Introduction
The rapid growth of financial technology (FinTech) in Indonesia has revolutionized the financial sector, with Peer-to-Peer (“P2P”) lending emerging as one of the most significant innovations. As of September 2024, the total outstanding loans in the P2P lending sector reached IDR 8.13 trillion, reflecting an increase compared to the previous period.[1] P2P lending plays a critical role in bridging the credit access gap, providing alternative financing solutions to underserved segments.[2] According to the Financial Services Authority (Otoritas Jasa Keuangan, “OJK”), there are 98 registered fintech lending providers, consisting of 91 conventional providers and 7 Sharia-based providers.[3] On the other hand, while P2P lending contributes to financial inclusion, it also faces legal and operational challenges, particularly regarding the protection of lenders, especially financial institutions such as banks, which play a vital role in maintaining ecosystem stability.
From a legal perspective, P2P lending is regulated under OJK Regulation No. 40 of 2024 concerning Information Technology-Based Joint Financing Services (Layanan Pendanaan Bersama Berbasis Teknologi Informasi, “POJK 40/2024”), replacing OJK Regulation No. 10/POJK.05/2022. Article 1 paragraphs (1) and (2) of POJK 40/2024 primarily define P2P as an information technology-based joint financing service, with the entities providing, managing, and operating it referred to as Providers. P2P lending is a financial service that connects lenders and borrowers through an electronic system based on information technology. P2P lending bridges the credit gap, particularly for Micro, Small, and Medium Enterprises (MSMEs) that face difficulties in obtaining bank loans due to stringent collateral and documentation requirements.[4] While this innovation enhances financing access for borrowers, it exposes lenders to risks, such as default or Non-Performing Loans (NPLs), necessitating stringent risk mitigation systems.[5]
In Indonesia, P2P lending operates through three financing models: channeling, where platforms act as intermediaries; executing, where platforms use their funds and bear the risks; and joint financing, where banks and platforms share funding and risks.[6] Within the P2P lending ecosystem under POJK 40/2024, there are significant differences regarding risk management and mitigation obligations of Providers toward institutional lenders, such as banks.
Risk Management and Mitigation
The Providers’ obligations in risk management are stipulated in Article 202 of POJK 40/2024, emphasizing the importance of effective risk management implementation. Providers are required to ensure active supervision by the Board of Directors, Board of Commissioners, and Sharia Supervisory Board (Dewan Pengawas Syariah, DPS). This demonstrates that risk management responsibility is not limited to an individual but is a collective responsibility involving the entire organizational structure. Providers must also establish clear risk management policies and procedures and implement comprehensive internal control systems as regulated under Article 203 of POJK 40/2024. These obligations aim to ensure that the risks faced by lenders are effectively managed, thereby minimizing potential losses.
Risk mitigation for lenders is governed under Article 148 of POJK 40/2024, which mandates Providers to conduct risk analyses on financing applications submitted by borrowers, as well as verify the authenticity of identities and documents. These measures are crucial to prevent fraud and ensure that lenders invest in viable projects. Additionally, Providers are obligated to optimize the collection of disbursed funds as part of risk mitigation efforts to reduce the likelihood of default. Providers may also facilitate risk transfer through credit insurance and credit guarantees, as outlined in Article 148 paragraph 2 of POJK 40/2024. This indicates that Providers are not only responsible for disbursing funds but also for protecting lenders from risks that may arise due to borrower defaults.
The aspect of lender protection in POJK 40/2024 is also evident from the transparency requirements set forth in Article 142 of POJK 40/2024. Providers must provide clear and transparent information to lenders regarding the risks, costs, and benefits of financing. This is essential to ensure that lenders can make informed decisions before investing.[7] This obligation creates a safer environment for lenders, as they have access to relevant information and can fully understand the risks they face. Furthermore, Providers are required to include dispute resolution mechanisms in financing agreements, offering lenders a pathway to address issues that may arise in their relationship with Providers.
However, while POJK 40/2024 provides a robust legal framework, challenges in its implementation remain. Providers must strictly adhere to the stipulated provisions, and OJK must conduct rigorous supervision to ensure compliance. Administrative sanctions outlined in Article 159 of POJK 40/2024 for risk mitigation and Article 204 for risk management ensure that violations of these provisions are subject to penalties. However, the effectiveness of these sanctions relies heavily on OJK’s assertiveness in enforcing the regulations. The sanctions may include:
- Written warnings;
- Suspension of part or all business activities;
- Restrictions on certain business activities;
- Downgrading of risk assessment results;
- Revocation of approval;
- Prohibition from serving as a Payment Service Provider (PSP), member of the Board of Directors, Board of Commissioners, and/or DPS; and/or
- Administrative fines up to IDR 50,000,000 (fifty million rupiah).
