Thailand’s Ministry of Finance and Securities and Exchange Commission (SEC) have issued regulations broadening the criteria for determining who qualifies as a “major shareholder” of licensed securities and digital asset business operators. Under relevant SEC regulations, major shareholders of a regulated entity must obtain regulatory approval and undergo screening by the SEC. The revised framework introduces both shareholding-based and control-based tests to determine which shareholders require regulatory approval for a wider range of indirect ownership structures and de facto control. The Ministry of Finance notification took effect on February 21, 2026, while the SEC’s clarifying rules took effect on March 4, 2026. These changes aim to enhance transparency around beneficial ownership and strengthen regulatory oversight of entities operating in Thailand’s capital markets. Expanded Definition Under the revised framework, a “major shareholder” now includes persons who directly or indirectly hold more than 10% of the voting rights in a regulated company, as well as persons who exercise control over the regulated company or its shares. This system of two separate tests, based on both shareholding and control, differs from the prior regime, which focused primarily on shareholding thresholds and applied a more limited method for determining indirect shareholdings. The two tests (detailed below) operate independently of each other, and any person identified by either of the tests will be deemed a major shareholder. Shareholding-Based Test Broadens Indirect Ownership Attribution For the shareholding-based test, the SEC recognizes two existing methods for identifying indirect ownership, together with a new proportional attribution method. Any person captured under these methods, which are described below, will be regarded as a major shareholder of the regulated company and must obtain SEC approval as a major shareholder. First, the existing framework continues to apply to both first-tier and chain ownership structures. Approval is required for (1) first-tier

Thailand’s Legislation Consideration Committee of the Ministry of Interior has ruled that in-game loot boxes in online games do not constitute gambling under the Gambling Act B.E. 2478 (1935). This first-of-its-kind ruling provides useful guidance for online game operators and digital entertainment companies operating in Thailand. Background The ruling came in response to an inquiry concerning an online role-playing game operator that launched a campaign featuring a loot box mechanism. The mechanism allowed players to purchase a token in exchange for the opportunity to receive a virtual loot box containing randomized in-game items. The key features of this were as follows: The items received were digital, noncash items usable only within the game. The items could not be exchanged, redeemed, or converted into cash with the game operator. Items may differ in rarity but remain purely virtual. The central question was whether paying money to obtain randomized in-game items constituted a risk-based activity involving the chance to receive money or property of monetary value, which would constitute gambling under the Gambling Act. Committee Ruling The committee reached the following conclusions regarding the characteristics of the game’s loot-box mechanism: No cash or monetary equivalent: Players did not receive cash or property that could be exchanged for cash. The in-game items were merely usage rights within the online game ecosystem. No real-world monetary valuation: There was no determination of item value in real currency, and no mechanism for redeeming or converting items into money with the game operator. Any off-platform trading of in-game items between players is irrelevant to online game operators, as any value arising from such transactions is determined by the market rather than by the operators themselves. Service fee characterization: Payments made by players purchasing in-game loot boxes constituted fees for online game services. Accordingly, the committee concluded

Thailand’s Securities and Exchange Commission (SEC) has filed a criminal complaint against a licensed digital asset broker, its overseas trading platform, and its executives for allegedly operating an unlicensed digital asset exchange targeting Thai customers. The case marks an escalation in the SEC’s enforcement efforts against unlicensed offshore platforms that attempt to serve Thai users through local licensed entities. Criminal Complaint On February 20, 2026, the SEC filed a criminal complaint with the Economic Crime Suppression Division against a local licensed digital asset broker, its overseas global trading platform, and its executives. The SEC alleges that the parties violated the Digital Asset Business Emergency Decree B.E. 2561 (2018) by cooperatively operating a digital asset exchange business on a cross-border basis since 2023 without the required SEC license. According to the SEC, the local broker promoted the overseas platform’s services to the public through Thai-language posts on social media channels, with services available exclusively to customers residing in Thailand. Access to the global platform was provided through the local broker’s website and mobile application. Customers who registered for the local broker’s services were automatically granted access to the global platform without having to undergo a separate identity verification process. The SEC also found that the local broker provided back-office system support services to the global platform. The SEC considers these activities to constitute joint operation of an unlicensed digital asset exchange. The former executives of the local broker are being held liable as the responsible persons during the relevant period. The SEC emphasized that the complaint initiates the criminal process, and the decision to prosecute or convict the accused parties will ultimately be made by law enforcement authorities and the criminal courts. Platform Blocking The SEC has also coordinated with the Ministry of Digital Economy and Society to block public

The Bank of Thailand (BOT) has officially implemented a new regulatory framework supervising systemically important retail payment systems (SIRPS), effective February 21, 2026, with PromptPay being the first payment system designated as a SIRPS. Under this new set of regulations, the BOT may designate payment systems under the Payment Systems Act B.E. 2560 (2017) as SIRPSs based on quantitative and qualitative assessments. Once a system is designated as a SIRPS, the operator becomes subject to expanded supervisory obligations beyond the general requirements of the Payment Systems Act. Enhanced Supervisory Requirements SIRPS operators must comply with a heightened supervisory regime across three key areas, outlined below. 1. Governance SIRPS operators must maintain robust and transparent governance structures, including: Balanced board composition, with at least one-third of the board comprising independent directors who represent stakeholders in the system (such as payment service providers, consumers, and experts). Independent directors may serve for no more than two consecutive terms. Subcommittees to assist the board in overseeing compliance, policy implementation, and operational strategy. Clear separation between executives responsible for risk and information security and those overseeing day-to-day business operations. Risk Management and System SecuritySIRPS operators must implement comprehensive risk management frameworks, including: Clear service agreements between the SIRPS operator and its direct participants (payment service providers who connect directly to the SIRPS), defining roles and responsibilities among stakeholders. These agreements must include obligations for direct SIRPS participants to supervise any indirect participants they onboard to ensure compliance with service agreements and business rules. A business continuity plan covering both IT and non-IT aspects, with annual review. The SIRPS must target service availability comparable to international payment infrastructures, including the ability to recover operations within two hours of a disruption and to maintain scalable operational capacity. Tools and controls to monitor and manage material or