Indonesia strengthens financial aggregator regulatory framework: AGI Legal

18 December 2024

Indonesia’s Financial Services Authority (Otoritas Jasa Keuangan or “OJK”) recently published a draft regulation on financial aggregators (“Draft Regulation”). The Draft Regulation is mandated by Financial Law No. 4 of 2023 to support financial markets by optimising the products and services offered by financial services institutions, including other entities engaged in financial services activities, in their utilisation of technology in expanding financial inclusion.

Financial aggregators were regulated for the first time with the enactment of Financial Law No. 4 of 2023 on 12 January 2023. They fall under the financial technology innovation framework, which is governed by OJK Regulation No. 3 of 2024 on the Implementation of Financial Technology Innovation (“OJK Regulation No. 3”). The Draft Regulation on financial aggregators is unprecedented and does not replace any existing regulations.

The Draft Regulation was available for public comment from 2 to 27 September 2024 and is currently being finalised.

This article provides an overview of the key provisions of the Draft Regulation.

Financial aggregators

The Draft Regulation defines a “financial aggregator” as an entity that conducts aggregation activities through a website or a financial aggregation application, such as financing agents, funding agents, and wealthtech companies. These activities include collecting, filtering, and/or comparing information about financial products and services offered by financial services institutions. Aggregation activities also include displaying information, providing options, transmitting consumer information to financial services institutions or vice versa, and/or distributing financial products and services to consumers.

Financial aggregators serve as comprehensive platforms that consolidate information about various financial products and services. These platforms can also analyse consumer needs and match them with appropriate financial products and services, helping consumers make more informed financial decisions.

Financial aggregators face various risks in their business activities, including those relating to personal data protection, cybersecurity, and consumer protection. A regulatory framework is therefore important to ensure that their operations are conducted safely and responsibly.

Establishment

A financial aggregator must be established as a limited liability company with a minimum paid-up capital of IDR2,500,000,000 (approximately S$211,000). This capital must be fully paid in cash and deposited in the name of the financial aggregator with a commercial bank, Sharia commercial bank, or the Sharia business unit of a commercial bank in Indonesia.

A financial aggregator must be established and owned by an Indonesian citizen and/or legal entity, or by a foreign citizen and/or legal entity. The shareholding composition of a financial aggregator by foreign citizens and/or legal entities, whether directly or indirectly, shall not exceed 85% of the paid-up capital. However, this restriction on foreign ownership does not apply to financial aggregators that are public companies whose shares are traded on the stock exchange.

A financial aggregator must have a board of directors consisting of at least two members. One of the directors must oversee information technology functions. Directors must be certified or have at least three years of professional experience in information technology, financial services institutions, and/or financial services.

A financial aggregator may employ foreign workers, provided that their term of office does not exceed three years. Foreign workers are allowed to hold positions one level below directors, or serve as experts and/or consultants. For each foreign worker employed, the financial aggregator must assign an Indonesian worker to accompany the foreign worker and facilitate the transfer of technology and/or skills to the accompanying worker through education or vocational training. Foreign workers may not be employed in human resources or compliance functions.

Licencing

Any entity engaged in financial aggregation must obtain a business licence from OJK. Within 30 calendar days of receiving the licence, the financial aggregator must register with the relevant authority as an electronic system provider. Licensed financial aggregators must comply with the obligations in OJK Regulation No. 3, as well as other applicable requirements, including those related to the Financial Technology Innovation Provider Association, anti-money laundering and counter-terrorist financing measures, prevention of proliferation of weapons of mass destruction, consumer protection, anti-fraud policies, and protection of personal data.

Reporting

A financial aggregator must submit periodic reports, annual business plans, and other related reports to OJK. Periodic reports include monthly, quarterly, and annual reports.

Transitional policy

Financial aggregators that have passed the sandbox test phase or are registered with OJK must apply for a business licence under this Draft Regulation no later than 12 months after it comes into effect. Failure to do so will result in the financial aggregator being deemed as operating without a licence whereupon it must cease its business activities and settle consumer obligations no later than six months after being declared unlicenced and unsupervised by OJK. Financial aggregators that have obtained registered status and have been operating before the effective date of the Draft Regulation may continue to operate without the need for further OJK approval.

Reference materials

More information on the Draft Regulation at its public consultation stage is available on the OJK website www.ojk.go.id.