A. Background & Scope of Regulatory Framework

On 16 August 2018, the Financial Services Authority (Otoritas Jasa Keuangan – “OJK”) enacted OJK Regulation No. 13/POJK.02/2018 on Digital Financial Innovations within the Financial Services Sector (“DFI”) (“OJKR 13/2018”),  providing a regulatory framework for DFI.

OJKR 13/2018 applies to DFI Operators (“Operators”) conducting the DFI businesses that meet the following criteria:

(i) innovative and future-oriented;
(ii) involving the use of information and communication technology as their primary means of providing services to consumers in the financial services sector;
(iii) supporting financial inclusion and literacy;
(iv) beneficial and accessible to the public;
(v) compatible for integration into the existing financial services;
(vi) adopting a collaborative approach; and
(vii) complying with consumer and data protection requirement.

According to OJKR 13/2018, the scope of the DFI business includes the following activities:

DFI Business Activity Remarks
Transaction Settlement All transaction settlements, including investment settlement.
Capital Accumulation (Equity Crowdfunding) Including, among others, equity crowdfunding, virtual exchange, smart contract, and alternative due diligence.
Investment Management Including, among others, advanced algorithm, cloud computing, capabilities sharing, open source information technology, automated advice and management, social trading, and retail algorithmic trading.
Fund Accumulation (Crowdfunding) and Fund Channelling Including, among others, peer-to-peer lending, alternative adjudication, virtual technologies, mobile 3.0, and third-party application programming interface.
Insurance Including, among others, sharing economy, autonomous vehicle, digital distribution, and securitization and hedge fund.
Market Support Including, among others, artificial intelligence/machine learning, machine readable news, social sentiment, big data, market information platform, and automated data collection and analysis.
Other Supporting Activities Including, among others, social/eco crowdfunding, Islamic digital financing, e-waqf, e-zakat, robo advise, and credit scoring.
Other Financial Services Activities Including, among others, invoice trading, token, voucher, and blockchain application based products.

According to OJKR 13/2018, Operators can be in the form of either (a) Financial Services Institutions[1] or (b) other business entities (in the form of a limited liability company (perseroan terbatas) or a cooperative (koperasi)) engaged in the financial services sector.

Please note that according to the regulation, the latter form of operators is expressly prohibited from managing portfolios or exposures.

B. Recordation (Pencatatan)

All eligible Operators, except for those having been registered with the OJK and/or having obtained the license from the OJK prior to the issuance of OJKR 13/2018, are required to apply to the OJK for recordation.

However, it is unclear whether a registered Operator that introduces or commences a new DFI business model outside the scope of its existing registration certificate/license must undergo the recordation process and apply for new registration.

C. Regulatory Sandbox

Under OJKR 13/2018, the OJK has the right to determine which Operators are eligible to undergo the Regulatory Sandbox process, which is a testing mechanism by the OJK to assess the reliability of the Operator’s business process, business model, financial instrument, and corporate governance. The criteria for an Operator’s participation in the Regulatory Sandbox, among others, include the following: (i) recorded as a DFI Operator with the OJK, (ii) registered with the relevant association of the Operator, (iii) introducing a new business model.

The Regulatory Sandbox must be implemented for a maximum period of 1 (one) year, extendable for another 6 (six) months. Although OJKR 13/2018 mandates the issuance of OJK Circular Letter as an implementing regulation for the Regulatory Sandbox, such OJK Circular Letter has not been issued to date. In the absence of the OJK

Circular Letter as the implementing regulation, it is unclear whether Operators not required to go through the Regulatory Sandbox can proceed directly with the next process, for OJKR 13/2018 is silent on this matter.

Based on the result of the Regulatory Sandbox, the OJK will determine the status of the Operator, which may fall into one of the following: (a) recommended; (b) subject to improvement; or (c) not recommended. The meaning of each status is as follows:

  1. recommended”: the Operator can proceed with the registration stage.
  2. subject to improvement”: the Operator must, within 6 months, take remedial actions to improve its model.
  3. not recommended”: the Operator will be automatically delisted from recordation.

D. Registration (Pendaftaran) 

Upon receiving the “recommended” status, an Operator must apply for registration with the OJK within 6 months, or otherwise, its “recommended” status will be revoked. According to OJKR 13/2018, other Operators having the same DFI business format as the Operators that have obtained the “recommended” status from the OJK, should directly submit an application for registration to the OJK.

An Operator having obtained the “registered” status is entitled to set out or use its registration number in offering or marketing its products or services.

E. Other Notable Points from OJKR 13/2018

Apart from the obligations mentioned above, OJKR 13/2018 also requires Operators to do the following:

  1. implement the principle of independent monitoring;
  2. submit periodical reports to the OJK, including a self-assessment risk report;
  3. place its data centre and disaster recovery centre in Indonesia;
  4. provide an IT-based customer service;
  5. comply with personal data privacy requirements, anti-money laundering and counter terrorism funding, consumer protection laws and regulations; and
  6. provide information to its customers on the status of their applications, namely acceptance, delay, or rejection (including the reasons therefor).

For further information on the above, please contact W&P Team:

T Anggra Syah Reza, Sinta Dwi Cestakarani  and Hans Adiputra Kurniawan

[1] Article 1 of Law No. 21 of 2011 on the Financial Services Authority defined ‘Financial Services Institution’ as an institution engaged in the banking, capital markets, insurance, pension fund, financial institution sectors, and other financial services institutions, including among others, pawnshops (pegadaian), export financing, fund management, etc.