Communications with relevant persons (7) Division 7 Cross-border communication (8) Division 8 Companies shall test and assess the BCP (Training, Exercising and Auditing) (9) Division 9 Examples of emergency
); (5) review procedures and processes in the management of information security incidents, after the testing under (4) is carried out, at least once a year; (6) evaluate the results of the testing under
complied with the Notification No. Tor Thor. 35/2556 and the Notification No. Sor Thor. 37/2559 . In case of adopting a different approach from the Guidelines, the intermediaries are required to prove that
during the period of providing services: (1) compile and assess the information of the service-receiving client for the following purposes: (a) to know the client; (b) to categorize the client; (c) to
following actions during the period of providing services: (1) compile and assess the information of the service-receiving client for the following purposes: (a) to know the client; (b) to categorize the
of the group of companies that identifies the shareholding proportions and the voting rights (if different from the shareholding proportions). In case of a subsidiary formed by a joint venture
different situations. (4) compliance system: (a) arrange to have compliance officer and compliance unit to support and inspect investment management and related work to be in accordance with laws, code of
well as specify the investment ratios and conditions for the fund to comply. Clause 12. The management company shall regularly evaluate the performance of the respective funds and disclose the
) to categorize the service user; (c) to assess suitability for providing services to the service user; (d) to consider the ability of the service user to comply with the agreement for service provision
institution’s clients. However, the securities company must, in case of cross-border omnibus accounts, assess the adequacy and effectiveness of the financial institutions’ KYC/CDD measures and controls prior to