English | 中文 | 下载审德中文简介 

Aug

25

Payment Service Provider in Indonesia

The latest BI regulations classify payment system service providers into two sectors, namely payment service providers or Penyedia Jasa Pembayaran (PJP) and payment system infrastructure operators or Penyelenggaraan Infrastruktur Sistem Pembayaran (PIP). PJP carries out activities to provide information on sources of funds, payment initiation or acquiring services, administration of sources of funds and remittance services, while PIP carries out clearing and final settlement.

Payment Service Providers or Penyedia Jasa Pembayaran (“PJP”) are banks or other institutions that provide services to facilitate payment transactions under Bank Indonesia Regulation (PBI) No. 23/6/PBI/2021 concerning Payment Service Providers (“PBI No. 23/2021”). PBI No. 23/2021 is effective from 1st July 2021 in conjunction with the Bank Indonesia Regulation Concerning the Payment System, which serves as the regulatory umbrella.

Some well-known PJPs in Indonesia are banks and financial technology companies, such as OVO, GoPay, ShopeePay, and so on. PJPs organize various activities, including providing information on sources of funds, payment initiation and/or acquiring services, administration of sources of funds and/or remittance services.

Entities who wish to carry out these activities and act as PJPs must obtain a permit from Bank Indonesia. In accordance with the PBI No. 23/2021, there are 3 (three) categories of PJPs based on its capital. In the first category, the PJPs can carry out complete payment service activities ranging from providing information on sources of funds, payment initiation or acquiring services, administering sources of funds and remittance services, which requires the PJP to have a minimum capital of IDR15,000,000,000 (fifteen billion Rupiah).

In the second category, the PJP are required to have a minimum capital of IDR 5,000,000,000 (five billion Rupiah). However, the license is limited to information services on sources of funds and payment initiation or acquiring services. Meanwhile PJPs in the third category are required to deposit capital of IDR 500,000,000 (five hundred million Rupiah) to IDR 1,000,000,000 (one billion Rupiah), but their license is limited to remittance and/or other services as determined by Bank Indonesia.

The new regulations require not only minimum paid-up capital for payment service providers based on the activities undertaken, but also payment system capital requirements, risk management and security standards for information systems requirements based on the respective classification as Systemic Payment System Providers (PSPS), Critical Payment System Providers (PSPK) and General Payment System Providers (PSPU).

PBI No. 23/2021 and its regulatory umbrella aim to strengthen the end-to-end payment ecosystem in Indonesia, while fostering healthy business practices through collaboration with the industry to accelerate an inclusive digital economy and finances. In addition to efficiency, the new regulations also aim to restructure and optimize the access policy and the provision of payment system activities. PBI No. 23/2021 plays the role as legal corridor for the implementing Bank Indonesia Regulation Concerning the Payment System and accommodating regulatory needs in line with the development of innovation, business models and the amendment of previous regulations.

PBI No. 23/2021 is part of the continuous payment system regulatory reform and simplifies regulations and formulates policies based on the development of the digital economy and finances, which also require collaboration communication with relevant stakeholders, one of which is Schinder Law Firm. Schinder Law Firm has had years of experience in the digital finance space, strengthened by experienced professionals. Should you wish to carry out these payment service activities, feel free to drop us an email at info@schinderlawfirm.com.

Let Us Be Your Guide.
Our thorough understanding of local culture
ensures that your business will be in compliance
with all laws and regulations and receive
a warm welcome in the community.

Dear valued Visitor,

Data is a valuable currency in this new world. In the midst of digital transformation, the Indonesian government has taken the final decision to pass the Pelindungan Data Pribadi (PDP) Bill by September 2022. The PDP Law applies to all businesses established in Indonesia and puts the consumer in control. The task of complying with this regulation falls upon businesses.

The PDP Law affects a variety of business operations, including how your sales team prospect and how marketing initiatives are managed. Businesses have had to reassess their business procedures, applications, and forms. Additionally, all businesses that work with personal data should designate a Data Protection Officer (DPO) or data controller to oversee PDP compliance.

In line with this spirit, it gives us great pleasure to announce and share with all our esteemed clients and business associates that Schinder Law Firm is prepared to assist your company to understand the impacts of the Personal Data Protection Law (PDPL) and take the required measures to comply with the law. Our Privacy, Data Protection, and Cybersecurity practice group is a pioneer in providing data privacy law services in Indonesia. Personal data protection services include but are not limited to:

  • Assessing the existing systems, processes, and controls, etc.
  • Providing provide gap assessment on the existing systems, processes, and controls, etc.
  • Developing and ensuring contracts and agreements comply with the PDP Law
  • Developing policies, best practices, and procedures
  • Advising on the security of personal data and managing data breaches
  • Acting as the Data Protection Officer (DPO) and advising upon the appointment, role, and responsibilities of a data protection officer
  • Advising on cross-border transfers of personal data
  • Carrying out data protection impact assessments and data protection audits
  • Recommending other necessary corrective actions in order to comply with the PDP Law
  • Training on the PDP Law tailored to clients’ businesses

We look forward to many more opportunities in the year ahead with your continued support and trust. For consultation, please send us a WhatsApp or Email.

Warmest regards,
Naz Schinder
Managing Partner

Keep Up with the New Law in Indonesia: Personal Data Protection

  • Assessing the existing systems, processes and controls, etc.
  • Providing provide gap assessment on the existing systems, processes and controls, etc.
  • Developing and ensuring contracts and agreements comply with the PDPL.
  • Developing policies, best practices and procedures.
  • Advising on security of personal data and managing data breaches.
  • Acting as the Data Protection Officer (DPO) and advising upon the appointment, role and responsibilities of a data protection officer.
  • Advising on cross-border transfers of personal data.
  • Carrying out data protection impact assessments and data protection audits.
  • Recommending other necessary corrective actions in order to comply with the PDPL.
  • Training on the PDPL tailored to clients’ businesses.
Privacy, Data Protection and Cyber Security
We help our clients to understand the impact of the Personal Data Protection Law (PDPL) on their companies and take the required measures to comply with the law.