The Indonesian Financial Services Authority (“OJK”) previously issued Regulation 11/2022,* which took effect on October 7, 2022. This regulation replaced OJK Regulation 38/2016.**
Regulation 11/2022 covers a wide range of topics, including IT governance in banking, IT architecture, implementation of IT risk management, data management and personal data protection, cybersecurity, and data protection in banking operations. The regulation requires commercial banks to have a robust IT governance structure, conduct regular assessments of their IT systems, and have disaster
recovery plans in place to ensure continued operations in the event of a disaster or major incident.
This new regulation is a significant development that will have a far-reaching impact on the country’s banking sector. By establishing clear standards and guidelines for IT governance, the regulation will help to ensure stability, security, efficiency, and effectiveness of the banking sector, providing a more secure environment for financial transactions.
* Regulation No. 11/POJK.03/2022 concerning the Implementation of Information Technology by Commercial Banks.
** Regulation No. 38/POJK.03/2016 which dealt with the Application of Risk Management in the Use of Information Technology by Commercial Banks and its amendments.