GFMIS in the Cloud? — Thailand's ฿4.75B Cloud First Policy and the Future of Government ERP

What Is Cloud First — The Mandatory Move

Cloud First is the policy that requires every state agency to consider cloud as the first option before buying servers or building their own data center. It was released by the Office of the Prime Minister, is overseen by the Ministry of Digital Economy and Society (MDES), and is delivered through National Telecom Public Company Limited (NT).

The policy came into force in fiscal year 2026, effective October 1, 2025. The cabinet approved a first tranche of ฿4.75 billion (roughly US$146.6M) out of a total annual framework of about ฿10 billion to procure centralized cloud and data-center services.

The key structural change: agencies can no longer build standalone data centers. Procurement must go through GDCC, with narrow exceptions for national-security systems or other special cases that require case-by-case approval (for broader context see Thailand Digital Government Plan 2025-2027).

GDCC's 219 Agencies — Numbers You Should Know

Before GDCC, Thailand had roughly 300 government data centers scattered across agencies, with combined capital spend exceeding ฿10 billion per year. The core problem was duplicated build-outs, low utilization, and inconsistent standards — which made inter-agency integration expensive and slow.

After consolidation through GDCC, the platform now serves 219 agencies and 3,065 systems. Operating costs are down roughly 30%, saving the state about ฿850 million per year, and cutting an estimated additional ฿5 billion in public-cloud spending:

The 219-agency and 3,065-system figures are more than "state bodies moving to cloud" — they mean the government ecosystem now sits on a single platform. Inter-agency ERP integration, data exchange, and central identity (e.g. ThaID) all become dramatically easier (see also Smart Government ERP).

Will GFMIS Move to the Cloud?

A question many agencies are asking: "Now that Cloud First is live, does GFMIS itself have to move to the cloud?" The short answer: GFMIS is a central platform run by the Comptroller General's Department, and is not something end-agencies "migrate" on their own. The more practical question is how the ERP systems inside each agency — which need to integrate with GFMIS — should operate from a cloud environment.

In practice, agency ERPs will move to cloud (GDCC or an approved cloud) first, while integration with GFMIS (budget execution, disbursements, financial reporting) continues through the official channels defined by the Comptroller General. If an ERP moves to cloud but cannot still integrate with GFMIS, it is effectively unusable in production. That is the pain point agencies must plan for before migrating.

Three integration requirements matter most when an ERP sits in the cloud and needs to talk to GFMIS:

• Secure network to GFMIS — must use a private network or approved VPN, not the public internet
• Audit-log compliance — every transaction sent to GFMIS must have a complete audit trail (who, when, what) and be retained for the legally mandated period
• Data sovereignty — government financial data must remain inside Thailand and must not flow offshore (aligned with the underlying intent of Cloud First)

For more context on government ERP see ERP for Thai Government, and on state financial flows see Cashless Government.

3 Government ERP Options Under Cloud First

When an agency has to choose an ERP in the Cloud First world, three broad options are on the table today. Each has distinct trade-offs — the choice depends on budget, data-sovereignty sensitivity, and compliance posture.

Option B was common before Cloud First but is now risky — data leaving the country does not align with the spirit of the policy, even where it is not strictly banned. Options A and C both address data sovereignty, but they diverge sharply on vendor sovereignty — i.e. who decides when your ERP gets upgraded, sunset, or re-priced (see Vendor Lock-in and Legacy ERP Sunset 2027-2035).

Thai ERP Ready for Cloud First

Saeree ERP, built by Grand Linux Solution Co., Ltd., was designed from day one to support multiple deployment models — deploy on GDCC, deploy on-premise, or deploy on the organization's own private cloud. The customer chooses; the vendor does not force a path.

Where Saeree connects to Thai state systems:

• GFMIS integration — uses the internal or Comptroller-General-approved channels, not a public API
• PDPA + Cybersecurity Act compliant — complete audit logs, encrypted storage, SSL A+ (see Digital Signatures)
• No forced vendor sunset — customers are not pushed onto a migration timetable set by an overseas vendor HQ (see Legacy ERP Sunset 2027-2035)
• Government-specific modules — state fixed-asset management, unit-cost reporting, Budget Bureau (สงป.) reports (see Government Fixed Assets and Government Unit Cost)

To be straightforward: Saeree ERP is a fit for Thai public-sector organizations — ministries, departments, universities, public organizations, state enterprises — that want a vendor who speaks Thai, understands Thai public administration, and does not put their data in an overseas HQ. It is not a fit for global multinationals running 50-country operations — that is a different market, and we say so openly.

Suitable / Not Suitable

To keep the decision grounded, here is a plain "fit / no-fit" table for choosing a Thai ERP on GDCC — when it is the right answer, and when it is not.

If the table fits your agency, you may also want to read ERP for Thai Government, Smart Government ERP, and Digital Government 2026.