In general, there are three institutions that regulate fintech and the activities of fintech companies in Indonesia, i.e., (i) Bank Indonesia (“BI”), (ii) Financial Services Authority (“OJK”), and the Indonesian Commodity Futures Supervisory Body (“Bappebti”). Each of these institutions has different authority depending on the activities of the fintech companies. Overall, BI supervises fintech companies with the activities relating to payment system, OJK supervises fintech companies with the other activities that is not related to payment system, e.g., peer-to-peer lending, equity crowdfunding, and soon to be cryptocurrency. The cryptocurrency was previously under the authority of Bappebti. However, Law Number 4 of 2023 on the Development and Strengthening of the Financial Sector (“Law No. 4/2023”) mandates the transfer of the authority to OJK. The transition period has started since OJK has issued OJK Regulation No. 27 of 2024 on the Implementation of Trading in Digital Financial Assets Including Crypto Assets, which is effective since 10 January 2025 (“Reg 27/2024”). Bappebti supervises fintech activities that are related with commodities. After the shifting of authority of crypto-asset supervision to the OJK, Bappebti currently supervises among others digital gold and IT-based expert advisory services in commodity futures trading.

The rapid technological advancements have led to the emergence of intricate business models, particularly in the financial sector. As the fintech landscape continues to evolve, numerous regulations and policies have lagged behind the technological advancements. The lack of public financial literacy has also raised concerns regarding the safety of public funds. This is evident in the rise of illicit (unlicensed) fintech companies, which have been revealed to be Ponzi schemes operating in the shadows of legitimate fintech companies (e.g., robot trading). Given the critical role of the financial sector, which involves the public’s money and interests, a specialized regulatory framework is necessary to govern such businesses.

To address these concerns, the Indonesian government has enacted several laws and regulations and continuously updating them to align with the evolution of the fintech industry. Recently, the OJK issued a circular letter addressed to the peer-to-peer lending companies, aiming to enhance peer-to-peer lending regulations, among others by stipulating the maximum limits of economic benefits¹, the eligibility criteria of lenders and borrowers² and regulating different treatment for professional lenders and non-professional lenders³. Additionally, the Indonesian government also established the Investment Alert Task Force. This task force monitors fintech activities within the Indonesian market and has successfully shut down and blocked several unregistered offshore and onshore websites that were allegedly engaging in unlawful business practices with Indonesian customers, accumulating public funds, and potentially endangering the public. The task force also intervenes in cases involving investment-related businesses that lack proper licensing from Indonesian authorities.

Footnote(s):

¹ Daily limits of:

1. Term of 6 months or less: (a) consumptive lending – 0.3%, micro and ultra micro-lending – 0.275%, small and medium lending – 0.1%,
2. Term of more than 6 months: (a) consumptive lending – 0.2%, micro and ultra micro-lending – 0.1%, small and medium lending – 0.1%

² Minimum age of 18 y.o. or has been married and the minimum monthly income of the borrower is IDR 3 million (to be effective by 1 Januari 2027 at the latest).

³ The maximum portion of outstanding loan against the maximum outstanding loan of the non-professional lender is at the maximum of 20% (to be effective by 1 Januari 2028 at the latest).

Typically, fintech activities necessitate licensing or registration prior to the commencement of business operations. However, the specific licensing requirements and the corresponding regulatory authorities vary depending on the nature of the fintech business. The license is typically issued by the relevant government authorities, as outlined in question number 1.

The regulatory sandbox is a mechanism established by BI and the OJK to regulate and supervise fintech activities that are yet to be governed by specific regulations. Fintech players must register themselves under either BI’s or OJK’s sandbox mechanism, depending on the type of activities to be carried out. Article 1, No. 7 of OJK Regulation No. 3 of 2024 on the implementation of innovation of Technology in the Financial Sector defines the sandbox as facilities and mechanisms to facilitate the trial and development of innovation, provided by OJK to assess the feasibility and reliability of financial sector technology innovation. In essence, the regulatory sandbox is a testing mechanism carried out by the OJK to evaluate the reliability of a business model of an organizer.

