Financial Crime World

Cybersecurity Threats to Finance in Indonesia: New Regulation Introduced to Combat Growing Risks

Indonesia’s financial sector has been plagued by cyberattacks, with over 20 million incidents reported last year alone. To mitigate these risks, Bank Indonesia (BI) has introduced a new regulation requiring market players to implement robust cybersecurity measures.

New Regulation: Enhanced Cybersecurity Measures for Market Players

Regulation 2/2024 mandates payment service providers, payment system infrastructure providers, and financial sector business actors to:

  • Develop a strategic cyber resilience plan
  • Establish a cybersecurity policy, standard, and procedure
  • Implement a cybersecurity culture
  • Take preemptive measures to prevent cyberattacks, including:
    • Preparation and update of cyber risk profiles
    • Creation of a defense system
    • Monitoring and analysis of cyberattacks
  • Have response and recovery measures in place, including planning, simulation, and communication of cyber incident management and recovery

Reporting Obligations

Operators are required to report annually to BI on their cybersecurity maturity level and identification of vital information structures. Failure to comply with these reporting obligations may result in administrative sanctions from BI.

Industry Expert’s Perspective

In a statement, Bank Indonesia emphasized the importance of enhancing cybersecurity measures in the financial sector, citing the growing risk of cyberattacks and the need for robust oversight and collaboration to prevent and mitigate against incidents.

Nicole Huang, a cybersecurity expert, welcomed the new regulation, stating: “In today’s digital era, businesses must take proactive steps to protect themselves against these threats. Regulation 2/2024 sends a strong message that cybersecurity is a top priority for Bank Indonesia and the Indonesian government.”

Impact on the Financial Sector

The implementation of Regulation 2/2024 is expected to have a positive impact on the Indonesian financial sector’s efforts to combat cyberattacks. As the sector continues to evolve, it is essential that businesses prioritize cybersecurity to maintain trust with customers and protect against the growing threat of cybercrime.

Contact Information

Nicole Huang and Rizky Akbar Idris

Disclaimer

This material is prepared for general information purposes only and should not be relied upon as legal or professional advice. Specific legal advice should be sought before taking any action based on the contents in this material.