Thailand: Bank of Thailand closes consultation on draft Policy on Risk Management of the Use of Artificial Intelligence Systems including testing requirements

On 30 June 2025, the Bank of Thailand closes its consultation on the draft Policy on Risk Management of the Use of Artificial Intelligence Systems, which had opened on 12 June 2025. The policy provides financial service providers with appropriate risk management guidelines, aligning with internationally accepted principles. Its objective is to establish a framework for managing Artificial Intelligence (AI)-related risks based on usage scenarios, supplementing existing guidelines. The policy applies to financial institutions under the Financial Institutions Business Act and Payment service providers under the Payment Systems Act. It addresses model development risks, such as unexplainable AI decisions, inaccurate, biased, or false outputs, and non-compliance with fair customer treatment principles. The policy mandates model risk controls, requiring financial service providers to define performance metrics (accuracy, reliability). Financial service providers must also test models using data that was not part of the training, and they must check against edge cases and verify effective feedback loops. For Generative AI, it requires mitigation of hallucinations, such as through retrieval-augmented generation. It also requires ensuring explainability by documenting parameters and showing reasoning or references.