By enrolling in the sandbox mechanism, fintech start-ups in Indonesia will be officially registered and declared as being supervised by the authorized government institution. This is expected to instill trust in the public and foster their business growth. Additionally, fintech start-ups will be protected from the risks of being apprehended by the Task Force for operating fintech activities in Indonesia without a license.

The Initial Coin Offering (ICO) is not yet subject to regulation under Indonesian law. However, cryptocurrency assets have been recognized and regulated in Indonesia as a tradable commodity since 2018. Since then, the government has issued numerous regulations pertaining to cryptocurrency assets. The most recent regulation, Reg 27/2024, also marked the transition of cryptocurrency asset supervision from Bappebti to the OJK. The regulations governing cryptocurrency assets in Indonesia encompass various aspects, including:

–    A comprehensive list of tradeable cryptocurrency assets, currently comprising 545 approved and recognized assets.

–    Capital requirements and governance standards for cryptocurrency asset key players in Indonesia.

–    Licensing requirements for cryptocurrency asset operators.

–    Anti-Money Laundering (“AML”) programs.

–    Operational requirements.

Additionally, Indonesia established a cryptocurrency exchange in 2023. To engage in cryptocurrency activities legally in Indonesia, business actors must adhere to and comply with the regulations promulgated by the government.

Anti-money laundering (AML) and Know Your Customer (KYC) compliance are scattered throughout Indonesian regulatory frameworks. Financial institutions, including banks and fintech business actors, are mandated to adhere to the AML and KYC principles established by the regulator.

In general, the fintech business actors are mandated to apply the principle of knowing their prospective customers or conduct Know Your Customer (KYC) and Customer Due Diligence (CDD) or Enhanced Due Diligence (EDD). They are obligated to identify, assess, and comprehend the risks associated with criminal acts of Money Laundering and/or criminal acts of Financing of Terrorism related to their Customers.

Given the nature of crypto assets involving public funds, the OJK imposes stringent prerequisites for crypto assets business actors, particularly those operating as futures exchanges. One of the fundamental requirements is substantial issued and paid-up capital. Crypto assets futures exchanges are mandated to hold a minimum of IDR 1 trillion (approximately USD 61 million) in issued and paid-up capital, while traders are required to maintain a minimum of IDR 100 billion (approximately USD 6 million). These capital requirements may pose challenges for business actors seeking to obtain licenses from the OJK. To address these concerns, business actors may collaborate with multiple entities, including potential foreign investors, to secure licenses from the OJK and legally engage in the crypto assets business in Indonesia.

Crypto asset transactions in Indonesia are subject to both Value-Added Tax (VAT) and Income Tax. The VAT tariff is:

• 1% of the applicable VAT tariff of the transaction value if the trade organizer through electronic systems is a registered crypto-asset trader.
• 2% of the applicable VAT tariff of the transaction value if the trade organizer through electronic systems is not a registered crypto-asset trader.

The final income tax tariff of the income received by a crypto-asset trader, a trade organizer through the electronic system, or a crypto-asset miner in relation to the crypto-assets is:

• 1% of the transaction amount if the transaction is conducted through a trade organizer through electronic systems who is a registered crypto-asset trader.
• 2% of the transaction amount if the transaction is conducted through a trade organizer through electronic systems who is not a registered crypto-asset trader.

The tax is generally to be collected by the trade organizer through electronic systems through the system, and such trade organizers must comply with the administrative requirements for withholding and depositing the amount to the tax office. In this regard, the trade organizers must ensure that their system can implement the withholding properly, as regulated under the prevailing tax regulations.

Blockchain companies that possess and hold records of personal data (“Data Controller”) are required to adhere to personal data protection requirements under Regulation 27/2024 and Law No. 27 of 2022 on Personal Data Protection (“PDP Law”). To ensure compliance with the PDP Law, the Data Controller must obtain specific consent from the owner of the personal data to hold and process the data for specific purposes. If a transfer of personal data is also required, the owner of the personal data must also provide consent, and the recipient of the personal data must apply the same level of protection as the Data Controller. The PDP Law further stipulates that if the transfer is made to foreign countries, the Data Controller must ensure that the receiving country applies at least the same or higher level of data protection as the PDP Law.

