Indonesian President Joko “Jokowi” Widodo has called on financial technology (fintech) companies to practice good governance and accountability to mitigate the risks that come with rapid technological developments in the financial sector.
In his pre-recorded remarks to open the Indonesia Fintech Summit 2020 on November 11, Jokowi said fintech services providers should remain wary of certain security risks such as cybercrime, misinformation, transactional errors and data misuse that could harm the quality of their services.
“Fintech players should implement good governance and accountability to mitigate those risks,” the president said, particularly as the non-bank sector was not regulated as strictly as the banking sector.
“This way, [fintechs] can provide secure services to customers and make great contributions to micro, small and medium enterprises [MSMEs] as well as the national economy,” he said.
According to an earlier report from the National Cyber and Encryption Agency (BSSN), Indonesia saw more than 88 million cyberattacks during the first four months of this year, with March recording the highest daily average in cyberattacks.
Several online marketplaces and fintech platforms experienced data breaches this year. Most recently on October 28, fintech aggregator Cermati.com was the victim of data theft that obtained the data of almost three million users that were sold online for $2,200. The data theft came to light on November 1, in a tweet posted by cybersecurity researcher and consultant Teguh Aprianto to his Twitter account, @secgron.
Cermati.com is the second fintech platform to experience a data breach this year, after the data of around 890,000 Kreditplus users was leaked in August. The Financial Services Authority (OJK) was pushing the House of Representatives to conclude its deliberation on the personal data and protection bill for preventing and solving such cases, chairman Wimboh Santoso said on November 11 at the summit.
Indonesia has no regulation in place that authorises law enforcement to bring criminal charges against perpetrators of data breaches, theft or misuse. The 2008 Electronic Transaction and Information Law only allows cyberattack victims to file for compensation for breach of their personal data. “The measure is not sufficient punishment, and we hope that the [data protection] bill can deter people from misusing customers’ personal data,” said Wimboh.
The Indonesia Fintech Association (Aftech) has long been pushing for the bill’s passage, with Aftech managing director Mercy Simorangkir saying last year that the bill was vital for moving the industry in a more responsible direction.
The government has pinned its hopes on fintech companies to help boost financial inclusion to its 2024 target of 90 per cent. Indonesia’s financial inclusion rate last year was 76 per cent, lower than the rate of other Southeast Asian countries like Singapore (98 per cent), Malaysia (85 per cent) and Thailand (82 per cent).
THE JAKARTA POST/ASIA NEWS NETWORK