In today’s digital economy, financial technology (FinTech) is a major economic driving force. FinTech has transformed the private sector, resulting in a drastic shift in the way customers use financial services. Financial institutions, in particular, have taken significant strides to implement innovative platforms to facilitate financial transactions and payment methods for goods and services. As electronic services become more sophisticated and prevalent, however, greater regulatory scrutiny needs to be paid to the industry in order to protect end-users and prevent damage to the country’s economy.
Background
Commercial banks are veterans in the e-Payment service market. They are governed by the Royal Decree Regulating Electronic Payment Services B.E. 2551 (2008); relevant Notifications of the Electronic Transaction Commission (ETC); and applicable Notifications of the Bank of Thailand (BOT), which also closely monitors their business activities.
Specialized Financial Institutions (SFIs), which were established by the government to provide financial services to various sectors that are not sufficiently served by commercial banks, are also engaged in the e-Payment service market. Thailand’s regulatory authorities determined that the laws and regulations surrounding SFIs and their engagement in e-Payment service businesses were insufficient, and further regulations were needed.
The Royal Decree on e-Payment Services
On March 30, 2016, the government promulgated the Royal Decree Governing the Control and Supervision of Electronic Payment Service Businesses of Specialized Financial Institutions B.E. 2559 (2016). It took effect on July 28.
As with commercial banks, the Royal Decree of 2016 designates the BOT to control and supervise the e-Payment service businesses of the following SFIs: Government Savings Bank, Bank for Agriculture and Agricultural Cooperatives, Government Housing Bank, Islamic Bank of Thailand, Export-Import Bank of Thailand, Small and Medium Enterprise Development Bank of Thailand, Thai Credit Guarantee Corporation, and Secondary Mortgage Corporation.
The Royal Decree aims to standardize supervisory provisions and measures enforced on both private and state service providers. This should help ensure financial and commercial stability, prevent damage caused to the public, and build trust and credibility in the e-Payment system among the public.
In terms of substantive provisions, the Royal Decree categorizes e-Payment service business into three lists, which resemble the categories for commercial banks in the Royal Decree Regulating Electronic Payment Services B.E. 2551 (2008), as follows:
- List A: e-Money services used for purchasing specific goods or services as specified in advance from an entrepreneur, excluding e-Money services used only for customers’ convenience without the procurement of any profit from issuing the card, as prescribed by the BOT with the approval of the ETC. These services require notification before business operations commence.
- List B: Credit card network services, electronic draft capture services, transaction switching services for payments in one system, and e-Money services used for purchasing specific goods or services as specified in advance at a place which uses the same system for distributing and providing these goods or services. These services require registration before business operations commence.
- List C: Clearing services, settlement services, e-Payment services through any devices or networks, transaction switching services for payment through several systems, payment service provider services, and e-Money services used for purchasing specific goods or services as specified in advance in which the place where the services were used was not limited and the system for distributing or providing the services is not the same. These services require a license before business operations commence. The license lasts for ten years.
The Royal Decree also empowers the ETC to set methods and service conditions on: (1) custody and disclosure of customers’ personal information; (2) examining and maintaining system security for consistent reliability; (3) express prescribing of any service fees; (4) receiving and the process to ratify customers’ complaints or disputes; and (5) accounting and reporting, among others.
In addition, depending on the type of business, the BOT may prescribe additional rules on: (1) issuing evidence for payment; (2) keeping money which will be sent; (3) prescribing the finality of transferred money which may be unconditionally and promptly utilized by the beneficiary; and (4) arranging an independent auditor for security.
Any service providers in List A and List B that fail to comply with these rules will be subject to an administrative fine and/or an order of the ETC to take appropriate corrective action. Any service providers in List C that fail to comply with these rules can be subject to corrective measures, suspension, or license revocation.
Implementation
Even though the Royal Decree came into force on July 28, its transitional provisions allow SFIs which have operated an e-Payment service business prior to this date to continue their operation until November 24, 2016. The SFIs that want to continue their business need to notify, register, or apply for a license in accordance with this Royal Decree from August 26 to September 25, 2016.
If the Royal Decree is effectively enforced, and both the BOT and the ETC undertake their supervisory authority properly, information technology systems and electronic platforms will be much safer for customers who interact with these SFIs. Improved security and protection will lead to greater credibility with customers, and this will entice considerably more people to use e-Payment services.
