The Thai Securities and Exchange Commission (SEC) has opened a public consultation on proposed rule changes aimed at letting licensed digital asset businesses apply directly for derivatives licenses. The move would remove the current requirement to establish separate entities for derivatives activities and would extend the use of digital assets as eligible underlying assets for futures contracts. The proposed framework also introduces more stringent measures to manage conflicts of interest and bolster supervisory oversight. Public feedback is welcome through May 20, 2026, and will shape the final rule set.

According to the Thailand SEC, the revisions are designed to broaden access to the country’s derivatives market while safeguarding investors. By enabling existing license-holders to extend into derivatives within their current corporate structures, regulators hope to lower entry barriers for crypto firms seeking to offer hedging tools and other risk-management products. The changes also aim to elevate standards for derivatives exchanges and clearing houses in line with international practice, creating a more coherent and resilient market infrastructure.

Key takeaways

• Thailand proposes direct derivatives licensing for licensed crypto firms, eliminating the need for standalone entities.
• Digital assets would be recognized as eligible underlying assets for futures, expanding the scope of Thailand’s derivatives market.
• New rules emphasize conflict-of-interest controls and stronger regulatory oversight of exchanges and clearing houses.
• Public comment runs through May 20, 2026, with decisions likely to influence regional standards and market access.

Thailand’s plan to streamline crypto derivatives licensing

At the heart of the proposal is a practical shift in how crypto firms can participate in the derivatives segment. Instead of having to spin up a separate corporate vehicle solely to handle derivatives activities, licensed digital asset businesses could apply to offer derivatives services within their existing entities. The SEC frames this as a way to reduce bureaucratic friction while keeping activities under tighter regulatory scrutiny, rather than loosening controls.

The proposed regime would also codify the use of digital assets as underlying assets for futures contracts, a step that regulators argue will modernize the financial toolkit available to Thai investors. By broadening the instrument base, the SEC intends to improve hedging options for portfolios and provide more robust risk-management tools for both retail and institutional participants. Still, the draft rules introduce enhanced safeguards—such as stronger conflict-of-interest provisions and clearer delineation of responsibilities among exchanges, clearing houses, and market participants—to preserve market integrity as activity migrates into the derivatives space.

The Thai move aligns with a broader trend in Asia toward formalizing crypto derivatives under conventional financial-market standards. Regulators in several jurisdictions have pursued a balance between enabling sophisticated products and maintaining guardrails to mitigate systemic risk, particularly given the volatility inherent in digital assets. In Thailand’s case, the next milestone is the public consultation window, which will solicit input from market participants, lawyers, and other stakeholders before a final framework is published.

Global derivatives expansion: what the US could unlock

The Thai proposal arrives as the global derivatives landscape around crypto continues to evolve. In a parallel development, perpetual futures—positions that can be held around the clock—are gaining traction across major platforms as firms prepare for potential regulatory approvals in the United States. Blockchain.com, for example, recently launched perpetual futures trading within its self-custody wallet, enabling users to open leveraged BTC-denominated positions without transferring funds to an exchange. The feature, built on Hyperliquid’s execution layer, provides access to more than 190 markets with up to 40x leverage.

Other major exchanges have pursued similar offerings for non-US clients, expanding 24/7, multi-asset trading access. Kraken and Coinbase each introduced perpetual futures tied to equities for non-US users in earlier waves of product development. While these products remain largely inaccessible to U.S. residents for now, the regulatory outlook in Washington could shift the landscape. In March, comments from CFTC Chair Rostin Behn suggested the agency is actively considering crypto perpetual futures, indicating a potential move to enable such products within the coming months. If realized, the change could unlock a new cadre of venues and liquidity for U.S. traders seeking non-traditional hedges and speculative tools beyond spot markets.

The market has already seen strategic moves that hint at anticipated regulatory alignment. Payward, the parent company of Kraken, agreed to acquire Bitnomial, a U.S.-regulated derivatives venue, a deal framed as expanding access to regulated crypto derivatives for U.S. clients. The consolidation signals a broader industry push to anchor crypto derivatives in compliant, well-governed venues, which could appeal to institutional participants wary of regulatory risk and counterparty risk in less-regulated trading environments.