Legally, the United States’ H-1B and L-1 visas do not directly impact the hiring capabilities of fintech companies in Indonesia. However, they may influence the hiring process, as selective candidates might prefer to work in the United States rather than Indonesia if both opportunities arise. The hiring of international talent or foreign workers in Indonesia is governed by Law No. 6 of 2011 on Immigration, as amended by Law No. 63 of 2024 and Law No. 13 of 2023 on Manpower, as amended by Law No. 6 of 2023.

In general, foreign workers must be sponsored by an Indonesian company that applies for the Foreign Worker Utilisation Plan (“RPTKA”) to the Ministry of Manpower. Subsequently, expatriates obtain limited-stay visas and work permits to be permitted to work and reside in Indonesia. It is noteworthy that the Regulation of the Ministry of Manpower No. 8 of 2021 on Implementation Regulation of GR 34/2021 on the Employments of Foreign Workers exempts technology-based startup companies from applying for the RPTKA if they only employ expatriates for a specific period (no longer than three months).

To enter the Indonesian market, particularly in the fintech sector, companies must adhere to sectoral laws and regulations governing fintech business operations. These regulations encompass, as previously elaborated, those pertaining to the regulation of OJK, Bappebti, and BI. Additionally, companies must consider Anti-Money Laundering, Personal Data Protection, Manpower Law, and Tax-related regulations.

Investors should also be cognizant that certain business lines may have restrictions on the permitted shareholding composition for foreign investors. For instance, the maximum permitted shareholding composition for a crypto asset exchange is 40%, while the maximum permitted shareholding composition for a payment services provider is 49%. Foreign shareholders are not permitted to exercise veto rights in the payment services provider company, and the permitted foreign shareholding for an Information Technology-Based Co-Funding Services Organizer (P2P company) is typically 85%.

For fintech companies contemplating entering the Indonesian market, the following considerations and strategic analysis are paramount:

• Target Customer Demographics:

Indonesia boasts a population exceeding 270 million individuals, presenting a substantial market opportunity for fintech companies. To mitigate risks associated with serving such a large potential customer base, prospective fintech companies must prioritize the security and safety of their products. This can be achieved by ensuring full compliance with relevant regulatory frameworks, including OJK regulations, Bappebti regulations, and PDP Law.

• Competitive Landscape:

Indonesia’s fintech market is competitive, with a growing number of local and international players. The market is segmented into various sectors, such as digital payments, peer-to-peer lending, and digital wealth management.

• Potential Partnerships:

In Indonesia, fintech companies frequently collaborate with conventional banks to enhance their credibility, expand their customer base, and gain access to the existing financial infrastructure. These partnerships facilitate fintech firms in leveraging banking services such as payment gateways, e-wallets, and digital payment systems.

Fintech companies contemplating entering the Indonesian market encounter various risks, primarily financial and operational. However, with effective strategies and appropriate knowledge, these risks can be effectively mitigated.

Financial Risk:

The Indonesian government imposes stringent capital requirements for fintech companies, posing challenges for some startup investors seeking to expand into the Indonesian market. While this challenge exists, it can be addressed by collaborating with reputable fintech players to fulfill the minimum capital requirements.

Operational Risk:

Investors may encounter several operational risks, including:

• Regulatory Risks and Legal Certainty: Indonesia’s regulatory framework can be complex and subject to change depending on the relevant government institutions. The government has taken steps to streamline the licensing process through the issuance of the Omnibus Law in 2022, aiming to facilitate a more efficient and investor-friendly licensing system. To ensure that their knowledge is up to the highest standard, the investors can also seek legal assistance from Indonesian law firms or specialists to ensure compliance with applicable laws and regulations.
• Cybersecurity Risks: Indonesia’s technological infrastructure may not be as advanced as in developed countries, potentially exposing companies to cyber threats, which may also lead the company to be sanctioned by the government authority. To mitigate this risk, investors can leverage their technical expertise to fortify their systems against cyberattacks.

