Here’s the article in markdown format:

Bank of Thailand Regulation: Commercial Banks’ IT-Related Services Business

The Bank of Thailand (BOT) has issued a notification to regulate commercial banks’ IT-related services business. The following are key points from the notification, outlining various requirements and guidelines for compliance with relevant laws and regulations.

Requirements for Commercial Banks

Retaining Information

• Commercial banks must retain information related to their IT-related services business to make it available to the Bank of Thailand’s financial institution examiner upon request.

Setting Investment Ratio and Revenue Ratio

• Commercial banks must set a ratio of investment in IT-related services and a ratio of revenue from these services, in line with their business undertaking policy and risk tolerance.

Compliance with Related Laws

• Commercial banks must comply with relevant laws and regulations, including the Bank of Thailand’s notification on:
  • Market conduct
  • Personal data protection
  • Testing and developing innovation using new technologies (Regulatory Sandbox)

Requesting Waivers for Noncompliance

• If a commercial bank is unable to comply with the regulations stipulated in this notification, it must submit a letter to the Bank of Thailand to request a waiver on a case-by-case basis.

Consequences of Non-Compliance

• The Bank of Thailand may impose additional conditions for business operations or order of rectification if it finds that a commercial bank is violating or incompliant with the regulations.
• In extreme cases, the Bank of Thailand may defer or terminate IT-related services business partially or wholly.

Purpose and Effectiveness of the Notification

The notification aims to ensure that commercial banks’ IT-related services business operations comply with relevant laws and regulations, maintain the security and prosperity of the people, and overall financial system.