SP 122/GKPB/OJK/VIII/2025
PRESS RELEASE
OJK LAUNCHES CYBERSECURITY GUIDELINE FOR
DIGITAL FINANCIAL ASSETS TRADING ORGANIZERS
Semarang, August 13, 2025. Indonesia Financial Services Authority (OJK) launched Cybersecurity Guideline for Digital Financial Assets (DFA) Trading Organizers in Indonesia. The guideline aims to raise DFA trading operators' awareness and insights on cybersecurity, improving integrity and resilience amid the increasingly dynamic DFA trading ecosystem.
The Cybersecurity Guideline for DFA Trading Operators was launched by the Chief Executive of Financial Sector Technology Innovation, Digital Assets, and Crypto Assets Supervision of OJK Hasan Fawzi, during OJK Digination Day in Semarang, Tuesday (12/8).
The launching was attended by partners in formulating FSTI Cybersecurity Guide from British Embassy Jakarta, Indonesia Blockchain Association and DFA Trading Organizers representatives.
“One year ago, OJK launched the Cybersecurity Guideline for Financial Sector Technology Innovation (FSTI) operators. We expand this guideline for trading organizers in the national digital financial asset ecosystem. The guideline starts from understanding the urgency to enforce the integrity and resilience of the growingly dynamic digital financial assets trading ecosystem," Hasan stated in his remarks.
Furthermore, he conveyed that the guideline was designed as a living document that is secure by design and resilience by architecture.
“All of the design aims to create an adaptive, progressive, and sustainable cyber defense system," Hasan said.
The Cybersecurity Guideline for Digital Financial Assets (DFA) Trading Organizers in Indonesia highlighted adaptive, solid, and visionary cyber defense and information system and protection to maintain the sector's stability as well as the public's trust.
Law Number 4 of 2023 on the Development and Strengthening of the Financial Services Sector (P2SK Law) mandated OJK to regulate and supervise the FSTI, DFA, and Crypto Assets Sector as of January 2025, where this guideline is implemented.
The guideline also aims to increase consumer's trust and the Indonesia digital financial industry's global competitiveness, in hopes to become a reference in building a resilient, safe, and sustainable digital assets trading ecosystem in Indonesia.
Strategic Substances
The Cybersecurity Guideline for Digital Financial Assets (DFA) Trading Organizers in Indonesia has several main strategic substances to note:
- Implementation of Zero Trust Principle, which nulls implicit trust within the network and promotes layered authentication system, hardware management, and dynamic access policies.
- Cyber Risk Management based on national and international frameworks such as ISO, NIST, CSMA, BSSN, and CREAST, to measure the readiness of security system of each operator.
- Data and Wallet Protection, through cold wallet uses for the majority of consumer's assets, as well as end-to-end encryption using industry-standardized cryptograph algorithm.
- Incident Response Plan, designed with principles of effective coordination, speed recovery, and integrated report between OJK and all related stakeholders.
- Technical Competencies Enhancement, carried out continuously through intensive training, professional certifications (e.g. CISA, CISSP, CISM, etc.), and incident simulator to improve operational preparedness.
OJK expects, the guideline launching will lead to creation of balanced ecosystem with innovation, cyber defense, and consumer protection for developed digital financial sector in Indonesia.
Access the guideline here:
https://www.ojk.go.id/id/Publikasi/Roadmap-dan-Pedoman/ITSK/Pages/Pedoman-Keamanan-Siber-Penyelenggara-Perdagangan-Aset-Keuangan-Digital.aspx
***
Head of the Literacy, Financial Inclusion and Communication Department – M. Ismail Riyadi;
Tel. (021) 29600000; E-mail: humas@ojk.go.id
