the imposition of financial covenants and controls that will apply over the life of the facility. Bank finance may be particularly important for working capital, overdraft, accounts management and general liquidity purposes.

Capital markets funding

Thailand has both debt and equity capital markets which are accessible to businesses (usually of a certain size).

Raising finance by way of an Initial Public Offering (IPO) can be done in the SET and MAI, depending on applicable criteria and requirements. However, IPOs are not a popular funding arrangement for FinTech companies because FinTech is an emerging sector with numerous applicable regulations and with incentives which are less favorable when compared to other jurisdictions in the region such as the Singapore market.

Incentives and reliefs

Thai Revenue Department (RD) has continuously provided tax incentives and reliefs to qualified startups and SMEs including its investors, e.g. VC and angel investors.  The conditions and qualifications of eligible person/entities under the tax schemes granted are amended periodically.

In respect of startup itself, the key conditions and qualifications to be eligible for 5-year corporate income tax exemption are, e.g. being incorporated during the prescribed period, having at least THB5 million of registered capital, having the income not exceeding THB30 million in the accounting year whereby 80% of which is generated from the operating targeted business, and applying for an approval with the RD.

Further to the foregoing, the startup must operate the targeted business as specified by the National Science and Technology Development Agency, including businesses in the following industries:

• food and agriculture;
• energy saving, renewable energy and clean energy;
• biotechnology;
• medical and public health;
• tourism, services and creative economic;
• advanced materials;
• textiles, fabrics and accessories;
• vehicles and auto parts;
• electronics, computers, software and information services; and
• research and innovation.

VC and angel investors are also subject to certain requirements in order to claim for tax privileges e.g. participating in an investment during the promoted period, and retaining the investment within the minimum period, etc.