Online fraud prevention becomes the new standard for banks in Thailand

By Ouracha Pongwattana, Country Director, Thailand, BPC

Payment authorisation has become one of the most closely scrutinised stages in Thailand’s banking system. Scams depend on moving funds within seconds—often across multiple accounts and channels—leaving little chance of recovery once transactions settle. As a result, fraud control effectiveness is now judged by what happens during payment processing rather than by investigations after the fact.

This shift is reshaping payment system design. Controls that sit outside transaction flows struggle to intervene quickly, especially when activity spans mobile banking, account-to-account transfers, cards, and agent networks. Disconnected oversight also makes it harder to detect behavioural patterns early, even when individual transactions appear legitimate.

The scale of the challenge is clear. Thai authorities report roughly 700 online fraud and scam cases daily, with losses concentrated in high-value incidents where funds move rapidly through multiple accounts. Banks have already suspended nearly 1.75 million mule accounts used to channel illicit proceeds—many short-lived and designed to blend into routine activity.

Advertisement

Regulation has evolved accordingly. Under the Bank of Thailand’s digital fraud management framework, institutions must apply fraud controls during payment execution, not just after transactions are completed. The emphasis is on identifying suspicious behaviour as it flows through systems and intervening early enough to disrupt fraudulent transfers. This approach is reinforced by close cooperation with law enforcement to dismantle scam networks and trace how funds move through accounts and intermediaries.

Thailand’s payments ecosystem adds complexity. Transactions move across multiple rails that converge within bank operations, often appearing separate to customers. Without a unified view, alerts may lack broader context. As transaction volumes grow and settlement speeds increase, regulators are focusing on whether banks can maintain cross-channel visibility and apply controls consistently in real time.

Meeting these expectations requires infrastructure capable of continuous monitoring without slowing payments. Fraud prevention must scale with high transaction volumes, remain resilient, and operate without manual intervention. This places new demands on the engineering and governance of payment platforms.

Advertisement

Regional cooperation is accelerating change. The Bank of Thailand has worked with counterparts such as Bank Negara Malaysia to share lessons on scam prevention and supervisory practices. In Malaysia, Co-opbank Pertama has strengthened behaviour-based controls, including monitoring transaction velocity and anomalies across retail and corporate channels. The goal is to embed fraud management directly into routine payment processing rather than add standalone tools.

Explainability has also become central to regulatory assessment. Banks must demonstrate how decisions are made, particularly in authorised scams where customers initiate payments under deception. Real-time behavioural monitoring, consistent controls, and clear accountability are now essential.

Fraud oversight in Thailand is increasingly embedded in everyday payment operations. Banks that integrate controls into transaction execution will be best placed to meet evolving regulatory expectations as scrutiny continues to focus on real-time effectiveness.