All banks are now required to prepare and submit recovery plans to the OJK, whereas previously only systemic banks were mandated to prepare and submit such plans. The new Regulation introduces various new deadlines for the submission of recovery plans, which lie between November 2024 and December 2027, depending on the type of banks concerned

Mandatory submissions of reports by Rural Banks and Sharia Rural Banks via the Financial Services Authority Reporting System are set to be redefined.

The minimum number of members of the Sharia Supervisory Boards of Sharia Commercial Banks and Sharia Business Units has now been set at a minimum of three persons and a maximum of 50% of the total number of members of Banks boards of directors

While the forms of collateral that are eligible to be placed by Conventional Commercial Banks (Bank Umum Konvensional "BUK") as collateral for Short-Term Liquidity Loans (Pinjaman Likuiditas Jangka Pendek "PLJP") remain similar to those set under the previous framework, the following additional forms of PLJP collateral have now been incorporated: 1) Bank Indonesia ("BI") Rupiah Securities (Sekuritas Rupiah Bank Indonesia/SRBI); and 2) Fixed assets. In terms of the collateral outlined in point (2), said assets may only be placed as collateral if the respective BUK does not possess any other forms of collateral or does but its value is insufficient to be placed as collateral. In this regard, the minimum collateral value has been set at 200% of the PLJP ceiling.

Commercial banks that provide digitally-based services are now required to implement two-factor authentication whenever verifying data, information and supporting documents that are submitted by existing/prospective customers. This authentication process must encompass "something you are" factor verification.

The transparent handling of consumer reports is also one of the key areas of focus of this Regulation. In this regard, organizers are now required to verify incoming reports while also providing effective mechanisms that are capable of handling reports. The regulation also introduces mechanisms that are capable of compensating consumers for any losses that are sustained as a result of Organizers mistakes or non-compliance. These new mechanisms place a strong emphasis on the mitigation and handling of fraud

Commercial Banks ("Banks") are required to conduct periodic self-assessments of their digital maturity levels ("Assessments") at least once a year by considering both internal and external changes. Assessments encompass various aspects, including IT governance, IT architecture, IT risk management, cyber resilience and security, technology, data, collaboration and consumer protection. Assessments also involve analysis of the implementation of controls that relate to the various digital maturity aspects outlined under this Regulation.

Among its various provisions, Regulation 17/2023 has broadened the scope of the available Services, which now encompass: 1) Individual Credit Transfers (ICT); 2) Requests for Payment (RFP); 3) Bulk Credit Transfers (BCT); and 4) Direct Debit Transfers (DDT).

BI may appoint participants in OPT as primary dealers in order to support monetary operation transactions. In terms of said appointments, OPT participants must fulfill certain criteria and comply with certain mechanisms. Generally speaking, the regulation stipulates certain criteria that are required to be fulfilled and which have been grouped as follows: 1) Contributions; 2) Capabilities; 3) Collaborations and reputation; and 4) Other stipulated aspects

The Amendment has now included Bank Indonesia ("BI") Rupiah Securities (Sekuritas Rupiah Bank Indonesia - "SRBI") on the list of highly-valued securities ("Securities") that are available to be placed as collateral in order to secure short-term liquidity loans (Pinjaman Likuiditas Jangka Pendek - "PLJP") for conventional commercial banks (Bank Umum Konvensional "BUK").