Thailand’s Cabinet has approved major amendments to tighten regulations on digital asset crimes.
The changes, which specifically target mule accounts and foreign crypto platforms used for money laundering, will take effect once they are published in the Government Gazette. The government announced the updates on April 8, which seek to modify the Digital Asset Business Act (2018) and the Cybercrime Law (2023).
Additionally, anyone using or allowing others to use their crypto accounts for cybercrime now faces harsh penalties. Violators could face up to three years in prison or a fine of up to 300,000 Baht (roughly $8,700).
Under the new laws, Thai regulators are empowered to swiftly block suspicious websites and apps, particularly those operated by foreign cryptocurrency exchanges targeting Thai investors.
In addition to these measures, digital asset firms must take on new responsibilities. These include rigorous user screening, swiftly suspending suspicious transactions, and assisting victims in recovering stolen funds.
Once implemented, the system will prevent these flagged accounts from initiating future transactions.
As part of this new approach, Thailand will introduce a national blacklist of wallets linked to cybercrime.
The Thai Securities and Exchange Commission (SEC) emphasized that these changes close existing loopholes and enhance cooperation between regulators, the Thai Digital Asset Operators Trade Association (TDO), and private firms to address online financial fraud.
The regulation extends accountability beyond crypto firms asbanks, telecommunications companies, and social media platforms will all share liability for damages caused by cybercrime if they fail to meet the new standards.
While embracing these pro-crypto policies, the country is simultaneously tightening measures to prevent illegal cryptocurrency activities.
Thailand strengthened its position among leading crypto-friendly nations by approving USDT for trading and payments on licensed exchanges, which came into effect on March 16, 2025.
According to investigators, the suspects targeted 17 Swiss companies between April 2023 and October 2024.
Authorities believe the suspects are part of 8Base, a group known for using Phobos ransomware to target smaller businesses with poor cybersecurity, demanding cryptocurrency in return. The successful arrests were part of a larger 14-country operation that took down 27 servers tied to this criminal network.
In February, four Russian nationals were arrested in Phuket for their involvement in a series of crypto ransomware attacks.
The suspect, along with her accomplice Zhou Zongyon, 29, are linked to scams that allegedly defrauded victims of over 600 million baht ($17.7 million). Zhou, a fugitive wanted for kidnapping in Cambodia, is also suspected of facilitating the money transfers for the scam operation, according to further reports by local media.
Police arrested Wu Di, 27, during a raid at a luxury villa in Pattaya.
Europol confirmed the arrests, linking the suspects to data encryption and Bitcoin ransom demands that affected 1,000 victims and stole $16 million.
The Thai Securities and Exchange Commission (SEC) filed a lawsuit against OKX for operating unlawfully since October 2021, for example. The financial watchdog claims OKX, operated by Aux Cayes Fintech Co. Ltd., conducted transactions and promoted its platform without a license.
In line with its broader strategy, Thailand has intensified its crackdown on unregistered cryptocurrency exchanges operating outside the existing compliance framework.
This move follows a coordinated effort to strengthen oversight over digital asset platforms operating in Thailand, following previous actions against exchanges like Binance and Bybit.
If convicted, OKX as a company faces fines and ongoing daily penalties, while its executives could even receive prison sentences.
According to the Thai SEC, OKX failed to implement proper KYC and AML procedures.