Yes, Indonesia permits certain business functions to be outsourced to offshore locations; however, specific regulations and requirements must be adhered to, depending on the nature of the business. For instance, companies outsourcing data processing to offshore entities must ensure compliance with the PDP Law or foreign exchange requirements under the Bank of Indonesia’s regulations. This includes, among others, obtaining the necessary consent from data owners, ensuring data protection measures are in place, adhering to cross-border data transfer provisions stipulated under the PDP Law, and reporting obligations on foreign exchange.

The fintech companies can register their proprietary algorithms and software to be registered under their name with the Directorate General of Intellectual Property Rights. The applicable protections under Indonesian law are copyrights and trade secret.

Algorithms and software enjoys intellectual property protection as a copyright under Article 40 paragraph (1) of Law No. 28 of 2014 on Copyrights (“Copyrights Law”), as Indonesia explicitly considers it as a “creation” in science, arts, and linguistics borne through inspiration, power, imagination, expressed in a valid form. This in practice, provides the creator with the exclusive economic and moral rights to the algorithms and software that they created.

Such objects, however, are generally barred from being considered as a form of invention available for patent rights, per Article 4 of Law Number 13 of 2016 on Patent as lastly amended by Law Number 65 of 2024 on the Third Amendment of Law Number 13 of 2016 on Patent (“Patent Law”), albeit with certain exceptions.

In this vein, Article 4 of Patent Law and its elucidation provides a limit on computer programs ineligible for a patent, such as those that consist solely of the program itself without having technical characteristics, technical effects, or problem-solving capabilities. This is different if the problem-solving result involves a computer, computer network or programmable equipment in its implementation. Such cases may be considered inventions and still fall within the scope of patent. An example is when the Global Positioning System (GPS) was first invented, as they used a proprietary program to solve navigation.

In addition to the copyrights, the fintech companies may also consider registering the algorithms and software under trade secrets. Trade secrets in Indonesia is regulated under Law No. 30 of 2000 on Trade Secrets. The trade secrets itself is defined as information in the field of technology and/or business that is not made public, economically valuable, and its confidentiality is protected by the owner.

Indonesia has recognized marks as a method for protecting brand identities within its jurisdiction, mainly regulated under Law Number 20 of 2016 on Marks and Geographical Indications, as lastly amended by Law Number 6 of 2023 on the Enactment of Government Regulation in Lieu of Law Number 2 of 2022 on Job Creation into Law (“Marks Law”).

Pursuant to Article 1 paragraph (1), a mark is defined as a sign that may be displayed graphically in the form of images, logos, names, words, letters, numbers, colour arrangements, in two and/or three dimensions, sound, hologram, or a combination of two or more these elements, used to distinguish goods and/or services produced by individuals or legal entities in the trade of goods and/or services. Per Article 3, in accordance with the “first-to-file” principle, the right to a trademark is acquired after the mark is registered. Such requisite essentially requires fintech companies to register such mark within the Directorate General of Intellectual Property (“DGIP”) of the Ministry of Law (“MOL”), in order for them to enjoy the protections granted within Indonesia under its territorial principle.

However, pursuant to Article 9 and 10 of Marks Law, if a brand has been registered internationally prior to its Indonesian application, such brand may be eligible to enjoy priority rights upon registration at DGIP. These rights would recognize the initial registration date in a foreign jurisdiction as the precedence date for the Indonesian application. Nonetheless, several criteria must be met:

1. Trademark registration with the right of priority must take into account the maximum period of 6 (six) months from the date of receipt of the mark registration application first received in a foreign country;
2. Priority rights apply only if the country is a member of both the Paris Convention or the World Trade Organization;
3. Priority rights must be proven by providing a copy of the application letter for registration of the mark that was first filed with a member state of the Paris Convention or the World Trade Organization. This evidence must also be translated into the Indonesian language.

