Essentially,
the amendments would postpone the deadline for the licensed companies
subscribing to the National Digital ID (NDID) platform to comply with the e-KYC
Guidelines to 1 January 2021, one year from the effective date of the
Guidelines, to allow the subscribers appropriate time to develop
NDID-compatible systems, as required.
The
amendments would also streamline the ID card dip chip requirement in the
identification and verification process for the onboarding clients who already
have relationship managers elsewhere outside the premise or the clients who
have a life-time ID card without the chip, in which case licensed companies
would be allowed to adopt reasonable risk-based measures instead of ID card dip
chip. In addition, the licensed companies offering occasional transaction
service for share subscription, for example, would be allowed to use a suitable
method for account opening if they could prove that adequate safeguards against
impersonation risk have been in place under the relevant regulation*.
The
SEC is also proposing to stipulate a minimum Authentication Assurance Level
(AAL) for clients’ online transactions via the company’s system based
on associated risks. For example, high-risk transactions related to clients’
assets would be subject to AAL2.1** while other transactions would be subject
to AAL1**.
The
consultation paper is available at www.sec.or.th/hearing. Stakeholders and
interested parties are welcome to submit comments and recommendations via the
website, or email: insec@sec.or.th. The public
hearing ends on 15 November 2019.
--------------------------------------
* Notification of the Capital Market
Supervisory Board No. Tor Thor. 35/2556 Re: Standard Conduct of Business,
Management Arrangement, Operating Systems, and Providing Services to Clients of
Securities Companies and Derivatives Intermediaries dated 6 September 2013.
** According to the Electronic Transactions
Development Agency (ETDA)’s recommendation on Digital Identity Guideline for
Thailand – Authentication.