Skip to content Skip to sidebar Skip to footer


Thailand’s Securities and Exchange Commission (SEC) is working to better protect cryptocurrency investors by introducing new rules for crypto custody services.

On January 17, the Thai SEC Posted regulations requiring Virtual Asset Service Providers (VASPs) to implement a digital wallet management system to ensure effective safekeeping. The new rules target crypto custodians or VASPs that provide crypto storage services.

The regulations include three major requirements, including providing policy and guidelines to oversee the risk management of digital wallets and private keys. The rules require VASPs to communicate with regulators regarding these policies and provide action plans to ensure compliance.

Additionally, the SEC required crypto custodians to provide policies and procedures for the design, development, and management of digital wallets and keys. The authority will also require crypto custodians to establish a contingency plan in case of unforeseen events that may affect the wallet management system.

“This includes developing and testing procedures for action, designating responsible persons, and reporting the event,” the SEC said, adding:

“A system security audit is also required as well as a digital forensic investigation in the event of an event affecting the security of systems related to the custody of digital assets, which could have significant impacts on customer assets. .”

According to the announcement, the new regulations came into effect from January 16, 2023. Crypto custodians are required to fully comply within six months from the effective date.

Related: Binance will let institutions store crypto with cool guard

Latest Thai SEC crypto regulations align with authority’s plans to adopt stricter crypto regulations following industry failures like the collapse of FTX. In early January, the authority reportedly launched a new investigation against local crypto exchange Zipmex, alleging that the company provided digital asset fund management services without permission.