English | 中文 | 下载审德中文简介 

Oct

06

Financial Services Authority (OJK) Sets Out Restrictions on New Business Actors in Indonesia

The Financial Services Authority (“OJK”) issued the OJK Regulation in Indonesia No. 10/POJK.05/2022 concerning Information Technology Based Collective Financing Services (“POJK 10/2022”) which took effect on July 4, 2022, and revoked the Financial Services Authority Regulation No. 77/POJK.01/2016 (“POJK 77/2016”). The POJK 77/2016 was originally introduced to quickly respond to the Peer-to-Peer Lending (P2P Lending) industry.

The latest financial technology law in Indonesia, POJK 10/2022, stipulates several new provisions for providers of Financial Technology Peer-to-Peer Lending (“Fintech P2P Lending”), including a minimum paid-up capital of IDR 25,000,000,000 and the obligation for the providers to have a minimum equity of IDR 12,500,000,000, as well as a provision for new providers to be able to obtain a Business License for the Implementation of Information Technology/LPBBTI-Based Funding Services from the OJK ("Permit"), which is different from the previous provisions and must first pass the registration stage (then after being registered, a permit can be granted).

Paid-Up Capital

It should be noted that the paid-up capital at the time of company establishment is specified in Article 4 paragraph (1) POJK 10/2022 as at least IDR 25,000,000,000. This clause differs considerably from the previous regulation in Article 4 paragraph (3) POJK 77/2016, which stipulates that the minimum paid-up capital when applying for a permit is only IDR 2,500,000,000. POJK 10/2022 also requires the capital to be paid up in full, in cash, and stored in the form of a time deposit. If this provision is not adhered to by business actors, administrative sanctions, such as written warnings, limits on commercial activity and/or permit revocation shall be implemented. Administrative punishments may be accompanied by the provider's electronic system being blocked.

This capitalization requirement only applies to new provider candidates. In contrast, existing licensed providers, providers who are in the licensing phase and providers who have returned their registration certificates and would like to resubmit their licensing application are exempted from this requirement.

Equity Provision

POJK 77/2016 did not previously regulate the equity provision. The implementation of this requirement is done through stages within three years, namely at a minimum:

  • IDR 2,500,000,000 within one year as of the promulgation of POJK 10/2022;
  • IDR 7,500,000,000 within two years as of the enactment of POJK 10/2022; and
  • IDR 12,500,000,000 within three years of the enactment of POJK 10/2022.

It should be noted for the provider company that there are administrative sanctions for violating this obligation, which is the same as the violation of the previous provisions regarding paid-up capital, namely written warnings, restrictions on business activities and/or revocation of licenses. The imposition of administrative sanctions may be accompanied by blocking the provider's electronic system.

Prohibitions for Provider

Other than the previously regulated prohibition under POJK 77/2016, POJK 10/2022 also introduces several new prohibitions for the provider, notably:

  1. Prohibition against representing lenders to provide lending and/or provide an automatic lending feature;
  2. Prohibition against allowing the members of Board of Directors (BOD), Board of Commissioners (BOC), Sharia Supervisory Board (DPS), and employees as well as their affiliates to act as lenders;
  3. Prohibition against allowing the members of BOD, BOC, DPS, and shareholders as well as their affiliates to act as borrowers;
  4. Prohibition against having any loan (i.e., bank loan, shareholders' loan, and a loan from other sources); and
  5. Prohibition against conducting any action that causes other financial services institutions under the supervision of OJK to violate and/or circumvent the laws and regulations.

The provisions in POJK 10/2022 are different from the previous regulation in POJK 77/2016, which requires the registration of an Electronic System Provider (Penyelenggara Sistem Elektronik/PSE) before submitting a permit to the OJK. In contrast to the provisions of POJK 77/2016, what needs to be observed in POJK 10/2022 is that the provider can obtain permits before conducting the registration of PSE.

In Article 8 paragraph (1) of POJK 10/2022, Fintech P2P Lending providers must first obtain a permit from the OJK, then submit an application for registration as an Electronic System Provider to the authorized agency no later than 30 calendar days from the date of issuance of the permit from the OJK.

If you, a prospective client, wants to register and establish a Fintech P2P Lending company as explained above, Schinder Law Firm is one of many corporate law firms that have handled a lot of similar matters, with many experienced and professional civil lawyers and dispute lawyers in its arsenal, making it one of the top consulting firms in Indonesia. Feel free to contact us at info@schinderlawfirm.com for further consultation.

Author: Dewi Susanti

Let Us Be Your Guide.
Our thorough understanding of local culture
ensures that your business will be in compliance
with all laws and regulations and receive
a warm welcome in the community.

Dear valued Visitor,

Data is a valuable currency in this new world. In the midst of digital transformation, the Indonesian government has taken the final decision to pass the Pelindungan Data Pribadi (PDP) Bill by September 2022. The PDP Law applies to all businesses established in Indonesia and puts the consumer in control. The task of complying with this regulation falls upon businesses.

The PDP Law affects a variety of business operations, including how your sales team prospect and how marketing initiatives are managed. Businesses have had to reassess their business procedures, applications, and forms. Additionally, all businesses that work with personal data should designate a Data Protection Officer (DPO) or data controller to oversee PDP compliance.

In line with this spirit, it gives us great pleasure to announce and share with all our esteemed clients and business associates that Schinder Law Firm is prepared to assist your company to understand the impacts of the Personal Data Protection Law (PDPL) and take the required measures to comply with the law. Our Privacy, Data Protection, and Cybersecurity practice group is a pioneer in providing data privacy law services in Indonesia. Personal data protection services include but are not limited to:

  • Assessing the existing systems, processes, and controls, etc.
  • Providing provide gap assessment on the existing systems, processes, and controls, etc.
  • Developing and ensuring contracts and agreements comply with the PDP Law
  • Developing policies, best practices, and procedures
  • Advising on the security of personal data and managing data breaches
  • Acting as the Data Protection Officer (DPO) and advising upon the appointment, role, and responsibilities of a data protection officer
  • Advising on cross-border transfers of personal data
  • Carrying out data protection impact assessments and data protection audits
  • Recommending other necessary corrective actions in order to comply with the PDP Law
  • Training on the PDP Law tailored to clients’ businesses

We look forward to many more opportunities in the year ahead with your continued support and trust. For consultation, please send us a WhatsApp or Email.

Warmest regards,
Naz Schinder
Managing Partner

Keep Up with the New Law in Indonesia: Personal Data Protection

  • Assessing the existing systems, processes and controls, etc.
  • Providing provide gap assessment on the existing systems, processes and controls, etc.
  • Developing and ensuring contracts and agreements comply with the PDPL.
  • Developing policies, best practices and procedures.
  • Advising on security of personal data and managing data breaches.
  • Acting as the Data Protection Officer (DPO) and advising upon the appointment, role and responsibilities of a data protection officer.
  • Advising on cross-border transfers of personal data.
  • Carrying out data protection impact assessments and data protection audits.
  • Recommending other necessary corrective actions in order to comply with the PDPL.
  • Training on the PDPL tailored to clients’ businesses.
Privacy, Data Protection and Cyber Security
We help our clients to understand the impact of the Personal Data Protection Law (PDPL) on their companies and take the required measures to comply with the law.