Jakarta. In today’s digital-driven financial ecosystem, data privacy has evolved from a mere legal obligation into a strategic business imperative. At Astra Financial—a major Indonesian financial services firm under the umbrella of Astra International—this shift is front and centre. During its “Privacy Talks for Excellence (PRIVATE)” forum, Astra Financial emphasized that safeguarding personal data and cultivating a privacy-centric culture are key to sustainable business growth.
Commitment to Data Governance: A Strategic Move
Astra Financial, in collaboration with the Asosiasi Praktisi Pelindungan Data Indonesia (APPDI), organised the PRIVATE forum in Jakarta to strengthen data governance within the financial services sector.
According to Rudy, Vice President Director of Astra and Director in Charge of Astra Financial, protecting personal data is “not only a legal obligation but a shared commitment to building a responsible digital ecosystem.”
The forum’s theme, “Cultivating a Culture of Privacy,” underscores the organisation’s focus on embedding privacy not just in policies and systems, but in day-to-day behaviours and decision-making.
People, Process & Technology: A 3-Pronged Approach
Astra Financial implements data privacy initiatives across three dimensions: people, process and technology.
- People: Training and awareness programmes ensure employees and stakeholders understand their roles in protecting customer data.
- Process: Internal regulations are aligned with Indonesia’s Undang‑Undang Nomor 27 Tahun 2022 tentang Pelindungan Data Pribadi (Law No. 27 of 2022 on Personal Data Protection) to ensure that operational practices meet legal and ethical standards.
- Technology: Investments in Privacy-Enhancing Technologies (PETs) help strengthen data security and trust among consumers.
Regulatory Landscape: Harmonising Compliance and Innovation
On the regulatory front, the Kementerian Komunikasi dan Digital Republik Indonesia (Ministry of Communications and Digital Affairs) is driving implementation of the data protection law across the digital economy—covering regulation, ecosystem development, human-resource capacity building and public literacy on data privacy.
Meanwhile, the Otoritas Jasa Keuangan (OJK) is preparing derivative regulations specifically for the financial services sector to harmonise compliance with the new law and strengthen consumer protection oversight.
According to Wawan Supriyanto, Director at OJK, “Optimising the data-protection law is not an obstacle for the financial sector; on the contrary, it offers benefits such as increased consumer trust, reduced reputational risk and support for digital innovation while safeguarding fairness and security for customers.”
Why Data Privacy Is a Business Sustainability Lever
For organisations operating in the financial services domain, data privacy is much more than a compliance box—it’s foundational for sustaining growth. Here’s why:
- Trust builds competitive advantage: Customers increasingly choose providers they trust with their data. A breach of privacy can erode that trust overnight.
- Reputation risk is real: Mishandled data leads to regulatory penalties, negative publicity and long-term brand damage.
- Enabler of digital innovation: With solid privacy frameworks in place, firms can confidently roll out new digital services knowing they are aligned with regulations and customer expectations.
- Regulatory preparedness: As laws like the Personal Data Protection Act mature, organisations with mature governance will transition smoothly rather than scrambling to catch up.
Key Takeaways for Financial Services Leaders
- Don’t treat data protection as a tick-box exercise. Instead, aim for a privacy-centric culture where the principle of protecting data is embedded in decisions at every level.
- Integrate people, process and technology strategies. Effective data governance requires all three to work in tandem.
- Stay ahead of regulation. With derivative rules on the horizon for financial services, early alignment offers a competitive edge.
- Use privacy as a differentiator. Communicate clearly to customers how their data is protected—this strengthens brand trust.
- Focus on sustainability. Privacy initiatives are not just about risk mitigation—they support the long-term resilience of the business.
Conclusion
In the case of Astra Financial, the message is clear: privacy is not just compliance—it’s business sustainability. As Rudy succinctly put it: “Privacy is the foundation of trust, and trust is the key to business continuity.”
For financial firms navigating digital transformation, regulatory change and evolving customer expectations, placing personal-data protection at the heart of strategy is no longer optional—it’s essential.
Comments