OJK Launched New Regulation on the Implementation of Anti-Fraud Strategy for Commercial Banks
The Indonesian Financial Services Authority (“OJK”) issued OJK Regulation No. 39/POJK.03/2019 of 2019 on the Implementation of Anti-Fraud Strategies for Commercial Banks that comes into effect on January 1, 2020 (“POJK No. 39/2019”) to revoke Bank Indonesia Circular Letter No. 13/28/DPNP of 2011 on the Implementation of Anti-Fraud Strategies for Commercial Banks (“SEBI No. 13/2011”).
Essentially, the new POJK No. 39/2019 now provides more comprehensive implementation of anti-fraud strategy and reporting obligation provisions for Banks. POJK No. 39/2019 was enacted as an attempt of OJK to strengthen internal controlling system of a Bank for minimizing Fraud, as well as a form of support to implement risk management in a bank. To improve accuracy and expedite submission of data reporting, POJK No. 39/2019 complements the form and procedures of reporting to OJK to be more comprehensive, including the new form of report for Fraud perpetrator which requires Bank to fill in the details of perpetrator involved whether an internal or external party of the bank. To minimize the risk of Fraud, POJK No. 39/2019 has included the monitoring of external parties as a part of implementing anti-Fraud strategy.
Nevertheless, POJK No. 39/2019 still requires commercial banks (“Bank”) to implement the same anti-fraud strategy through four pillars namely (a) prevention (b) detection (c) investigation, reporting and sanction, and (d) monitoring, evaluation and follow-up as previously determined in SEBI No. 13/2011.
POJK No. 39/2019 affirms the type of conducts that are considered as ‘Fraud’ which was previously not stipulated under SEBI No. 13/2011, consisting of: deception, fraudulence, asset embezzlement, information leaks, criminal banking offence, and other conducts similar to fraud stipulated under the applicable laws and regulations.
The key changes as stipulated in POJK No. 39/2019, among others, are (i) the preparation of policy and procedures for the implementation of risk management system, (ii) the obligation for the head of anti-Fraud working unit to hold a certification of expertise in the field of anti-Fraud or adequate banking and sharia banking expertise, (iii) the requirement to report the perpetrator of Fraud in a more detailed manner, (iv) online and offline reporting submission, and (v) the sanction which can be imposed to Directors and/or Board of Commissioners’ of Bank.
- Implementation of Risk Management to Strengthen Internal Controlling System of a Bank
To minimize the risk of Fraud, POJK No. 39/2019 obliges Bank to have anti-Fraud strategy that serves as part of the implementation of risk management in strengthening internal controlling system. Anti-fraud strategy means Bank’s strategy to control fraud that is designed, implement and improve anti-fraud compliance program in a Bank.
For implementing risk management system, POJK No. 39/2019 now obliges Bank to do preparation of policy and procedures which previously unregulated under SEBI No. 13/2011. The preparation and application of policy and procedures should cover at least: (a) directors and Board of Commissioners’ commitment, (b) determining comprehensive internal control systems and risk assessment procedures (c), due diligence of Bank’s related third parties, (d) remuneration system subsequent to the relevant task and responsibilities, (e) implementation of Bank’s good corporate governance, (f) financial control and implementation of accounting in accordance with the applicable accounting and financial standard, (g) prevention of conflict of interest in decision making, delegation of authorization and separation of function, (h) Fraud reporting mechanism that includes procedure for whistleblowing system (i) enforcement of disciplinary and sanction against breach of anti-fraud regulation, (j) communication and training over policy and procedure of Fraud prevention, (k) periodical monitoring and evaluation of policy and procedure of Fraud prevention, and (l) other matters that are seen as necessary.
Further, in addition to the establishment of anti-Fraud working unit, POJK No. 39/2019 also requires such working unit to be led by a head who holds a certificate of expertise in the field of anti-Fraud and or have adequate experience in the field of banking or sharia banking.
- Comprehensive Form and Procedures of anti-Fraud Report
POJK No. 39/2019 complements the form and procedures of reporting to OJK more comprehensive, including the incorporation of form of report specifically for the perpetrators of Fraud. Unlike SEBI No. 13/2019 that only provides form for incidents of Fraud and the follow up, the new POJK No. 39/2019 also sets out specific form to report the detailed identification of the perpetrators of Fraud that may come from internal and/or external parties, consist of; (a) name, (b) type of identity, (c) identity number, (d) gender, (e) address, (f) date and place of birth. Moreover, POJK No. 39/2019 divides the reporting submission for the anti-fraud strategy, namely: (i) offline reporting to OJK office for anti-fraud strategy report, and (ii) online reporting through OJK system for anti-fraud strategy implementation report and (if any) its correction. In the case that online reporting is not available yet, Banks shall conduct the report on offline basis.
Under new POJK No. 39/2019, sanctions may not only be imposed to Banks but also its directors and/or Board of Commissioner. Set out below are the summary of sanctions stipulated under POJK No. 39/2019:
- Bank that fails to prepare and implement anti-Fraud strategy is subject to administrative sanction in the form of written warning. In the case that bank, its directors and/or its Board of Commissioner remains fail to prepare and implement the anti-Fraud strategy after receiving the written warning, then Bank will be subject to additional sanction in the form of (i) reduction of Banks’ soundness level, (ii) prohibition on the introduction of any new products or to conduct any new activities, (iii) suspension of certain business activities, and/or (iv) prohibition on acting as the main parties of financial services institutions, which should be carried out in accordance with the Regulation of OJK.
- Directors and/or Board of Commissioner that fails to prepare and implement anti-Fraud strategy is subject to administrative sanction in the form of written warning.
- Bank that fails and/or is late in submitting the anti-Fraud strategy related report is subject to administrative in the form of written warning and fines amounting to IDR 1 million per business day, up to a total of IDR 30 million for each type of required document.
- Bank that submits false data or information of the report is subject to written warning and fines amounting to IDR 100,000 per piece of false information, up to a total of IDR 10 million per report.
February 5, 2020
Copyright © 2020 AKSET. All rights reserved.
Please contact Mohamad Kadri (firstname.lastname@example.org), Richie Maureen (email@example.com), or Audi Ayundaputri (firstname.lastname@example.org) for further information.
The foregoing material is the property of AKSET and may not be used by any other party without prior written consent. The information herein is of general nature and should not be treated as legal advice, nor shall it be relied upon by any party for any circumstance. Specific legal advice should be sought by interested parties to address their particular circumstances. Any links contained in this document are for informational purposes and are available and relevant at time this publication is made. We provide no liability whatsoever in respect of any information or content in such links.
- February 5, 2020