Taken together, the Thai consultation and the broader push in the United States underscore a shared objective: to mature crypto derivatives into reliable, capital-efficient tools for hedging, risk management, and yield generation. Regulators appear to be calibrating the balance between broad market access and robust oversight, with a clearer emphasis on standardized governance for exchanges and clearing environments worldwide.

Industry implications and what to watch next

For investors and builders, Thailand’s proposed changes could reduce the friction for legitimate crypto firms to offer derivative products within a familiar corporate structure, potentially accelerating the regional adoption of hedging strategies and complex financial products tied to digital assets. If implemented with rigorous oversight, the framework could also reassure institutional players seeking compliant venues and clear risk frameworks, contributing to a more resilient regional market.

From a global angle, the emergence of perpetual futures and regulatory-adjacent activity in major markets raises questions about the pace of U.S. approvals and the boundaries of permissible products. Regulators are balancing the desire to protect investors with the benefits of more transparent, regulated marketplaces that can deliver access to mainstream participants. As the U.S. debate advances, exchanges and liquidity providers will likely continue expanding offerings for non-U.S. customers while preparing for potential U.S. entry points.

Market participants will be keenly watching several milestones: the final shape of Thailand’s derivatives licensing rules after the May 20 consultation; any formal guidance on the treatment of digital assets as underlying assets in Thai futures markets; and the timing and scope of any U.S. regulatory green lights for crypto perpetual futures. Together, these developments could influence where liquidity flows, how risk is managed, and which platforms gain prominence as the global crypto derivatives ecosystem evolves.

For readers tracking regulatory trajectories and product innovation, the Thai process offers a concrete example of how a jurisdiction can ease access to advanced financial instruments while preserving rigorous governance standards. The convergence of regional reform and global product experimentation suggests a maturation phase for the crypto derivatives arena, one that could redefine hedging options and capital efficiency for years to come.

The public consultation in Thailand runs through May 20, 2026. As industry participants prepare feedback, observers should monitor how the final framework handles cross-border activity, conflicts of interest, licensing eligibility, and the interplay with existing securities and futures regimes. The outcome could both unlock new pathways for Thai crypto firms and accelerate the global shift toward regulated, investor-protective derivatives infrastructure.

The $292 million exploit tied to KelpDAO is the latest in a long line of crypto bridge hacks, underscoring how the systems designed to connect blockchains have become some of the easiest ways to break them.

The incident involved KelpDAO’s use of LayerZero’s cross-chain messaging system, a type of infrastructure widely used to move data and assets between blockchains.

Bridges are meant to let users move assets from one blockchain to another, like from Ethereum to a different network. But instead of acting as seamless connectors, they have repeatedly turned into weak points, draining billions of dollars over the past few years.

So why does this keep happening?

Crypto ecosystem leaders say the answer is not just bad code or careless mistakes. The problem is more fundamental; it is in how bridges are built in the first place.

The core problem: trusting the middleman

To understand the issue, it helps to look at what a bridge actually does.

If you move tokens from one blockchain to another, the second chain needs proof that your tokens existed and were locked on the first one. In an ideal world, it would verify that itself. In reality, that is too expensive and complex.

“Most bridges don’t fully verify what happened on another chain,” said Ben Fisch, CEO of Espresso Systems. “Instead, they rely on a smaller system to report it. That [second] system becomes the thing you trust.”

So instead of independently checking the truth, bridges outsource it, often to small validator groups or external networks like LayerZero or Axelar. That shortcut creates risk. In the Kelp DAO-related exploit, attackers targeted the data feeding into the bridge.

“Attackers compromised nodes and fed the system a false version of reality,” Fisch said. “The bridge worked as designed. It just believed the wrong information.”

Bridge hacks often look different on the surface. Some involve stolen keys, others faulty smart contracts. But experts say those are symptoms of a deeper issue. The real problem lies in how the systems are designed.