Upon registration, fintech companies will enjoy protection for its marks for 10 (ten) years since the date of receipt of the application that has met the minimum requirements. This period may also be extended for the same duration as referred to in Article 35 paragraph (2) Marks Law.

Indonesia has yet to regulate open-source software. However, since open-source software is regarded as publicly accessible source codes, its improper usage may expose security vulnerabilities. This could potentially violate existing laws in Indonesia, such as the data protection regulation. Consequently, fintech companies utilizing open-source software must ensure the proper maintenance of their security systems to prevent unauthorized access or cybercrime. This can be achieved through the implementation of internal policies and procedures, as well as regular audits.

Several strategies exist for fintech companies to address complexities when collaborating with other parties. The fintech company must clearly define and evaluate the rights, obligations, usage terms, and other terms for each party in writing. This document serves as legal proof of the relationship between the company and its business partner, ensuring the usage and protection of intellectual property rights. If there is any regulation requiring a government’s approval before the collaboration with any third party, the fintech company must also observe and comply with such requirements.

In such instances, the agreement should specify the ownership of intellectual property created or previously owned during the collaboration. This establishes a clear basis for ownership rights in case of potential disputes. The parties may also select a dispute forum based on the specific circumstances of the negotiations.

Furthermore, due to the nature of the data involved, non-disclosure provisions are essential. These provisions can be included as a separate agreement or directly within the main agreement to prevent the unauthorized disclosure of information or algorithms related to the project. This allows for countermeasures by the aggrieved party and enhances the overall security and protection of all parties involved.

Lastly, if any intellectual property is created during the collaboration, the agreement should clearly define which party holds the rights to use that intellectual property, both during and after the termination of the collaboration, including survival clauses. This ensures that the opposing party respects the owner’s rights and obligations.

In general, it would depend on which type of intellectual property concerns such a fintech company. Intellectual property such as copyrights for software and algorithms would not require registration for it to be recognized – albeit it is still recommended to register it, whereas other rights such as marks for brands or patents for inventions inherently require registration for it to be recognized.

Nevertheless, in any event, fintech companies should promptly follow the procedures to obtain protection for their intellectual property as Indonesia’s intellectual property framework adopts a “first-to-file” principle. By doing so, the fintech company can prevent and address intellectual property infringement issues.

It has to be understood that presently, Indonesia has yet to issue a regulation specified for AI. Consequently, parties are still relying on other regulatory frameworks in an attempt to grasp its application within industries, among others, Law No. 11 of 2008 on Information and Electronic Transaction, as lastly amended by Law No. 1 of 2024 (“ITE Law”) and Government Regulation No. 71 of 2019 on the Organization of Electronic Systems and Transactions (“GR 71/2019”).

In such vein, one may interpret AI as an “Electronic Agent” per Article 1 paragraph (8) of ITE Law as they are considered as a device from an electronic system that is created to automatically perform certain actions on certain electronic information held by a person. “Automatically perform” would inherently bind to the nature of automation within AI itself. As a result, the obligations and rights attached to the Electronic Agent may apply to its operators and users.

Insofar as the above, the Ministry of Communications and Digital Affairs (“MCDA”) previously released the Ministry of Communications and Information Circular Letter No. 9 of 2023 on Ethics of Artificial Intelligence (“CR 9/2023”), addressing a preliminary ethical guideline for AI usages for certain parties, such as public electronic service operators and private electronic service operators (“Private PSE”). To this end, activities of research, product development, marketing, and use of AI (i.e. analysis and lending decisions) are considered as an implementation of AI are required to follow 9 (nine) ethical values per CR 9/2023, among others:

1. inclusivity – to consider equality, justice, and order for the common good in producing information and innovation;
2. humanity – to protect human rights, social relations, belief systems, and individual opinions and thoughts;
3. safety – to consider the security of users and data used to protect privacy and personal data and prioritize the rights of the users of the electronic system so that no party is harmed;
4. transparency – to have transparency of data used to avoid misuse of data; and
5. credibility and accountability – upon public distribution, to have the information produced by the AI to be trustworthy and accountable.

