Indonesia’s Tax Chief Assures Data Security Amid Expanded Financial Reporting Requirements
Jakarta – Indonesia’s Directorate General of Taxes (DGT) has moved to reassure citizens regarding the security of their financial data following the implementation of new regulations requiring banks and financial institutions to report detailed transaction information, including credit card data, to the tax authorities. The move, spearheaded by newly appointed Director General of Taxes Bimo Wijayanto, comes as the government seeks to bolster tax revenue and improve compliance. The assurance follows concerns raised about potential privacy breaches and the handling of sensitive financial information.
Wijayanto, who assumed his position in May 2025, emphasized that the DGT has undergone rigorous security assessments by multiple national agencies to ensure the protection of taxpayer data. “We have already completed a review of personal data protection with Komdigi, as well as a review of data and system sovereignty and security with BSSN,” Wijayanto stated during a media briefing on March 5, 2026, as reported by Kompas.com. The Director General underscored that data protection is a core principle of tax administration in Indonesia.
New Regulations and Expanded Data Collection
The increased data collection is mandated by Peraturan Menteri Keuangan (PMK) Number 8 of 2026, signed by Finance Minister Purbaya Yudhi Sadewa. This regulation compels government institutions, organizations, associations, and other entities to submit tax-related data to the DGT. According to the regulation, “Government institutions, organizations, associations, and other parties are obliged to provide data and information relating to taxation to the Directorate General of Taxes,” as stated in Article 1 of PMK 8/2026. The directive extends to a broad range of financial transactions, including credit card payments.
Specifically, the regulations require 23 banks to report details of customer credit card transactions made with merchants. This data includes the identity of the issuing and acquiring banks, merchant identification details (number and address), transaction values, settlement amounts, and the total value of cancelled transactions. The list of banks mandated to comply includes major players such as PT Bank Central Asia Tbk, PT Bank Negara Indonesia Persero Tbk, PT Bank Mandiri Persero Tbk, PT Bank OCBC NISP Tbk, PT Bank Syariah Indonesia Tbk, and PT Bank Rakyat Indonesia Persero Tbk.
Security Measures and Independent Audits
Wijayanto detailed that the DGT’s systems, including the Coretax platform, have been subject to thorough security and data protection reviews. He likewise highlighted that taxpayer confidentiality is legally protected under Article 34 of Indonesian tax regulations, which obligates officials to maintain data secrecy. “This principle is embedded in the development of DJP technology,” Wijayanto affirmed.
To further validate the security of its systems, the DGT has engaged independent security firms to conduct penetration testing. Multiple agencies have been involved in the assessment process, including the Badan Siber dan Sandi Negara (BSSN – the National Cyber and Crypto Agency), the Badan Intelijen Negara (BIN – the State Intelligence Agency), and the Badan Intelijen Strategis (BAIS – the Strategic Intelligence Agency). These independent reviews aim to identify and address potential vulnerabilities, ensuring the integrity and confidentiality of taxpayer data.
Background: Bimo Wijayanto’s Appointment and Broader Fiscal Context
Bimo Wijayanto’s appointment as Director General of Taxes in May 2025 came following a direct mandate from President Prabowo Subianto, who tasked him with reforming Indonesia’s tax system to enhance accountability, integrity, and independence, particularly in securing state revenue. Wijayanto brings a distinguished academic background to the role, having earned a Bachelor of Economics in Accounting from Universitas Gadjah Mada in 2000, a Master of Business Administration from the University of Queensland in 2005, and a Doctor of Philosophy in Economics from the University of Canberra in 2015, according to the Directorate General of Taxes website. Prior to his appointment, he served as the Secretary Deputy for Economic Cooperation and Investment at the Ministry of Coordinating Economic Affairs.
The push for increased tax revenue comes as Indonesia navigates a complex economic landscape. Recent scrutiny from Fitch Ratings regarding Indonesia’s revenue collection has added urgency to the government’s efforts. The new regulations and enhanced data collection are seen as crucial steps towards improving tax compliance and achieving revenue targets. Finance Minister Purbaya Yudhi Sadewa has also emphasized the importance of tax revenue in mitigating the impact of rising oil prices and bolstering domestic demand, as reported by Kompas.com.
Concerns and Public Response
Even as the DGT emphasizes the security measures in place, the expanded data collection has raised concerns among privacy advocates and the public. The potential for misuse of sensitive financial data remains a key concern, and transparency regarding data handling practices will be crucial in maintaining public trust. The government’s commitment to robust data protection measures and adherence to legal frameworks will be essential in addressing these concerns.
The implementation of PMK 8/2026 represents a significant shift in Indonesia’s tax administration, aiming to create a more transparent and efficient system. The success of this initiative will depend not only on the technical security of the DGT’s systems but also on its ability to effectively communicate its data protection policies and address public concerns.
The DGT is expected to provide further updates on the implementation of the new regulations and the ongoing security measures in the coming months. Taxpayers are encouraged to familiarize themselves with their rights and obligations under the new framework and to report any concerns regarding data security to the appropriate authorities.
Key Takeaways:
- Indonesia’s tax authority is collecting more financial data from banks and institutions.
- The government assures citizens that data security is a top priority, citing multiple security reviews.
- The new regulations are part of a broader effort to improve tax compliance and revenue collection.
- Concerns remain regarding data privacy and the potential for misuse of financial information.
The next key development will be the DGT’s report on the initial impact of the new regulations on tax revenue, expected in late 2026. We encourage readers to share their thoughts and concerns regarding these changes in the comments below.