Regulatory AlertsOJK Regulation No. 13 of 2025 on Internal Control and Conduct of Securities Companies Acting as Underwriters and Securities Brokers
The Financial Services Authority (OJK) issued Regulation No. 13 of 2025 to establish comprehensive internal control and conduct standards for securities companies acting as underwriters and brokers, addressing prior regulatory gaps and increasing business complexity. The regulation mandates specific mandatory functions, including dedicated information technology risk management and marketing partner oversight, while strictly defining prohibited behaviors and conflict of interest handling. It simultaneously repeals several previous regulations on internal control and conduct to consolidate the regulatory framework effective six months after its promulgation.
Regulation of the Financial Services Authority Number 13 of 2025 concerning Internal Control and Conduct of Securities Companies Engaging in Business Activities as Underwriters of Securities and Securities Brokers
Abstract: The formulation of this Financial Services Authority Regulation ("POJK") is carried out in light of the absence of internal control standards for securities underwriters ("PEE") prior to the issuance of this POJK and the increasing complexity of business activities of PEEs and securities brokers ("PPE"). Furthermore, Securities Companies are utilizing information technology in providing services to customers. Nevertheless, existing regulations only covered the implementation of information technology functions, whereas this POJK regulates the application of information technology usage risk management in the use of information technology service providers as well as electronic or digital system services by PPEs.
In light of the above, the development of business activities and services by Securities Companies must be balanced with the application of good internal control and conduct, following industry development to minimize risks and ensure business sustainability.
The legal basis for this Financial Services Authority Regulation is: Law No. 8 of 1995 as amended by Law No. 4 of 2023; and Law No. 21 of 2011 as amended by Law No. 4 of 2023.
This Financial Services Authority Regulation regulates, among other things, the internal control of PEEs, namely regarding mandatory functions for PEEs; the conduct of PEEs, namely regarding obligations and prohibitions for PEEs and handling conflicts of interest; the internal control of PPEs, namely mandatory functions for PPEs, one of which is the information technology function, and covering regulations on governance and risk management regarding the use of said information technology; mandatory functions for PPE marketing partners; restrictions on access to PEE and PPE functions; the internal control of Regional Securities Companies ("PED"), namely regarding mandatory functions for PED; outsourcing of PPE functions; and the conduct of PPEs and PEDs, namely regarding obligations and prohibitions for PPEs and PEDs and advertising cooperation with social media activists.
Note: This Financial Services Authority Regulation shall take effect after 6 (six) months from the date of promulgation. This Financial Services Authority Regulation was promulgated on June 11, 2025, and established on June 5, 2025.
Upon the effective date of this Financial Services Authority Regulation, provisions regarding internal control as regulated in Financial Services Authority Regulation Number 57/POJK.04/2017 concerning the Implementation of Good Corporate Governance of Securities Companies Engaging in Business Activities as Underwriters of Securities and Securities Brokers and its implementing regulations shall remain in force insofar as they do not conflict with the provisions in this Financial Services Authority Regulation.
Upon the effective date of this Financial Services Authority Regulation, provisions regarding internal control as regulated in the implementing provisions of Financial Services Authority Regulation Number 50/POJK.04/2020 concerning Internal Control of Securities Companies Engaging in Business Activities as Securities Brokers shall remain in force insofar as they do not conflict with the provisions in this Financial Services Authority Regulation.
Upon the effective date of this Financial Services Authority Regulation: a. Financial Services Authority Regulation Number 3/POJK.04/2020 concerning the Conduct of Securities Companies Engaging in Business Activities as Securities Brokers; b. Financial Services Authority Regulation Number 4/POJK.04/2020 concerning the Conduct of Securities Companies Engaging in Business Activities as Underwriters of Securities; and c. Financial Services Authority Regulation Number 50/POJK.04/2020 concerning Internal Control of Securities Companies Engaging in Business Activities as Securities Brokers, are repealed and declared invalid.