English | 中文 | 下载审德中文简介 

Aug

10

Risk-Based Investment System

One of the adjustments for investments regulated under Law No. 11 of 2020 regarding Job Creation is the transition to a Risk-Based Investment System implemented in the Risk-Based Business Licensing. According to Article 1 Government Regulation No. 5 of 2021 regarding Risk-Based Business License Management (GR 5 2021), Risk-Based Business Licensing is a business permission that is granted to applicants to start their business according to the level of potential for injury or loss from a hazard or a combination of the likelihood and effect of the hazard. This is regulated through several regulations, namely Investment Coordinator Board Regulation No. 3 of 2021 regarding Electronically Integrated Risk-Based Business License System (BKPM Regulation 3 2021), Investment Coordinator Board Regulation No. 4 of 2021 regarding Guidelines and Procedures for Risk-Based Business License Services and Investment Facility (BKPM Regulation 4 2021), and Investment Coordinator Board Regulation No. 5 of 2021 regarding Guidelines And Procedures for Supervision of Risk-Based Business Licenses (BKPM Regulation 5 2021) which came into force on 2nd June 2021.

The transition from Online Single Submission (OSS) v1.1 to Risk-Based OSS was supposed to be completed on 2nd July 2021, but it has been postponed for an indefinite amount of time, possibly due to the COVID-19 pandemic. This risk-based investment divides which license is granted to business actors after performing risk analysis, which according to Article 8 GR 5 2021 is done through:

  1. identification of business activities;
  2. hazard assessment;
  3. assessment of potential hazards;
  4. determination of risk level and business scale rating; and
  5. determination of the type of Business Licensing.
After the assessment has been completed, the business will be categorized into:
  1. Business with low risk level;
  2. Business with medium-low risk level;
  3. Business with medium-high risk level; and
  4. Business with high risk level.

For low-risk business activities, business actors are only required have a Business Identification Number (NIB). For medium-low risk business activities, the business actors are required to have an NIB and a statement of standard certificate fulfilment. For medium to high-risk business activities, business actors are required to have a verified NIB and a standard certificate. However, for high-risk business activities, business actors are required to have a verified NIB and license. In the new OSS, the mechanism of certain business fields that require foreign investors to partner with MSMEs as stipulated in Appendix II of President Regulation No. 10 of 2021 regarding Business Field will also be accommodated. According to Article 6 GR 5 2021, the sectors covered are:

  1. marine and fisheries;
  2. agriculture;
  3. environment and forestry;
  4. energy and mineral resources;
  5. nuclear power;
  6. industry;
  7. trading;
  8. public works and public housing;
  9. transportation;
  10. health, medicine, and food;
  11. education and culture;
  12. tourism;
  13. religious;
  14. postal, telecommunications, broadcasting, and electronic systems and transactions;
  15. defence and security; and
  16. employment.
Which will later regulate:
  1. The Indonesian Standard Classification Code for Business Fields (“KBLI”)/related KBLI, title of KBLI, scope of activities, risk parameters, risk level, business licensing, time period, validity period, and business licensing authority, which are listed in Appendix I of GR 5/ 2021;
  2. Risk-based business licensing requirements and/or obligations listed in Attachment II to GR 5/2021;
  3. Guidelines for risk-based business licensing, which are listed in Appendix III of GR 5/2021;
  4. Standards for business activities and/or product standards, which are regulated by ministerial regulations/heads of institutions, (whose guidelines for preparation can be seen in Appendix IV of GR 5/2021).

The regime of risk-based OSS is new and can be quite tricky if one is not careful when navigating the unknown field because there are many new provisions compared to the previous one, such as the provision regarding foreign investment in which the current provision for stored capital for foreign investment is IDR 10.000.000.000, while it was previously IDR 2.500.000.000. Should you require assistance or consultation, email us at info@schinderlawfirm.com.

Let Us Be Your Guide.
Our thorough understanding of local culture
ensures that your business will be in compliance
with all laws and regulations and receive
a warm welcome in the community.

Dear valued Visitor,

Data is a valuable currency in this new world. In the midst of digital transformation, the Indonesian government has taken the final decision to pass the Pelindungan Data Pribadi (PDP) Bill by September 2022. The PDP Law applies to all businesses established in Indonesia and puts the consumer in control. The task of complying with this regulation falls upon businesses.

The PDP Law affects a variety of business operations, including how your sales team prospect and how marketing initiatives are managed. Businesses have had to reassess their business procedures, applications, and forms. Additionally, all businesses that work with personal data should designate a Data Protection Officer (DPO) or data controller to oversee PDP compliance.

In line with this spirit, it gives us great pleasure to announce and share with all our esteemed clients and business associates that Schinder Law Firm is prepared to assist your company to understand the impacts of the Personal Data Protection Law (PDPL) and take the required measures to comply with the law. Our Privacy, Data Protection, and Cybersecurity practice group is a pioneer in providing data privacy law services in Indonesia. Personal data protection services include but are not limited to:

  • Assessing the existing systems, processes, and controls, etc.
  • Providing provide gap assessment on the existing systems, processes, and controls, etc.
  • Developing and ensuring contracts and agreements comply with the PDP Law
  • Developing policies, best practices, and procedures
  • Advising on the security of personal data and managing data breaches
  • Acting as the Data Protection Officer (DPO) and advising upon the appointment, role, and responsibilities of a data protection officer
  • Advising on cross-border transfers of personal data
  • Carrying out data protection impact assessments and data protection audits
  • Recommending other necessary corrective actions in order to comply with the PDP Law
  • Training on the PDP Law tailored to clients’ businesses

We look forward to many more opportunities in the year ahead with your continued support and trust. For consultation, please send us a WhatsApp or Email.

Warmest regards,
Naz Schinder
Managing Partner

Keep Up with the New Law in Indonesia: Personal Data Protection

  • Assessing the existing systems, processes and controls, etc.
  • Providing provide gap assessment on the existing systems, processes and controls, etc.
  • Developing and ensuring contracts and agreements comply with the PDPL.
  • Developing policies, best practices and procedures.
  • Advising on security of personal data and managing data breaches.
  • Acting as the Data Protection Officer (DPO) and advising upon the appointment, role and responsibilities of a data protection officer.
  • Advising on cross-border transfers of personal data.
  • Carrying out data protection impact assessments and data protection audits.
  • Recommending other necessary corrective actions in order to comply with the PDPL.
  • Training on the PDPL tailored to clients’ businesses.
Privacy, Data Protection and Cyber Security
We help our clients to understand the impact of the Personal Data Protection Law (PDPL) on their companies and take the required measures to comply with the law.