OJK Strengthens Investor Protection To Prevent RDN Burglary

The Minister of Finance of the Republic of Indonesia, Purbaya Yudhi Sadive. (Photo: Doc. Antara)

JAKARTA - The Financial Services Authority (OJK) has taken a number of steps to strengthen investor protection, following the alleged burglary of the Customer Fund Account (RDN) that befell one of the securities companies, so that similar cases can be prevented and not repeated in the future.

"One of them is by issuing letters to securities companies (PE) and RDN banks which emphasizes improving information technology security and strengthening risk management, including improving fraud detection systems," said OJK's Chief Executive Supervisory of Capital Markets, Derivative Finance and Carbon Exchange Inarno Djajadi in a written answer in Jakarta, quoted by Antara, Saturday. October 11th.

Previously, PT Panca Global Capital Tbk (PEGE) reported suspicious activity in its subsidiary RDN, PT Panca Global Sekuritas (PGS), on September 9, 2025. This activity was in the form of repeated withdrawals of funds in a short time allegedly carried out through BCA Klik Bisnis.

Regarding the mode of cyber attack that exploits the host-to-host (API) connection between the PE's back office system and the RDN bank's system, Inarno said that SRO's Joint Circular (SEB) was issued on September 12, 2025.

The SEB issued by PT Bursa Efek Indonesia (IDX), PT Kliring Penjaminan Efek Indonesia (KPEI), and PT Kustodian Sentral Efek Indonesia (KSEI) regulates the termination of the host-to-host connection every day unless it meets the security requirements set.

"The SEB regulates in detail the technical and operational requirements that must be met by securities companies and RDN banks before the host to host connection can be reactivated," said Inarno.

Responding to the incident and increasing potential threats, Inarno added that several action plans had also been prepared, including updating several technical guidelines from the IDX which included guidelines related to online trading, back office integrated systems (Bofis), and stock exchange member system security, as well as updating guidelines at KSEI.

"In addition, a comprehensive assessment of the security status of the system used by stock exchange members will be carried out," he said.

Regarding the case that befell Panca Global Sekuritas, Inarno revealed that OJK had communicated with related financial service institutions (LJK).

He ensured that all losses incurred as a result of the RDN burglary incident were fully borne by LJK, so that customers were not harmed at all.

The OJK emphasized that cyber attacks are a serious threat to the integrity and stability of the capital market. However, according to the authorities, incidents of cyber attacks related to the burglary of RDN some time ago have not been categorized as systemic incidents.

This, said Inarno, is because the impact is still limited and does not extend to the core infrastructure of the capital market, but the potential to become systemic remains.

"Therefore, OJK cooperates with SRO to strengthen supervision of IT security aspects (information technology) in capital market industry players, encourage strengthening cyber security infrastructure, and establish cross-institutional coordination, including through the Indonesia Anti-Scam Center, to ensure a quick and coordinated response in the event of an incident," said Inarno.