Though no legal regulation on open banking currently exists in Thailand, the government’s digital push with the Thailand 4.0 strategy, and the introduction the Personal Data Protection Act (PDPA) last year suggest a move to open banking frameworks is inevitable.
Compared to the likes of Singapore and Malaysia, Thailand is lagging behind when it comes to open banking with neither the central bank nor regulator having yet released any framework or guidelines.
Instead, there has been a broader ambition by the government to elevate Thailand in an increasingly advanced digital generation. In 2016, it launched Thailand 4.0, a proposed economic model focused on innovation and high-level services, propelled by advanced digital technology.
This was followed subsequently by numerous initiatives by the country’s central bank, Bank of Thailand (BOT), the Securities and Exchange Commission (SEC), and the Office of Insurance Commission (OIC) to accelerate innovation in the banking, financial, and insurance sector.
BOT launched the fintech regulatory sandbox in 2016, which was followed a year later by the introduction of e-payment regulation. E-payment regulation aims to boost fintech innovation by providing a framework for how e-money and electronic payment services are provided. BOT has also been driving the National e-Payment Master Plan, which includes among other objectives the development of the national payment infrastructure PromptPay and its linkage to other Southeast Asian payment networks such as PayNow in Singapore.
Meanwhile, the Office of Insurance Commission introduced its insurtech sandbox in 2017 to allow incumbents and other market participants to test out innovative products.
Thailand’s SEC has so far taken two main initiatives: in June 2017, it launched a series of sandboxes for securities, derivatives, clearing houses, know-your-customer (KYC) initiatives, and e-trading, and in January 2018, it introduced an API portal for financial product information, exchange rates and more.
Since Thailand embarked on its digitalization journey, the country has experienced a shift towards a cashless economy, according to the Ministry of Foreign Affairs. Mobile and Internet banking transactions increased by 83% in 2016, with mobile and Internet banking accounting for 33% of total payment transaction volume, a sharp increase from only 8% in 2010.
Open banking market initiatives
Despite very little regulatory conversation about open banking in Thailand to date, banks are proactively launching developer portals with open banking APIs in tandem with the government’s push to encourage innovation.
Bangkok Bank was the first bank in Thailand to do, introducing in January 2017 its developer portal. Initially, the portal had just four APIs but it nevertheless paved the way for other banks in the country, including Siam Commercial Bank, Kasikorn Bank and Bank of Ayudhya (Krungsri), to develop similar platforms to encourage innovation.
In parallel, these banks are launching new products and services related to open banking and which leverage APIs. For example, Krungsri announced in July 2018 that it had developed a new application for mortgage loans as part of a broader suite of digital solutions. Designed for business partners, including property developers and property search portals, these solutions are meant to be offered with API access to mortgage applications.
Meanwhile, Siam Commercial Bank has opted for a more collaborative approach, teaming up with social media group Line Thailand in May 2018 to allow corporate users to research notifications of deposits, withdrawals and card spending. It also partnered with Mall Group in August 2018 to launch a number of new banking and financial services, with several of them leveraging the bank’s APIs.
As of Kasikorn Bank, the bank said in January 2020 that more than 50 partner companies had linked with its API system.
These efforts sit alongside the implementation of the Personal Data Protection Act (PDPA), a new legislation introduced in May 2019. PDPA, which will come into full effect on June 1, 2021, mandates that data controllers and processors who use personal data must receive consent from data owners and use it only for expressed purposes.
Based on experiences in the UK, the European Union (EU), and Australia, consumer data legislation is oftentimes the first step in open banking implementation. According to an analysis by tech and management consultancy Capco, these recent developments in Thailand suggest that an open banking framework could be just around the corner.
In Australia, the introduction of the Consumer Data Right (CDR) on July 1, 2020 saw the launch of the first phase of open banking. In the EU, the revised Payment Services Directive (PSD2) combined with the General Data Protection Regulation (GDPR) are forcing banks to both open up and protect their customers’ data.