[co-author: Thawalkorn Pattanachote]
In response to the significant worldwide issue of corruption, Thailand has implemented a comprehensive legal framework designed to promote transparency and accountability across both the public and private sectors.
Two of the country’s most significant anti-corruption laws are Penal Code B.E. 2499 (1956) and Organic Act on Counter-Corruption B.E. 2561 (2018), which both criminalize public corruption or bribery of a public official.
Although corruption and bribery among the private sectors are not criminalized under Thai law, private individuals could still be liable for offering a bribe or acting as intermediaries in soliciting bribes.
It is important for organizations operating in Thailand to be aware of regulators’ expectations. This article discusses how Thai regulatory investigation procedures work and provides eight considerations for businesses navigating the process.
Regulatory investigation landscape
In Thailand, allegations of corruption and bribery are primarily handled and investigated by the National Anti-Corruption Commission (NACC) and the Public Sector Anti-Corruption Commission (PACC).
The PACC and NACC's investigation procedure
The PACC and NACC have the authority to investigate bribery-related actions involving government officials. While the PACC focuses on lower to mid-level officials, the NACC is responsible for investigating high-ranking officials, such as political office holders, judges of the Constitutional Court, and officials of independent organizations.
Additionally, the NACC can investigate lower and mid-level government officials if they are involved in corruption cases alongside higher-ranking officials or if the case is referred by the PACC. The NACC also has the authority to investigate cases that involve matters of public interest.
In the event that the PACC or the NACC receives a complaint or report, the commission will first assess whether the complaint has merit and falls within its jurisdiction before commencing investigation procedures.
If the case is accepted, the PACC or the NACC will conduct a fact-finding process and gather evidence in relation to the allegations. Individuals or companies involved in the allegations (the accused) are expected to receive letters requesting their cooperation, including submitting documents or attending a meeting to explain the facts giving rise to the allegations, and/or requesting an appointment with the accused to provide a statement. Importantly, the accused has the right to be accompanied by a lawyer or a trusted person at the meeting with the commission officers.
Notably, the accused can seek an extension of time to submit requested information or documentary evidence from both the PACC and the NACC, and extension requests are generally granted when necessary.
In cases where it is necessary to verify information with relevant authorities abroad (eg, the US Securities and Exchange Commission or the US Department of Justice), the NACC could request cooperation from international agencies or individuals to obtain relevant evidence.
Upon completing a fact-finding inquiry and assessing the evidence, the PACC or the NACC will determine whether to drop the case or pursue a criminal investigation against the accused.
Considerations for Thai regulatory investigations
The regulatory landscape is becoming increasingly complex, often posing significant challenges for businesses. Deep legal guidance is often crucial to navigate regulatory changes or determine the most appropriate response to emerging issues. Below are eight approaches companies can consider when facing Thai regulatory investigations:
1. First, respond to any request promptly and appropriately at the start of the investigation in order to understand what is being investigated and why. Notably, businesses are entitled to ask questions, ask for more time, push back as appropriate, and seek legal support.
2. Respond to the regulator in a transparent, proactive, and collaborative manner at all times.
3. Maintain open and regular communication with the regulator throughout the investigation process, ensuring they are kept informed of any issues or changes.
4. As a precaution, businesses are encouraged to have an emergency response plan in place, with a designated point of contact to coordinate the response to the regulator.
5. Manage the narrative of the information presented to the regulator. For instance, if the regulator intends to interview employees from your organization, consider inquiring about the nature of the interview and whether it would be appropriate to prepare a draft witness statement. Depending on the circumstances, the regulator may permit companies to draft and submit statements on behalf of employees. If not, consider preparing draft responses for employees to review beforehand or have on-hand during the interview (if permitted).
6. Preserving evidence is crucial, so it is encouraged to record all data that may be relevant. For example, businesses facing investigation will likely be required to demonstrate where a particular document came from or the date and time of an e-mail from a particular individual’s computer.
7. The regulators often share a range of common powers, including the authority to enter premises or to conduct “dawn raids.” This can be done with or without a warrant or prior notice, and could involve the use of reasonable force if deemed necessary. As previously mentioned, it is advisable to cooperate with the regulator and accommodate their requests where possible. By avoiding an obstructive stance and instead offering assistance – such as providing a general overview of how the organization operates – an organization may gain valuable time to alert relevant personnel and, if needed, arrange for their support. This approach also helps set a constructive tone for the remainder of the investigation and may prove beneficial at a later date, as the regulators could be more inclined to keep the company informed about the direction of their inquiries from the investigation as a result.
8. Proactively safeguard the organization against regulatory breaches by delivering appropriate training, regularly testing the effectiveness of systems and controls, and applying lessons learned from any shortcomings.
[View source.]
