https://www.gstatic.com/bricks/image/L1hpewfT4eUgyDvzO5bDcn_0j86gSi83PdXPG6QyDH7W6Qz7psyX4ArVa9rA7eLhQjjWNL65unF6.png
Asia Pacific | Financial services

OJK Regulation

The Otoritas Jasa Keuangan ("OJK") is responsible for the inspection and supervision of activities in the banking, capital markets, and financial services sectors in Indonesia. The OJK seeks to protect the interests of consumers, and promote prosperity and competition in the financial services industry.

Some of the key OJK regulations for financial institutions to consider when outsourcing their information technology activities are:

  • OJK Regulation No. 11/POJK.03/2022 

The Organization on Information Technology Implementation by Commercial Banks comprehensively governs IT planning, risk management, cybersecurity, data localization, and IT outsourcing for banks. Banks are responsible for retaining ultimate IT risk management, conducting due diligence, and overseeing outsourced IT effectively.

  • OJK Regulation No. 21/SEOJK.03/2017 

The Application of Risk Management in the Use of Information Technology by Commercial Banks circular provides detailed guidance on implementing IT risk management for banks, specifically for outsourcing arrangements. Banks must ensure outsourcing agreements define clear responsibilities, service levels, and robust oversight mechanisms.

  • OJK Regulation No. 3/POJK.03/2024 

The Organization of Technological Innovation in the Financial Sector governs financial technology innovation and its related frameworks within the financial services sector. Financial institutions using fintech are responsible for robust risk management, consumer protection, and data security throughout the innovation lifecycle.

  • OJK Regulation No. 4/POJK.05/2021 

The Application of Risk Management in the Use of Information Technology by Non-Bank Financial Institutions addresses the application of IT risk management for non-bank financial institutions. Non-bank financial institutions must implement robust IT risk management frameworks and oversee outsourced IT activities.

  • OJK Regulation No. 22/POJK.03/2023

The Consumer and Public Protection in the Financial Services Sector aims to enhance consumer protection across the financial services sector, covering various aspects including data privacy and fair treatment. Financial institutions must ensure outsourced IT activities uphold strict consumer protection and data privacy, maintaining full accountability.

OJK Compliance Offerings

Indonesian Financial Services Regulations: A Guide for Institutions Using Google Cloud

This guide highlights Google Cloud's core commitment to security and compliance and details how our services align with key security and risk considerations typically addressed in the OJK regulations. It provides you with useful information to assist you with understanding how we can support you with meeting the OJK requirements as an outsourced service provider. 

Google Cloud's contracts for financial institutions in Indonesia address the requirements of OJK regulations. Google Cloud is committed to addressing these requirements regardless of how financial institutions choose to use our services.

Take the next step

Start building on Google Cloud with $300 in free credits and 20+ always free products.

Google Cloud
send_spark
    DocsSupport
    Console
    Sign in
    Security
    Threat IntelSecOpsCloud securityConsultingSecurity resources
    • Accelerate your digital transformation
    • Whether your business is early in its journey or well on its way to digital transformation, Google Cloud can help solve your toughest challenges.
    • Featured Products
    • Business Intelligence
    • Hybrid and Multicloud
    • Industry Specific
    • Media Services
    • Mixed Reality
    • Productivity and Collaboration
    • Save money with our transparent approach to pricing
    • Google Cloud's pay-as-you-go pricing offers automatic savings based on monthly usage and discounted rates for prepaid resources. Contact us today to get a quote.
    Google Cloud