In cases of regulatory violations that have been rectified, OJK may issue a self-terminating written warning. Legal consequences of non-compliance could impact Providers’ reputations and lenders’ trust, ultimately affecting their business sustainability in the market. Therefore, it is crucial for OJK to function not only as a regulator but also as an active supervisor within this industry.
Practical Recommendations for Lender Protection
To enhance risk management and mitigation, Providers can adopt the following practical steps:
Monitor Performance Indicators
Providers should actively monitor performance indicators such as TKB90 (loan repayment success rate within 90 days) and TWP90 (default rate above 90 days).[8] These indicators are critical for assessing loan portfolio health and providing relevant information to lenders.
Secure Funds Through Escrow and Virtual Accounts
Under Article 153 of POJK 40/2024, platforms are required to use escrow and virtual accounts for fund management. Escrow accounts protect lenders’ funds until disbursement conditions are met, while virtual accounts facilitate transparent and efficient fund allocation. This not only protects lenders but also increases trust in Providers.
Implement Credit Scoring for Borrower Risk Assessment
Credit scoring, as regulated under Article 150 of POJK 40/2024, is essential for evaluating borrower risk. By analyzing the borrower’s profile, Providers can assess repayment potential and adjust funding decisions according to their risk tolerance. Providers should ensure that credit scoring processes are transparent and accurate.
Utilize Credit Insurance for Additional Protection
Many platforms offer credit insurance under the Administrative Service Only (ASO) model, providing partial or full protection against loan principal in the event of default. This offers an additional layer of protection for lenders and can increase the platform’s attractiveness to prospective investors.
Provide Education and Training for Key Stakeholders
Providers should ensure that Directors, Commissioners, and DPS members are well-versed in risk management and mitigation. Regular training and updates on regulatory developments can enhance their competencies.
Develop Robust Internal Control Systems
Providers must establish and implement strong internal control systems, including routine audits and evaluations of system effectiveness.
Ensure Transparency in Communication with Lenders
Providers must maintain open and transparent communication with lenders, clearly disclosing risks, costs, and benefits of financing.[9]
Establish Effective Dispute Resolution Mechanisms
Providers should include clear and effective dispute resolution mechanisms in financing agreements to enhance lenders’ confidence. This will provide lenders with confidence that they have a way to resolve issues that may arise.
In conclusion,
POJK 40/2024 provides a comprehensive legal framework to protect lenders in Information Technology-Based Joint Financing Services. The risk management obligations outlined in the regulation ensure that Providers are accountable for managing risks that could impact lenders. Additionally, the risk mitigation measures undertaken by Providers offer added protection, enabling lenders to invest with greater confidence. However, the success of these provisions depends heavily on Providers’ awareness and compliance, as well as effective supervision by OJK. With appropriate risk mitigation measures, Providers can foster a safer and more transparent environment for lenders, supporting the growth and sustainability of the information technology-based financing industry in Indonesia.
BIBLIOGRAPHY
[1] Otoritas Jasa Keuangan. (2024). Statistik Fintech Lending Periode September 2024. Diakses dari https://ojk.go.id/id/kanal/iknb/data-dan-statistik/fintech/Pages/Statistik-P2P-Lending-Periode-September-2024.aspx
[2] Rina Arum Prastyanti & Adnan Terry Suseno, Perlindungan hukum dan etika bagi pengguna fintech peer-to-peer lending di Indonesia. RechtIdee, 16(2), 2021 Hlm. 156-159.
[3] Ibid.
[4]Jerry Shalmont, Grace Iskandar Darmawan, & Dora Dominica, Manajemen dan mitigasi risiko lender peer-to-peer lending pasca diundangkannya POJK 10/2022. Jurnal Hukum & Pembangunan, 53(1), 2023 Hlm. 87-88.
[5] Ibid.
[6] Adi Nur Rohman, Sugeng, dkk., Ekosistem Bisnis dan Regulasi Fintech Syariah dalam Perspektif Keamanan Ekonomi, Jawa Tengah, Penerbit CV. Pena Persada, 2021, Hlm. 44-49.
[7] Rina Arum Prastyanti & Adnan Terry Suseno, Op. Cit., Hlm. 157.
[8] Jerry Shalmont, Grace Iskandar Darmawan, & Dora Dominica, Op. Cit., Hlm. 89.
[9] Rina Arum Prastyanti & Adnan Terry Suseno, Op. Cit., Hlm. 158.
OJK Regulation No. 10/POJK.05/2022 on Information Technology Based Joint Financing Services (LPBBTI)
OJK Regulation No. 40 of 2024 concerning Information Technology-Based Joint Financing Services (LPBBTI)
