The Role of the Financial Regulator of Thailand in Ensuring the Information Security of the Financial and Banking Sector
// National Security. – 2022. – № 5.
– P. 80-90.
Read the article
Abstract: The object of the study is the relations arising during the functioning of the national legal mechanism for ensuring cybersecurity. The subject of the study is presented by regulatory legal acts and sources of "soft law" of Thailand, which establish requirements for information systems of the financial and banking sector. Using the example of the second economy in Southeast Asia - Thailand, the role of the financial regulator of the state – the Bank of Thailand (Bank of Thailand, BOT) in ensuring cybersecurity of the financial and banking sectors is described. The features of the legal status of the Bank of Thailand, determining the coordinating role in the institutional mechanism for ensuring cybersecurity, are highlighted. The key documents of the financial regulator that form the regulatory mechanism for ensuring cybersecurity in Thailand are examined. The powers of the financial regulator of Thailand are distributed among three bodies. The Bank of Thailand controls commercial banks, financial companies, credit institutions, asset management companies, electronic payment services and credit card companies. The Securities and Exchange Commission oversees securities transactions, while the Insurance Commission oversees the activities of insurance companies. Ensuring information security is entrusted to the Bank of Thailand, which is authorized to create a risk management system for financial institutions in order to ensure their stability. To this end, it adopts regulations that establish security standards for three types of information systems: general, serving electronic payments and serving electronic payment cards. Noteworthy is the requirement for information system operators, when concluding a service agreement, to determine the rights of internal and external auditors, as well as an official of the Bank of Thailand to verify transactions and control the service provider. The financial regulator determines the status of service providers of particularly important payment systems, charging them with the obligation to develop security measures for information systems, depending on the types and complexity of their own services.
Keywords: information system, fintech, information system operator, Thailand, critical information infrastructure, digital infrastructure, financial regulator, information security, financial and banking sector, digital technologies
Gorian, E.V. (2021). Information security in cyberspace: the experience of legal regulation in Thailand. The Territory of New Opportunities. The Herald of Vladivostok State University of Economics and Service, 13(3), 108–116. DOI: 10.24866/VVSU/2073-3984/2021-3/108-116.
Gorian, E.V. (2021). Thailand Cyber Security Regulatory Framework. Security Issues, 3, 1 - 20. DOI: 10.25136/2409-7543.2021.3.36255.
Aminov, I.I. (2018). Cybercrime prevention in the financial sector. Alley of Science, 5, 6(22), 754-758.
Maslennikov, V.V., Fedotova, M.A., Sorokin, A.N. (2017). New financial technologies are changing our world. Herald of Financial University, 21, 2(98), 6-11.
Molodtsov, N.S., Klimenko, O.S. (2018). Computer visuses. Virus attacks of 2017. Science through the prism of time, 4(13), 35-38.
Trifonova, A.K., Beskrovnyi, R.D. (2017). Cyber attacks on the banking sector: new risks and ways to overcome them. Economics. Business. Banks, S2, 83-89.
Gorian, E.V. (2018). The role of the financial re