The Thai government has approved a series of legal amendments aimed at strengthening the country’s ability to combat cybercrime and misuse of digital assets, particularly the growing problem of “mule accounts” linked to online scams and money laundering.

At a cabinet meeting held Tuesday, officials endorsed changes to two key legislative frameworks: the Emergency Decree on Digital Asset Businesses B.E. 2561 (2018) and the Emergency Decree on Measures for the Prevention and Suppression of Cybercrime B.E. 2566 (2023). The revised laws are expected to take effect following their publication in the Government Gazette.

According to the Securities and Exchange Commission (SEC) of Thailand, the amendments are designed to bolster safeguards around financial transactions and align digital asset regulation with enforcement standards used in the banking sector.

SEC Targets Digital Asset Mule Accounts

SEC Secretary-General Pornanong Budsaratragoon explained that since 2024, the commission has worked closely with the Thai Digital Asset Operators Trade Association (TDO) and registered crypto businesses to block accounts used by criminals to launder money and conduct fraud. In March 2025, the group rolled out an industry standard modeled after those used by banks to combat mule account activity.

Under the updated Digital Asset Business Law, crypto exchanges and wallet providers will be required to take a more proactive role in identifying and halting suspicious transactions. These firms must now share information with authorities, freeze or suspend accounts linked to cybercrime, and refund victims more quickly. A centralized blacklist of wallet addresses and individuals tied to illegal activity will also be introduced. Businesses found dealing with blacklisted accounts will be penalized.

The law also imposes shared liability on commercial banks, telecommunications companies, social media platforms, and crypto businesses. If they fail to meet regulatory standards for fraud prevention, they could be held jointly responsible for damages incurred by victims of cybercrime.

Individuals found guilty of opening or allowing others to use digital asset accounts for illegal purposes could face up to three years in prison, fines of up to 300,000 baht (approx. USD 8,200), or both. The same penalties apply to those paid to open accounts for others — a common tactic used by scam operations.

Crackdown on Foreign Crypto Platforms

The amended Cybercrime Law also enhances the Thai government’s ability to restrict the operations of foreign crypto platforms targeting local users. Regulators are now empowered to act more swiftly in blocking websites and mobile apps that offer crypto services without approval under Thai law.

The Ministry of Digital Economy and Society will be authorized to take immediate action against such platforms, especially those that advertise in Thai, offer local payment options, or operate Thai bank accounts — all of which are now defined as acts of solicitation under the updated legal framework.

These measures are intended to close regulatory loopholes exploited by foreign exchanges that operate outside the reach of Thai authorities but continue to serve local users. The SEC stated that the clearer definitions will make it easier to take legal action against unauthorized operators.

“The SEC will collaborate with the Ministry of Digital Economy and Society, the TDO, and licensed digital asset businesses to implement these new laws,” said Secretary-General Budsaratragoon. “Our goal is to prevent the misuse of digital assets for money laundering and to reduce the damage caused by cybercrime to the public.”