With the above in mind, as a Private PSE, fintech companies using AI shall adhere to at least such standards, or risk earning sanctions under the applicable law. Further, Article 40A of the ITE Law currently provides broad discretion for the government to be able to create a digital ecosystem that is fair, accountable, safe, and innovative. The government is empowered to adjust electronic systems or actions, such as credit scoring and lending decisions by imposing administrative sanctions such as written warnings, administrative fines, temporary freezing, and access restrictions to achieve such a goal – including the usage of unfair AI within fintech companies.

Besides the above, companies in the financial services sector are mandated to provide customer protections, as outlined by OJK Regulation No. 22 of 2023 on Consumer and Public Protection in the Financial Services Sector (“OJK Regulation No. 22/2023”). Principles of: (i) openness and transparency of products and/or services information, and (ii) fair treatment and responsible business conduct are required to be abided by, as given in Article 3 of OJK Regulation No. 22/2023.

Under Commentary of Article 3 OJK Regulation No. 22/2023, the intended openness and transparency require financial service providers (in this case, fintech companies) to prioritise clarity, accuracy, honesty, and non-deceptiveness in the information regarding products and/or services, both before, during, and after the products and/or services are used by consumers, including explanations of the potential risks of losses that may arise.

Meanwhile, fair treatment and responsible business conduct mean that fintech companies must prioritise actions that are fair, non-discriminatory, and responsible. Fintech companies must place the interests of consumers first, for example, by considering the needs and capabilities of consumers before offering products and/or services. Aside from that, the marketing of products and/or services should be user-oriented. The goal should not be to achieve marketing targets but to meet the needs of the users, particularly in the details of the products and/or services offered.

In light of the foregoing, fintech companies are generally required to provide their users with an understanding of the risks that may arise from their services. As well as user-oriented treatments – including the AI features used by fintech companies. In any event, at the very least, fintech companies using AI should also attempt to abide by the principles given within CR 9/2023 and OJK Regulation 22/2023.

As discussed in Question 15, depending on the proprietary AI model, it may enjoy protection through copyright or patent or trade secrets if it meets the criteria of such rights. Such protection would, in essence, grant the rights creator with exclusive economic and moral rights over the AI’s usage. Regarding protection, please refer to the answers in Question 17, 18, and 19 for further information on intellectual property infringement.

In terms of the implications of using AI and third-party AI tools, Article 21 paragraphs (3) and (4) of the Information Technology Enterprise Law (ITE Law) categorizes the losses resulting from the use of electronic agents into two categories. Firstly, if the loss arises due to the fault of the third-party who provided the AI tools, the loss will be the responsibility of the third party. Conversely, if the loss arises due to the negligence of the service user, the loss will be borne by the service user. Therefore, the implications will depend on the specific circumstances of each case.

For instance, if the loss arises due to the negligence of the consumer who fully inputted data into the AI, the loss will remain the responsibility of the consumer. On the other hand, if the fintech company negligently provides a faulty program to the AI, they will be held liable for any damages caused.

Please refer to the responses provided in Questions 20 and 23. However, it is important to note that since fintech is considered highly regulated, fintech companies must ensure that they do not violate any regulations issued by the OJK, Bappebti, or BI. This is particularly important in the context of consumer protection and data protection.

In regards to mitigation of legal liabilities and risk management of AI technologies, please refer to the answer in Question 20. Such would mostly rely on compliance with the ethical guidelines issued by the OJK and MCDA.

In addition to these ethical guidelines, although not specifically focused on AI, fintech companies, as ITSKs, are obliged to abide by certain principles as stated in Article 215 paragraph (3) of Law Number 4 of 2023 on the Development and Strengthening of the Financial Sector (“Law No. 4/2023”). These principles include: (i) governance; (ii) risk management; (iii) information system security and reliability, including cybersecurity resilience; (iv) consumer protection and personal data protection; and (v) compliance with legal and regulatory requirements.

