The Secretary-General said: "This aims to block access to these platforms, strengthen law enforcement, and prevent scammers from using such platforms to launder unlawfully obtained assets. This marks another step in combating cybercrime."

The pilot program partially conducted testing of the Retail CBDC’s end-to-end life cycle for real-value transactions, with industry participants acting as financial service providers, and whitelisted users and merchants.

The updated rules, published in the Royal Gazette on 16 January 2024, remove the 300,000 baht ($8,500) limit, allowing retail investors to invest "more freely in the real estate and infrastructure-backed digital token (REIT) market."

The warning that must be used is: “Cryptocurrencies are high risk. Please study and understand the risks of cryptocurrencies thoroughly, because you may lose the entire amount invested.” 

The warning message must be clearly visible, and the business operator must arrange for the users to give consent and acknowledge the risks before using the service.

The guidelines also prohibit service providers from using customer funds for lending or investment.

The guidelines come into effect on 31 July 2023.

The proposed regulation aims to provide greater protection to investors, reduce associated risks, and prevent a misunderstanding that deposit taking and lending services are under the same supervision as regulated digital asset businesses.

The new regulations cover three requirements:
 
1) Policy and guidelines for "overseeing the risk management of digital wallets and keys" (defined as a cryptographic key or any other data that must be kept confidential in order to be used for approval of transfers or transactions related to digital assets in digital wallets), as well as communication to "clarify such policy, action plans and procedures, work supervision and internal control to ensure compliance with the policy."

2) Policy and procedures for "designing, developing and managing digital wallets as well as creating, maintaining and accessing keys or other related information appropriately, securely and safely."

3) Contingency plan should an event occur that may affect the management system of digital wallets and keys. This includes "laying out and testing action procedures, designating responsible persons and reporting the event. An audit of system security is also required as well as digital forensic investigation in case of any event affecting the security of systems related to digital asset custody, which could cause significant impacts on clients’ assets." 

The regulations came into effect on 16 January 2023. Digital asset business operators that had provided custody of clients’ assets prior to the effective date of the regulations are required to fully comply within six months from the effective date.