Timely and Effective Supervision of Emerging Risks
Strengthen the supervision of significant and emerging risks, including those posed by the systemically important service providers in the new financial landscape. The timely and effective supervision would alleviate negative impacts and help avert widespread disruption to the economic and financial system, depositors, and consumers.
- What we wish to see: A flexible supervisory regime with no significant regulatory burdens on financial service providers. Supervision framework is adequately flexible for service providers to adapt and utilize new technology and digital infrastructure to enhance financial services.
- What we do not wish to see: Ineffective and obsolete supervision that fails to account for significant, emerging risks as well as risks posed by systemically important service providers in the new financial landscape. This could lead to severe disruptions and adverse impact on the economic and financial stability, depositors, and consumers.
Discourage the Adoption of Digital Assets as a Means of Payment
The BOT discourages the adoption of digital assets as a means of payment (MOP) for goods and services. A wide-scale replacement of the Thai baht by digital assets would create a new unit of account and adversely affect the public and the economy in several aspects namely:
- cost and security of both payers and receivers, since digital assets are subject to high price volatility and the lack of security standards makes them well suited for facilitating money laundering;
- payment systems stability, since digital assets can cause fragmentation and redundancy within the payment systems weakening their efficiency and increasing transaction costs; and
- financial stability and management of domestic financial conditions: the absence of an organization with the ability to inject liquidity in the form of digital currency during crisis, for instance, can compromise the financial stability.
This cautionary stance and policies towards digital assets are shared among regulators in several jurisdictions such as the US, Europe, South Korea, Singapore, and Malaysia.
- El Salvador: Accepts Bitcoin as legal tender (Sep 2021).
- US: Proposes a regulation to limit stablecoin issuers to only financial depository institutions; other key related businesses such as a stablecoin wallet provider that supports payments of goods and services would be regulated.
- EU: Proposes Regulation on Markets in Crypto-assets (MiCA) to regulate different cryptoassets including stablecoin and related service providers, which aims to be issued in 2024 (2020).
- UK: Conducts hearings on supervising stablecoin as a means of payment (2021).
- Singapore: Regulates cryptoassets that function similar to e-money using the current payment system regulation; bans any advertisement or influencer marketing related to buying and selling cryptoassets (Jan 2022).
- Hong Kong: Considers issuing a stablecoin regulation framework and monitor views of other countries.
- Malaysia: Views cryptoassets as a poor medium of exchange (Dec 2022).
- Thailand: Discourages the use of DA as means of payment due to associated risks to the public.
- India: Proposes a regulation to ban cryptoassets as means of payment.
- Indonesia: Bans the use of cryptoassets as means of payment (2018). The National Ulema Council bans using cryptoassets as currency (2021).
- China Bans financial institutions/payment service providers from providing crypto-related services e.g. trading clearing settlement (Sep 2021).
Nonetheless, for certain digital asset-related services and systems that can enhance the payment systems and financial innovation, the BOT would seek to provide suitable supervision to protect consumers and address risks to the financial and payment systems stability. Examples of the services under BOT’s consideration include the issuance of Thai baht-backed stablecoins. The oversight would consider the nature of services provided and their associated risks in the following dimensions:
- scope of businesses;
- stability mechanisms; and
- maintenance of IT system security and data privacy.
Uses of Digital Assets in Financial Institutions or Associated Business Groups
Financial institutions or associated business groups who seek to adopt decentralized computing technology (e.g. blockchain) that requires the holding of digital assets to increase efficiency in financial services or banking affiliates looking to conduct business related to digital assets can consult with the BOT on a case-by-case basis. Considerations will be based on the overall benefits, operational guidelines and risk management practices including proper protection of depositors and consumers. It must be noted that the applications or business models related to digital assets must not support their use as means of payment (MOP) for goods and services.
Recently, there has been strong interest by the financial institutions and associated business groups in Thailand to adopt new technologies and innovation for better financial services, including businesses related to digital assets.1 In other countries, financial institutions have limited investment in digital asset related businesses of which most are involved in digital asset custody business. Regulators in many countries are still considering licensing and regulatory guidelines for digital asset investment and related businesses.
Investment in digital assets and related businesses by financial institutions in other countries
| Financial Institutions | Headquarters | Total Asset (Million THB) | Total Capital (Million THB) | Investment in digital asset related businesses | |
|---|---|---|---|---|---|
| Million THB | Share of total capital (%) | ||||
| Standard Chartered | London, United Kingdom | 26,194,800 | 1,893,994 | 12,616 | 0.67% |
| BNY Mellon | New York, USA | 15,604,000 | 893,346 | 10,657 | 1.19% |
| Citibank | New York, USA | 75,032,000 | 772,863 | 9,263 | 1.20% |
| UBS | Zurich, Switzerland | 37,383,200 | 2,032,703 | 8,831 | 0.43% |
| BNP Paribas | Paris, France | 102,289,200 | 4,282,285 | 7,835 | 0.18% |
| Morgan Stanley | New York, USA | 37,051,200 | 3,227,472 | 7,769 | 0.24% |
| JPMorgan Chase & Co. | New York, USA | 112,415,200 | 8,539,970 | 6,839 | 0.08% |
| Goldman Sachs | New York, USA | 38,611,600 | 3,519,499 | 6,773 | 0.19% |
| Barclays | London, United Kingdom | 61,154,400 | 3,050,113 | 6,507 | 0.21% |
| MUFG | Tokyo, Japan | 113,145,600 | 5,551,438 | 6,142 | 0.11% |
| ING | Amsterdam, Netherlands | 38,080,400 | 2,315,022 | 5,644 | 0.24% |
| BBVA | Bilbao, Spain | 26,427,200 | 2,187,415 | 5,544 | 0.25% |
| Nomura | Tokyo, Japan | 14,342,400 | 858,742 | 4,847 | 0.56% |
Source: Blockdata and BOT’s Calculation | |||||
| Average | 7,636 | 0.43% | |||
Supervise the Financial Business Groups of Commercial Banks
Appropriate supervision of commercial banks’ financial business groups, especially those undergone organizational restructuring as part of the effort to leverage new technologies and digital infrastructure. These include FinTech or e-commerce platforms that are connected to financial services.
