JAKARTA - The Financial Services Authority (OJK) has ensured that it is carrying out a crash program of inspections on all Regional Development Banks (BPD) in Indonesia.
This program is focused on strengthening the resilience and security of banking cyber, following a number of hacking cases that took advantage of the BI-FAST system in several BPD.
The Head of the OJK Banking Supervisory Executive, Dian Ediana, conveyed that the banking industry today is inseparable from digital disruption which significantly changes the pattern of services to customers.
He added that people are increasingly inclined to choose banks that offer simple, fast, safe, and convenient digital services, so this condition requires banks to continue to transform and digitalize.
"The digitalization era on the one hand is able to change the services of the financial services industry to be faster and more efficient, but on the other hand provides quite a lot of challenges, including the high potential for cyber attacks," he said in a statement, quoted Sunday, December 21.
According to him, the financial sector as one of the foundations of the national economy must be maintained by ensuring that all information technology infrastructure is protected from cyber threats.
Dian added that this threat not only has the potential to disrupt bank operations, but can also damage the reputation of the financial sector and threaten the stability of the overall financial system.
In carrying out the supervisory function, he conveyed that OJK applied a Risk Based Supervision (RBS) approach or risk-based supervision and this approach is used to assess the health of banks proportionally and sustainably.
"OJK evaluates the bank's risk profile, including operational risks, which includes information technology aspects, and determines the Bank's Health Level every semester," he explained.
Dian said that OJK supervision was carried out through two mechanisms, namely offsite (indirect) supervision and onsite (direct inspection).
"All supervision activities are carried out based on the supervision plan prepared in advance, taking into account the priority of supervision, the level of urgency, the availability of resources, as well as the characteristics, scale of business and operational complexity of each bank," he said.
He added that after the incident in a number of BPDs, OJK took quick steps by carrying out a crash program to inspect BPDs throughout Indonesia, with a main focus on cyber resilience and security.
"Banks have been asked to ensure that steps to increase the resilience and security of banks are implemented," he explained.
In addition, Dian said that OJK also strengthened cooperation with payment system regulators to prevent the recurrence of similar incidents in the future.
In terms of regulation, the OJK has issued several provisions regulating the application of information technology in banks, including POJK Number 11/POJK.03/2022 concerning the Implementation of Information Technology by Commercial Banks (POJK PTI) and SEOJK Number 29/SEOJK.03/2022 regarding Cyber Resilience and Security for Commercial Banks (SEOJK Cyber).
In order to prevent the misuse of the banking system for fraud crimes, OJK also reminded banks to strengthen risk management through several steps, including:
Improving the fraud detection system; Strengthening the implementation of know your customer; Conducting periodic analysis and evaluation of customer transaction profiles and limits; Strengthening third-party risk management; Strengthening the cyber incident response team; and Conducting regular training and socialization related to increasing security awareness."OJK has also sent a guidance letter regarding the steps that must be taken immediately by banks, especially regarding the anomalous transactions that have occurred, and asked the bank to stop the transaction to clarify before carrying out the transaction order," he concluded.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
