In order to meet public demand, especially the accessibility of financial services for non-banking customers, financial technology continues to develop and information systems continue generating innovations. These phenomena have had given a positive impact both for consumers and businesses, especially small and medium enterprises. On the other hand, certain aspects of financial technology (“Fintech”) present a potential risk to the financial system and an adverse effect on consumer protection if they cannot be regulated and controlled properly, especially in payment system services.
As the authority supervising payment systems in Indonesia, Bank Indonesia, the country’s central bank, has responded to the development of Fintech by issuing Bank Indonesia Regulation No. 19/12/PBI/2017 on the Implementation of Fintech (“PBI 19/12”). This aims to synchronize, harmonize, and integrate the implementation of Fintech with other issued policies such as the national payment gateway and payment service processing.
A. Criteria and Categories of Fintech
Fintech that falls under PBI 19/12 are those meet the following criteria: are innovative, have an impact on existing products, services, technology, and/or financial business models; are able to benefit the community; are able to be used extensively, and possess other criteria as determined by Bank Indonesia (“Fintech Criteria”).
PBI19/12 divides Fintech into the following categories: (i) Payment Systems (e.g. the use of blockchain or distributed ledger technology for the implementation of funds transfer, electronic money, electronic wallet, and mobile payments); (ii) Market Support (e.g. the provision of comparison data of financial services products); (iii) Investment and Risk Management (e.g. the provision of online investment products or online insurance); (iv) Lending, Financing, Funding, Capital Raising (e.g. peer-to-peer lending and crowd funding); and (v) Other financial technology services than those mentioned above.
B. The Registration of Fintech
Fintech organizers that will engage in or are engaging in activities that meet the Fintech Criteria (“Fintech Organizers”), must register with Bank Indonesia. The detailed procedure for registering is regulated under Bank Indonesia Board of Governors Regulation (Peraturan Dewan Gubernur Bank Indonesia) No. 19/15/PADG/2017 of 2017 on Technical Guidelines for Registration, Submission of Information and Monitoring of Fintech Organizers (“PADG 19/2017”). Fintech organizers must be business entities and specifically for non-bank institutions acting as a PJSP (as defined below), they must be in the form of a limited liability company.
The obligation to register does not apply to providers of payment system services (penyelenggara jasa sistem pembayaran - “PJSP”) which hold a license from Bank Indonesia and/or Fintech Organizers that are regulated by another authority. However, the PJSP remains under the obligation to submit information on new products, services, technologies, or business models that meet the Fintech Criteria. Fintech Organizers that fall under the control of another authority but also meet the Fintech Criteria for payment system category still remain subject to the registration requirement.
Registered Fintech Organizers have various obligations, such as to comply with the principle of consumer protection according to the products, services, technologies, and/or business models applied and to comply with the anti-money laundering and prevention of terrorism financing principles under the prevailing regulations.
Registered Fintech Organizers may not provide payment system services in virtual currencies. In addition, within 3 months of being registered, Fintech Organizers must submit a written commitment to comply with the above obligations, and after the registration is deemed complete, Bank Indonesia will announce it on its official webpage.
C. Regulatory Sandbox
Bank Indonesia provides a regulatory sandbox to provide Fintech Organizers assurance that their products, services, technologies and/or business models comply with the given Fintech Criteria.
Bank Indonesia will determine which registered Fintech Organizers will be tested in the Regulatory Sandbox (a secured and limited trial space for testing Fintech Organizers including their products, services, technologies, and business models). This determination applies to both new and existing players (regardless of whether they have obtained a license from Bank Indonesia).
In this test, the Fintech Organizers will submit a proposal on the test scenario which includes, among other things, the products/services/technologies/business models, timeframe needed for the test, targets, coverage of area, consumers, and other limitations. Bank Indonesia then reviews the proposals and eventually issues the determination. In this test, Bank Indonesia may also assist and review the Fintech Organizers to determine the status of the test. In the event the result of the test determines that the Fintech falls in the payment system category, the Fintech Organizers must not market the tested products, services, technologies, and/or the business models before obtaining a license and/or approval in accordance with the Bank Indonesia regulations on payment processing systems. Bank Indonesia may also determine that a Fintech Organizer is a payment transaction processing services provider (e.g. Switching Providers, Payment Gateway Providers, e-Wallet Providers, etc), or other payment transaction processing services provider (PJSP lainnya). It is also possible that the result is considered unsuccessful, which means that the Fintech Organizer may not market or implement the tested products, services, technologies, and/or business models.
If the results turn out that the activities do not fall under the payment system category, Bank Indonesia will give the test results to the relevant authorities.
D. Approval of New Products
Fintech Organizers that have obtained a license from Bank Indonesia (e.g. as Principals, Acquirers, Issuers, Switching Providers, Payment Gateway Providers) and which will produce new products, services, technologies, or business models which constitute the development of payment system services activities; or which develop payment system services products or activities, but which do not meet the Fintech Criteria, must obtain an approval from Bank Indonesia before continuing to market the products/services or using the technology/business models.
E. Monitoring and Supervision
Bank Indonesia will monitor Fintech Organizers registered with Bank Indonesia, and for this purpose, Fintech Organizers must provide Bank Indonesia with various data and information, such as information relating to all transactions which involve Fintech activity and information relating to their products, services, technologies and/or business models, financial conditions, and management, as well as their ownership.
Bank Indonesia also supervises Fintech Organizers included in the category of PJSP that already hold a license and/or approval from Bank Indonesia.
F. PJSPs and Fintech Organizers
Any cooperation between a PJSP and a registered Fintech Organizer requires approval from Bank Indonesia. PJSPs are prohibited from cooperating with unregistered Fintech and/or a Fintech Organizers that has not obtained its license.
To implement PBI19/12, Bank Indonesia is coordinating with other relevant authorities in Indonesia and in other countries, including international organizations and/or institutions. This coordination covers the exchange of data and information on transactions, products, services, technologies and/or business models, and discussing issues related to Fintech.
Any Fintech Organizer that violates PBI 19/12 will be served with a written warning, then have its business activities halted, and then its license revoked by Bank Indonesia or by the relevant authorities under a recommendation from Bank Indonesia.
Following the issuance of PBI 19/12, PJSPs must identify the existence of their cooperation with Fintech Organizers. If PJSPs find that their partners are unregistered Fintech Organizers, the Fintech Organizers must ensure that the cooperation meets the requirements set out in PBI 19/12 within 6 months after PBI 19/12 became effective i.e. 30 November 2017.
The obligation to register under PBI 19/12 became effective on 30 December 2017.
M&T Advisory is an email publication prepared by the Indonesian law firm, Makarim & Taira S. It is only intended to inform generally on the topics covered and should not be treated as a legal advice or relied upon when making investment or business decisions. Should you have any questions on any matter contained in M&T Advisory, or other comments generally, please contact your usual M&T contact or firstname.lastname@example.org