AML compliance in Thailand for foreign-owned SMEs | Risk-based AML guide by GENTLE LAW IBL
- gentlelawlawfirm
- Aug 22
- 3 min read
AML compliance in Thailand: a risk-based guide for foreign-owned SMEs
Purpose and scope Thailand’s anti-money laundering framework is anchored in the Anti-Money Laundering Act, B.E. 2542, as amended, supported by policies of the National Anti-Money Laundering Committee and supervision by the Anti-Money Laundering Office. Sector regulators such as the Bank of Thailand and the Securities and Exchange Commission issue implementing guidance for supervised entities. This article distills the essentials of AML compliance in Thailand for foreign-owned SMEs and their Thai subsidiaries.
Compliance note: This guide is informational. Your exact obligations can differ by sector and license. Always confirm the latest implementing notifications and regulator circulars for your business category.
Why AML compliance in Thailand matters
Non-compliance risks include administrative penalties, regulatory actions, and reputational damage. Thailand’s regime applies a risk-based approach aligned with FATF standards, which expects firms to identify, assess, and mitigate money-laundering and terrorism-financing risks proportionately to their business profile.
Who is in scope
Reporting entities include:• Financial institutions such as banks, securities firms, insurers, and asset managers.• Designated non-financial businesses and professions, which in Thailand cover categories such as real estate brokers and dealers in precious metals and stones. Lawyers and accounting professions are not generally mandated as reporting DNFBPs under current law. Confirm coverage for your exact activities.
Core risk-based obligations
Business-wide risk assessment Identify your ML/TF risks by customer type, products, channels, counterparties, volumes, and jurisdictions. Update the assessment when products or risk profiles change.
Policies, controls, and governance Adopt written AML policies approved by senior management. Establish clear roles, training, independent testing, and escalation lines to the money laundering reporting officer.
Customer due diligence Verify identity of individuals and legal entities, understand ownership and control, and determine purpose and nature of the relationship. Apply enhanced due diligence to higher-risk customers such as politically exposed persons, complex structures, and high-risk jurisdictions. Maintain ongoing monitoring for unusual activity.
Recordkeeping Maintain transaction and identification records for at least five years. Certain customer identification and CDD records are retained for ten years from account closure under the Act. Ensure records are readily available to regulators on request.
Reporting duties: STRs and CTRs
Suspicious transaction reports (STRs)If you know, suspect, or have reasonable grounds to suspect that funds relate to money laundering or terrorism financing, you must file a report to the Anti-Money Laundering Office without delay, following AMLO reporting procedures for your sector. Keep internal workflows to ensure prompt escalation and confidentiality.
Cash and threshold-based reports (CTRs)Thailand requires cash and certain large-value transactions to be reported to AMLO. Current thresholds referenced by international evaluations include cash transactions at or above THB 2,000,000, specified funds transfers at THB 100,000 or THB 700,000 depending on channel, and reports relating to immovable property transactions at THB 5,000,000. Validate thresholds and categories against the latest AMLO notifications before implementation.
Practical controls for SMEs
Integrate AML compliance in Thailand into onboarding: standardized KYC packs, beneficial-owner declarations, sanctions screening, and risk scoring.
Codify EDD triggers: PEP status, high-risk geographies, large or cash-intensive activity, complex layered transactions.
Assure data retention: archive identity and transaction data in tamper-evident repositories for the statutory 5- and 10-year periods noted above.
Escalation and reporting: documented STR decisioning, AMLO e-filing process, and regulator communications.
Common pitfalls and how to avoid them
Pitfall | How to avoid |
Treating all customers as the same risk | Use a formal risk-scoring matrix and calibrate EDD accordingly. |
Missing threshold reports | Map products to CTR categories; build automated alerts at THB 2,000,000 and other thresholds. |
Fragmented records | Centralize CDD and transaction data, enforce five-year and ten-year retention windows. |
Late or incomplete STR filing | Pre-approve an internal STR SOP with timelines, sign-offs, and secure evidence storage. |
A concise roadmap to AML compliance in Thailand
Map products, customers, channels, and countries.
Complete a business-wide risk assessment and board-approve your AML policy.
Implement KYC/CDD and EDD controls, including sanctions screening.
Configure monitoring and case-management for alerts, STRs, and CTRs.
Train staff and conduct independent testing.
Review at least annually or upon material change.
How GENTLE LAW IBL helps
Business-wide risk assessments tailored to your sector.
Thai-English AML policies, KYC packs, and EDD playbooks aligned with AMLA.
CTR and STR process design and AMLO liaison.
Recordkeeping architecture aligned with five- and ten-year duties.
Training and independent audits to evidence effectiveness.
Ready to operationalize AML compliance in Thailand with confidence? Book an AML program health check with GENTLE LAW IBL.
![Withholding Tax in Thailand: Practical Guide for Foreign-Owned SMEs [2025]](https://static.wixstatic.com/media/d1cb6c_c745eb1c966e493086313ee1a6909049~mv2.png/v1/fill/w_980,h_735,al_c,q_90,usm_0.66_1.00_0.01,enc_avif,quality_auto/d1cb6c_c745eb1c966e493086313ee1a6909049~mv2.png)
Comments