Insight

Reference

Β·

Supporting source

Thailand PDPA compliance maturity, BPO vendor universe (2024)

~70% fully compliant

As of2024 PDPC, advisory benchmarksΒ·Sources3Β·Supporting

Thailand's Personal Data Protection Act (PDPA), in full force since June 2022, requires roughly 70% of BPO vendors operating Thailand-resident data to demonstrate full compliance maturity by 2024 per PDPC (Personal Data Protection Committee) enforcement updates and Big Four (Deloitte, EY, KPMG, PwC) advisory benchmarks. The remaining 30% sit at partial maturity (documented policies but gaps in data-subject-rights operations, breach-notification workflows, or DPIA cadence). PDPA aligns with GDPR's lawful-basis and data-subject-rights framework; for global BPO operators serving EU or UK clients, PDPA compliance is a near-automatic spillover from existing GDPR posture. Captive GBS centres are 95%+ mature; third-party vendors lag.

Download CSV ↓Compare plans β†’

Figure in context

Thailand's Personal Data Protection Act (PDPA), in full force since June 2022, requires roughly 70% of BPO vendors operating Thailand-resident data to demonstrate full compliance maturity by 2024 per PDPC (Personal Data Protection Committee) enforcement updates and Big Four (Deloitte, EY, KPMG, PwC) advisory benchmarks. The remaining 30% sit at partial maturity (documented policies but gaps in data-subject-rights operations, breach-notification workflows, or DPIA cadence). PDPA aligns with GDPR's lawful-basis and data-subject-rights framework; for global BPO operators serving EU or UK clients, PDPA compliance is a near-automatic spillover from existing GDPR posture. Captive GBS centres are 95%+ mature; third-party vendors lag.

Thailand's Personal Data Protection Act (PDPA), in full force since June 2022, requires roughly 70% of BPO vendors operating Thailand-resident data to demonstrate full compliance maturity by 2024 per PDPC (Personal Data Protection Committee) enforcement updates and Big Four (Deloitte, EY, KPMG, PwC) advisory benchmarks. The remaining 30% sit at partial maturity (documented policies but gaps in data-subject-rights operations, breach-notification workflows, or DPIA cadence). PDPA aligns with GDPR's lawful-basis and data-subject-rights framework; for global BPO operators serving EU or UK clients, PDPA compliance is a near-automatic spillover from existing GDPR posture. Captive GBS centres are 95%+ mature; third-party vendors lag.

Time scope

2024 PDPC, advisory benchmarks

Source basis

Supporting source

Interpretation notes

What this tells you

Thailand's Personal Data Protection Act (PDPA), in full force since June 2022, requires roughly 70% of BPO vendors operating Thailand-resident data to demonstrate full compliance maturity by 2024 per PDPC (Personal Data Protection Committee) enforcement updates and Big Four (Deloitte, EY, KPMG, PwC) advisory benchmarks. The remaining 30% sit at partial maturity (documented policies but gaps in data-subject-rights operations, breach-notification workflows, or DPIA cadence). PDPA aligns with GDPR's lawful-basis and data-subject-rights framework; for global BPO operators serving EU or UK clients, PDPA compliance is a near-automatic spillover from existing GDPR posture. Captive GBS centres are 95%+ mature; third-party vendors lag.

What not to do with it

Use the linked report for interpretation and keep basis differences explicit.

Related figures

Adjacent numbers that add context without drowning the value.

2020-2024
~USD 1.2B (2024)

Thailand BPO, shared services sector revenue (2020-2024)

Concentrix, BOI IBC registry, DBD

2024 benchmarks
~USD 16-22K Thailand

BPO fully-loaded cost per seat, Thailand vs Manila vs Bengaluru (2024)

Everest Group BPO Pricing-CAGR Index, IDC ASEAN BPO Benchmark, Frost & Sullivan APAC BPO

EPI 2024 edition
#106 of 116 (2024)

EF EPI English Proficiency Index, Thailand global rank

Education First, EF EPI Thailand factsheet

FY2024 captive segment
Top 5 ~58% captive

Thailand captive GBS share by anchor MNC (2024)

Microsoft, BOI IBC registry, FTI digital cluster

2020-2024 cumulative approvals
~510 cumulative

BOI IBC project approvals (2020-2024)

Thailand Board of Investment, Revenue Department, BOI IBC announcement filings

2024 industry benchmarks
~22% Thailand vs ~45% PH

BPO annual attrition, Thailand vs Philippines (2024)

Everest Group BPO Talent Pulse, IDC ASEAN BPO Workforce, Industry HR benchmarks

Report context

Thailand BPO & Shared Services Market Intelligence

Thailand's BPO, shared-services market sits at ~USD 1.2B (~THB 42B) in 2024, triangulated from global BPO parent disclosures, BOI IBC registry, and FTI digital cluster reporting. Service mix splits across contact center, customer experience (~38%, led by Concentrix, Teleperformance, TDCX, HGS, Foundever, AIS Contact Center, True Contact Center), IT BPO, application management (~26%, led by Accenture, Cognizant, TCS, Infosys, HCLTech, Wipro, Capgemini, IBM), finance, accounting shared services (~14%), HR, payroll BPO (~10%, ADP, BDO, Mercer, Ascentis), and industry-specific BPO covering insurance, banking, healthcare (~12%). Thailand positions as a regional BPO, Global Business Services hub β€” anchored by BOI IBC (International Business Centre) incentive activities 7.7-7.9 and EECd Digital Park promotion, with multilingual talent in Thai, English, Mandarin, Japanese, Korean as the structural advantage vs Philippines and India. Cost per CX seat sits roughly 1.8-2.2x Philippines but attrition is lower and Japanese, Mandarin language premium compresses the gap for regional captives. PDPA (Personal Data Protection Act) compliance, 72-hour breach reporting, and mandatory processor agreements have reshaped vendor governance since 2023 sub-regulation rollout.

Open report β†’

Atlas actors in this figure's reports

Profiles covered in the report that cite this number.

Accenture (Thailand)

Accenture's Thailand affiliate; management consulting, technology consulting, digital transformation; ~3,000 staff.

Advanced Info Service (AIS)

Thailand's largest mobile, fibre operator with adjacent data-centre, edge-compute assets; GULF-SingTel controlled post-2023 JV.

Bangkok Bank

Largest Thai commercial bank by assets β€” THB 4.5T FY2024, only Thai bank with an ASEAN regional consumer-banking franchise via Permata Bank Indonesia.

Kasikornbank

Top-4 commercial bank with the deepest retail, SME franchise β€” THB 4.3–4.4T FY2024 assets and the LINE BK digital-banking JV.

True Corporation

Post-2023 TRUE Γ— DTAC merger; ~50M mobile subs; FY2024 revenue ~THB 210B; CP Group, Telenor, China Mobile parents.

Thailand PDPA compliance maturity, BPO vendor universe (2024) Β· Insight