In addition, OJK has also issued guidelines on cybersecurity for ITSK. Though not specifically on AI, they remain crucial due to the AI’s nature in correlation with the cyber world. These guidelines outline several stages that fintech companies must follow to mitigate risks, starting from risk assessment, risk mitigation, and risk treatment.

Furthermore, OJK has also enacted the OJK Regulation Number 4 of 2021 on the Implementation of Risk Management in the Use of Information Technology by Non-Bank Financial Service Institutions (“OJK Regulation No. 4/2021”), which however, only applies to fintech companies in the P2P lending sector. In such a manner, fintech companies in the P2P lending sector must implement risk management as regulated in Article 3 paragraphs (1) and (2) of OJK Regulation No. 4/2021, which consists of 4 (four) aspects: (i) active supervision by the board of directors and commissioners; (ii) adequacy of policies and procedures for the use of information technology; (iii) adequacy of processes for identifying, measuring, controlling and monitoring risks related to the use of information technology; and (iv) internal control systems over the use of information technology.

Several instances of fintech disruption in Indonesia come to mind, with the most notable being the growth of digital payments, peer-to-peer lending (P2P), and cryptocurrencies. First, in the context of digital payments, business actors have begun providing digital payment mechanisms, which are now spreading rapidly across Indonesia. Individuals can now simply take a photograph of a QR code, eliminating the need to carry physical cards, facilitating a significant shift towards digital wallet systems among Indonesians.

Secondly, peer-to-peer lending has proven particularly beneficial for micro and small enterprises (non-bankable) in Indonesia. Unlike traditional banks, peer-to-peer lending generally offers simpler loan mechanisms compared to borrowing from banks. While certain thresholds still need to be met (such as data submission and verification), peer-to-peer lending has become an integral part of daily transactions for Indonesians. On the negative side, some individuals may rely on peer-to-peer lending too much to cater to their lifestyle creating a new ticking time bomb since some of them may not have the ability to repay the loan.

Furthermore, in terms of cryptocurrencies, although there has been limited regulatory development, there is a growing trend towards providing more facilities, such as the establishment of licensing for cryptocurrency businesses. Interest in cryptocurrencies has surged among Indonesians, with many choosing to invest in cryptocurrencies and utilizing domestic cryptocurrency exchange platforms to achieve their investment objectives.

Nevertheless, the OJK continues to facilitate the advancement of technological developments, particularly in the financial sector, through its sandbox initiative. This approach is likely to lead to the eventual development of more comprehensive regulations and business opportunities in the future.

Generally, fintech companies have attracted substantial investment, particularly in Series A and Series B rounds. These investments are typically contingent upon the level of establishment of the company, including factors such as infrastructure, business quality, consumer growth, and market penetration. Series A investments are typically made for companies in the early stages of development, while Series B investments are directed towards companies with a proven track record of growth and stability.

Notable Series A investments include OY!, Astro, and Moladin, while notable Series B investments include Flip, Zipmex, Julo, and Pluang.

Despite these considerations, investors should remain vigilant as the fintech scene continues to expand and may attract investors under various factors, such as Indonesia’s growing digitalization trends, mobile payment and marketplace penetration shifts, and consumer spending in the digital realm. In our opinion, one sector that has maintained prominence and left a significant impact on investors is the e-wallet and payment system services. These services provide consumers with convenient access to payment and discounts during the transition to a cardless society. E-wallet services are now offered not only by banks but also by non-bank entities.

Furthermore, the peer-to-peer (P2P) lending sector appears to be favorable for investors at present. Although data disclosed by OJK indicates that the industry’s monthly net income experienced some fluctuations, resulting in net losses in January and February 2024, the industry subsequently recorded gains of net income up to IDR 655,84 billion Rupiah per August 2024 and IDR 805,06 billion per September 2024. These figures demonstrate that despite instability, the overall market is still growing and reflects Indonesia’s willingness to seek funding from P2P lending services for micro and small enterprises, as an alternative to obtaining funding from banks. As an insight, OJK is temporarily suspending the issuance of a new P2P license. Thus, this creates many M&A opportunities for legally licensed P2P companies in Indonesia.