Enhance Governance and Risk Management
Enhanced supervision of corporate governance and risks of financial business groups, using risk-based approach and considering their significance to the respective commercial banks and their financial business group. Specifically, attention would be paid to roles of boards of directors of holding companies that are also parent companies with regards to risks oversight and prevention of any conflict of interest. Another area of focus is supervision of evolving IT/cyber risks undertaken by firms within the financial business groups which seek to capture opportunities presented by new technology and digital channels. The IT/cyber risk supervision framework for NBFIs would correspond with their risk profile and would be under the same standard that financial institutions comply to.
Supervise the Financial Business Groups
Supervise transactions within financial business groups as well as between commercial banks and their respective business groups. The oversight will monitor, for instance, funding or loan provision by commercial banks; shared distribution channels such as branches, digital and other sales channels; shared system; and customer data utilization to prevent the transmission of risks between the two entities. The goals are to address threats to the stability of both the business groups and deposit-taking commercial banks, as well as to prevent conflict of interest or unfair treatment of consumers.
Collaborate with Relevant Supervisory Authorities
Collaborate with relevant supervisory authorities to (i) to develop framework for supervising and monitoring new dimensions of risks associated with financial business groups, which have implications on the financial system stability; and (ii) to outline appropriate consumer protection framework.
Enhance Supervision of Systemically Important NBFIs
Extend the regulatory purview to include non-bank FIs (NBFIs) and their business groups that provide a wide range of financial services and are systemically important. This is intended to mitigate transmission of risks and prevent abuse of market power that could lead to significant adverse impact on the financial system and consumers at large.
Assess Risks to Regulate NBFIs
Assess risk and systemic importance of NBFIs and their business groups offering diverse financial services. The evaluation will consider:
- their sizes;
- interconnectedness and potential risk spillovers to other sectors in the financial system, for example, through large scale bond issuance that can pose risks to the public;
- the significance of the service providers, both in terms of the degree of substitutability and their potential abuse of market power. For instance, a major creditor in a certain segment or a platform provider with many active users may be regarded as important players; and
- complexity of potential threats such as those associated with business groups with complicated structure or high volume of complex transactions.
Supervise NBFIs and Their Business Group Offering Diverse Financial Services
More vigilant supervision of systemically important NBFIs, with particular focus on the prudence dimension. These include corporate governance, risk management, maintenance of capital buffer, and preventative measures and contingency plans for stress period designed to mitigate adverse impacts on the financial system and consumers. Consolidated supervision of systematically important NBFIs’ business groups with diverse financial services would also be considered to (i) ensure prudence and limit risk transmissions within group that could potentially undermine stability of the overall business group or significantly important NBFIs within group as well as to (ii) prevent the abuse of market power, conflict of interest, and unfair treatment of consumers. The consolidated approach is consistent with those adopted or under considerations of supervisory agencies in China, the US, and Europe.
Supervise Retail Lending Service Providers
Apply activity-based supervision of major retail lenders in terms of consumer protection and macroprudential policy associated with household debt. A supervision guideline for the currently unregulated non-bank retail lenders with high volume of transactions and rapid growth will be issued such as hire-purchase and leasing companies, so they will be under the same supervisory framework as that of commercial banks and regulated non-bank retail lenders.
Set Supervisory Standards of IT/cyber risks
Apply the same supervisory standard of IT/cyber risks as that of financial institutions to NBFIs without incurring unnecessary burden and building human capital on IT/cyber.
Apply Risk-Based Approach for IT Supervision
Regulate NBFIs under the supervision of the BOT with a standardized framework for IT/cyber risk supervision and appropriate risk management that suits their risk profiles. The supervision aims to elevate NBFIs’ preparation for increasing IT/cyber risks and limit spillovers to other sectors. At the same time, excessive regulatory burden and costs for the NBFIs would be avoided by (i) allowing them to demonstrate or prove their ability to manage IT/cyber risks through self-assessment exercises and (ii) collaboration with other regulatory authorities to lessen compliance cost and burdens of complying to multiple IT/cyber regulations, for instance, accepting single report submission instead of requesting multiple submissions to each regulatory agency.
Build IT/Cyber Talents
Facilitate IT/cyber capacity building by building human capital on IT/cyber will be leveraged on close collaboration among key financial agencies, e.g. Thailand Banking Sector CERT (TB-CERT), to raise IT/cyber risk awareness among boards and high-level executives of financial institutions. Moreover, the BOT will cooperate with other national agencies such as National Cyber Security Agency (NCSA) to further strengthen IT/cyber expertise and develop a talent pool for the financial sector.
- Thailand ranked 12th out of 154 countries with the most transactions, investments, and spending via cryptocurrency (Source: 2021 Global Crypto Adoption Index)↩