“Anything that can go wrong will go wrong, and bridge hacks are a perfect example,” said Sergej Kunz, co-founder of 1inch. “You see code vulnerabilities, centralization issues, social engineering, even economic attacks. Usually it’s a mix.”

How bridges work

For users, bridges look simple. You click a button and move assets from one blockchain to another. Behind the scenes, the process is more complicated.

First, your tokens are locked on the original blockchain. Then a separate system confirms that the tokens are locked. This system usually consists of a small group of operators or validators. Those operators then send a message to the second blockchain saying the tokens were locked so new ones can be issued. If that message is accepted, the second chain creates a new version of your tokens. These are wrapped tokens, like rsETH or WBTC.

The problem is that this process depends on trusting whoever sends that message. If attackers compromise that system, they can send a false message and create tokens that were never backed on the original chain.

“The worst case is when the system isn’t really checking anything,” Fisch said. “It’s just trusting someone else’s version of events.”

When one failure spreads

Given how often bridges fail, why has the industry not fixed them?

Part of the answer comes down to incentives. “Security is often not the top priority,” Kunz said. “Teams focus on launching quickly, growing users and increasing total value locked.”

Building secure systems takes time and money. Many DeFi projects operate with limited resources, making it difficult to invest heavily in audits, monitoring and infrastructure.

At the same time, projects are racing to support more blockchains. Each new integration adds complexity. “Every new connection adds more assumptions,” Fisch said.

Bridge hacks rarely stay contained. Bridged assets are used across lending protocols, liquidity pools and yield strategies. If those assets are compromised, the damage spreads.

“Other platforms may treat a hacked asset as legitimate,” Kunz said. “That’s how contagion happens.” Users are rarely told how a bridge actually works or what could go wrong.

There are ways to make bridges safer. Fisch says one key step is removing single points of failure by relying on independent data sources rather than shared infrastructure.

In practice, these “data sources” are computers that watch blockchains and report what happened. They might be run by the bridge itself, by outside networks like LayerZero, or by infrastructure providers. But many rely on the same underlying services, meaning a single compromised source can feed bad data across multiple systems.

“If everyone is relying on the same source, you haven’t reduced risk,” he said. “You’ve just copied it.”

Other approaches include hardware protections and better monitoring to catch misconfigurations early. Some developers are also working on designs that verify data directly using cryptography instead of intermediaries.

Kunz believes a more fundamental shift is needed. “As long as we rely on validator-based bridges, these problems will continue,” he said.

Read more: North Korea’s crypto heist playbook is expanding and DeFi keeps getting hit

Thailand’s Securities and Exchange Commission (SEC) is seeking public comment on proposed rule changes that would allow licensed digital asset businesses to apply directly for derivatives licenses, removing the requirement to establish separate entities.

The proposed revisions would build on earlier changes recognizing digital assets as eligible underlying assets for futures contracts, expanding the scope of Thailand’s derivatives market while introducing additional requirements to manage conflicts of interest and strengthen oversight.

The proposal could lower barriers for crypto companies to enter the derivatives market by allowing them to apply for licenses within existing entities, rather than establishing separate companies, while bringing those activities under tighter regulatory oversight.

The regulator said the changes are intended to provide investors with additional tools for hedging and portfolio management, as well as bringing standards for derivatives exchanges and clearing houses in line with international practices.

The proposed changes are open for public consultation until May 20, with feedback from industry participants expected to inform the final framework.

Related: Thailand proposes tighter scrutiny of funders behind crypto firms

Crypto derivatives expand as US moves toward approval

Thailand’s proposal comes as crypto derivatives expand globally and momentum builds toward regulatory approval in the United States.

On Tuesday, Blockchain.com introduced perpetual futures trading in its self-custody wallet, allowing users to open leveraged positions using Bitcoin (BTC) as collateral without transferring funds to an exchange. Underpinned by Hyperliquid, the feature offers access to more than 190 markets with as much as 40x leverage.

Other exchanges have taken a similar approach. Earlier this year, both Kraken and Coinbase launched perpetual futures tied to equities for non-US users as part of a broader push toward 24/7, multi-asset trading.