Exclusive: UangTeman’s policy paper to Indonesia’s financial regulator: Page 3 of 4

 
Access to BI’s debtor information system
 
In order to enhance its own risk management system, UangTeman is calling for regulators – in this case OJK and the central bank, Bank Indonesia (BI) – to allow the company to access the debtor information system (SID).
 
SID is BI’s system to collect and record credit or loan facilities data submitted by all members of the credit bureau, on a monthly basis. The SID data then will be processed to generate information on individual debtors.
 
Credit bureau members are usually banks or other financial institutions that have been approved by OJK, and therefore BI.

UangTeman wants to voluntarily register to be a credit bureau member, but it needs OJK’s fintech regulation to come out first so that it can be recognised as either a non-financial institution, or a fintech company operating in Indonesia under OJK’s supervision.
 
Once UangTeman has OJK recognition as a financial institution, then it can register with BI to become a member of the credit bureau, and would need to submit monthly loan or credit data to BI in return for access to SID.
 
Currently there are 20 non-bank members of the credit bureau approved by BI, including a few consumer finance companies such as PT Home Credit Indonesia and PT Aeon Credit Service Indonesia.
 
Security and standards
 
UangTeman is also asking OJK to look into standards for fintech platforms and systems. For one, such websites should have certain security measures built in to ensure that all transactions and data coming in and out of the site are as secure as possible from viruses or hackers.
 
It proposes the use of security protocols such as secure socket layer (SSL) or transport layer security (TSL), as well as an extended validation SSL certificate to further boost security.
 
OJK should also determine what level of SSL certificate a direct online lending company, or any other fintech company for that matter, would need to have before it can be recognised as a trusted site.
 
Data protection
 
In compliance with Indonesia’s Government Regulation No 82 of 2012 on electronic systems and transactions, UangTeman CEO Aidil says that the company has all its data residing in local data centres.
 
It proposes OJK enforce this ruling with other players as well.
 
Besides storing data in-country, Regulation No 82 also requires companies to protect consumer data, and to ensure data is collected with customers’ permission.
 
UangTeman also proposes that all players put up their privacy policies on their websites, use data protection software, and have their own internal policies of who within their own organisations can access such data.
 
Next Page: Stop the violence, and a financial buffer