BioCatch Blog Channel

Browse Topics

How Thailand’s Royal Decree is changing financial fraud accountability

Written by:

Jason Richards (Guest Blog)

How Thailand’s Royal Decree is changing financial fraud accountability featured image

As digital banking continues to evolve at a rapid pace, convenience and speed have become the standard. But behind this seamless user experience lies a growing and often underestimated threat: user impersonation and advanced financial fraud. Nowhere is this more relevant than in Thailand, where the digital economy is expanding and local citizens are increasingly being targeted. 

While traditional scams like phishing emails and stolen login credentials remain prevalent, the tactics employed by fraudsters have become significantly more sophisticated. Organized criminal networks, often operating from call centers in Special Economic Zones (SEZs) along Thailand’s borders—particularly in Cambodia, Laos, and Myanmar—have evolved into highly coordinated fraud hubs. These groups now leverage advanced technologies to impersonate users, either by remotely accessing accounts without the victim’s knowledge or by manipulating victims directly over the phone, guiding them step-by-step through the process of transferring funds. Regardless of the method, the threat is serious—and the Kingdom of Thailand is actively taking steps to address it.

The evolution of digital banking—and fraud 

Gone are the days of walking into your neighborhood bank, greeting the teller with a warm “Sawadee Ka,” and handling your transactions in person. Modern banking has shifted entirely to digital platforms, making it possible to access and manage funds from anywhere in the world. While this level of convenience is undoubtedly beneficial, it has also opened the floodgates to impersonation fraud.

During my tenure as a Special Agent with the Federal Bureau of Investigation (FBI), I spent three years working on international money laundering investigations based in Thailand. When I arrived in July 2021, the typical case involved stolen funds from Western victims being laundered through Southeast Asia. A perfect example of this was Operation Shell Game which targeted elderly victims from the United States. At that time, fraudsters largely focused on western victims. But by the end of my posting, the landscape had changed dramatically. Thai citizens were no longer just being trafficked to scam compounds; they had also become direct victims of fraud.

The threat of user impersonation

One of the most dangerous and increasingly common tactics employed by scam syndicates is user impersonation. In the past, criminals relied on stealing usernames and passwords. Today, they utilize remote access tools, social engineering tactics, and even deepfake voice and video technology to impersonate account holders in real time.

These impersonators can initiate high-value transfers, bypass traditional fraud detection systems, and complete transactions without triggering alerts. Previously, red flags could be spotted through a customer’s behavior during in-person or phone interactions with banking staff. But with the shift to fully digital banking, that layer of protection is gone.

Thailand’s evolving response

Thailand initially faced a humanitarian crisis related to these scam compounds, as hundreds of Thai nationals were trafficked and held in forced labor situations. Law enforcement agencies such as the Royal Thai Police (RTP) focused heavily on these rescue operations, committing substantial resources to counter human trafficking.

However, as scam operations turned their attention to defrauding Thai citizens as well, the threat profile shifted. In response, Thai authorities have launched a multi-pronged effort to combat online financial fraud.

In 2023, the Thai government established the Anti-Online Scam Operation Center (AOC)—a 24/7 platform designed to intercept fraudulent transactions before funds can be moved out of the victim’s account. This system facilitates real-time collaboration between financial institutions and law enforcement, functioning as a rapid-response "kill chain" to freeze illicit transfers. However, its effectiveness depends heavily on victims reporting fraud quickly—law enforcement typically has a 72-hour window to act.

New regulatory pressure on banks

In April 2025, Thailand made a bold regulatory move by passing the Royal Decree on Measures for the Prevention and Suppression of Technology Crimes (No. 2) B.E. 2568 (2025). Supported by the Bank of Thailand (BOT), this legislation holds financial institutions accountable for failing to prevent fraud—even in cases where the victim seemingly authorized the transaction under false pretenses. Thailand is among a select group of countries taking a bold stance by shifting some liability onto financial institutions that fail to meet national regulatory standards. This approach places greater responsibility on banks to implement effective fraud prevention measures, reinforcing consumer protection in the face of increasingly sophisticated scams.

Under the new decree, banks are expected to adopt more proactive fraud prevention measures. While specifics are still emerging, one clear direction is the use of advanced behavioral analytics. Technologies now exist that allow banks to monitor user activity in real-time, flagging unusual behaviors such as hesitation during navigation, atypical transaction patterns, or unfamiliar devices and locations. Essentially, the goal is to recreate the same instinctual red flag detection that once came from face-to-face interactions.

Targeting the next threat: Crypto

Thailand has also moved decisively to address the emerging role of cryptocurrency platforms in money laundering schemes. In April 2025, amendments were passed to both the Digital Asset Business Law and the Cybercrime Law, targeting crypto-related mule accounts. These reforms impose steep penalties—including fines up to 300,000 baht (~$9,000) and prison terms of up to three years—for involvement in scam-linked crypto activities.

These efforts reflect Thailand’s proactive stance in not only addressing current threats but also anticipating the next frontier of financial crime.

The technology advantage

The future of fraud prevention lies in technology. With the integration of advanced data analytics, continuous monitoring, and biometric behavior detection, banks now have the tools to: 

  • Monitor customer behavior in real-time
  • Flag and halt suspicious transactions before they’re completed
  • Share intelligence across institutions through centralized fraud registries
  • Detect early signs of mule activity—from the very first login 


What was once a reactive industry—dealing with fraud only after it occurred—has become increasingly preventative. While no system is infallible, the deployment of smart technologies offers a powerful advantage in the fight against digital financial crime.

Final thoughts

Innovation is a double-edged sword. As banking technology advances, so too do the methods employed by fraudsters. But by embracing these same technologies—combined with regulatory foresight and law enforcement collaboration—Thailand is setting a strong example for how to navigate this digital battlefield.

For individuals and institutions alike, the message is clear: vigilance must evolve alongside convenience. Digital banking offers tremendous benefits, but those benefits come with new responsibilities. Whether you're a consumer, banker, or policymaker, it’s time to take a hard look at the systems we trust with our money—and the hidden threats that may lie beneath.

Recent Posts

LATAM suffers surge in stolen-device fraud Fraud
May 12, 2025 LATAM suffers surge in stolen-device fraud
Read article
National Elder Fraud Coordination Center comes alive Social engineering scams
May 09, 2025 National Elder Fraud Coordination Center comes alive
Read article
Are rising fraud numbers in India a warning sign — or a sign of growing awareness? Account takeover
May 08, 2025 Are rising fraud numbers in India a warning sign — or a sign of growing awareness?
Read article