Regulatory Update: Royalty Management in Indonesia's Music Industry
A recent dispute between a well-known Indonesian singer and her former composer has drawn attention to the issue of royalty payments for public performances and the role of the National Collective Management Organisation (Lembaga Manajemen Kolektif Nasional or “LMKN“). In response, the Minister of Law issued Regulation No. 27 of 2025 (“Regulation“) on 7 August 2025 to clarify royalty management for copyrighted songs and music. The Regulation, which implements Government Regulation No. 56 of 2021, aims to provide stronger legal certainty and clearer guidance for creators, rights holders, and businesses that use music commercially.
The Regulation reaffirms LMKN’s authority to collect royalties for the use of music in public spaces, whether in physical venues or digital formats. Its scope is not limited to Indonesia, as LMKN may cooperate with overseas collective management organisations or digital platforms to manage royalties internationally.
It also specifies that the responsibility to pay royalties lies with event organisers and business operators that use music in their activities or premises. To reduce ambiguity about what constitutes “public use”, the Regulation lists several digital formats covered under royalty obligations, including streaming, downloads, webcasts, video-on-demand, over-the-top (OTT) services, online radio, and live event streaming.
Despite these developments, some questions remain, particularly regarding the final royalty tariffs for digital use which have yet to be issued. This uncertainty may pose practical challenges for businesses and event organisers in determining their payment obligations.
The Regulation represents a significant effort by the Government to modernise Indonesia’s copyright and royalty framework, reflecting a shift towards a more transparent and structured system that protects creative rights while ensuring fair treatment for music users.
For more information, click here to read our Legal Update.
New Income Tax and VAT Rules for Crypto Transactions in Indonesia
Indonesia’s Ministry of Finance has issued Regulation No. 50 of 2025 to update the income tax and value-added tax (“VAT“) framework for crypto asset transactions (“Regulation“). The Regulation, effective from 1 August 2025, replaces Regulation No. 68/PMK.03/2022 and introduces several key changes, including higher income tax rates, the removal of VAT on crypto transfers, and the transfer of regulatory oversight from the Commodity Futures Trading Regulatory Agency (Bappebti) to the Financial Services Authority (OJK).
The Regulation defines crypto assets as digital representations of value that can be transferred and stored electronically using distributed ledger technology such as blockchain. It aims to provide legal certainty for investors and operators while improving state revenue through a clearer tax structure.
Under the new framework, sellers of crypto assets are subject to a 0.21% final income tax, which must be collected and reported by electronic system operators (penyelenggara perdagangan melalui sistem elektronik or “PPMSEs“). Income received by PPMSEs and crypto miners from activities such as deposits, withdrawals, e-wallet transfers, or transaction verification is subject to the general 22% corporate income tax rate.
A major change is the reclassification of crypto assets as securities. This means that transfers of crypto assets are no longer subject to VAT. However, VAT remains applicable to related services provided by PPMSEs and miners. These include transaction facilitation, e-wallet functions, and verification services, with VAT rates ranging from 2.2% to 11% depending on the nature of the service.
Foreign crypto sellers from countries with tax treaties may apply for relief from the 0.21% final tax by submitting a valid certificate of domicile. Meanwhile, foreign-domiciled PPMSEs may be appointed as withholding agents if they meet certain transaction value or user thresholds.
This updated framework aligns Indonesia’s approach with international practice by recognising crypto assets as financial instruments rather than taxable goods, enhancing market transparency, investor confidence, and competitiveness in the digital asset sector.
For more information, click here to read our Legal Update.
Indonesia's PDP Law Update: Broader DPO Mandate Confirmed, Further Clarity Expected on Data Disclosure and Cross-Border Transfers
Indonesia’s Constitutional Court has clarified that organisations must appoint a Data Protection Officer (“DPO“) if any one of the three conditions under Article 53(1) of the Personal Data Protection (“PDP“) Law is met. This ruling resolves previous uncertainty over whether all three conditions had to be fulfilled simultaneously. The clarification stems from a judicial review decided on 30 July 2025, confirming that the word “and” in the article should be interpreted as “and/or”.
Under the PDP Law, a DPO must be appointed when an organisation:
- processes personal data for public purposes;
- carries out regular and systematic monitoring; and/or
- processes large volumes of sensitive data.
The Court held that requiring all three conditions would weaken data protection and run contrary to the Constitution’s guarantee of personal security. With this decision, any entity meeting one or more of these conditions must appoint a DPO.
The Court also emphasised that robust oversight through a DPO serves as an essential safeguard against the misuse of personal data, particularly in high-risk processing activities. Organisations are therefore expected to reassess their data practices, review governance structures, and ensure readiness to designate a DPO in line with this broader interpretation.
Two other constitutional challenges may further shape Indonesia’s data protection framework. One concerns cross-border data transfers, questioning whether adequacy determinations should require parliamentary ratification. The other relates to criminal liability for data disclosure, seeking to exclude good-faith disclosures, such as those by journalists or researchers, from prosecution. Both cases remain under review and could influence how privacy, freedom of expression, and the public interest are balanced in practice.
The Court’s decision marks a significant step in defining Indonesia’s evolving data protection landscape, signalling a shift towards stronger accountability, greater legal clarity, and closer alignment with global privacy standards.
For more information, click here to read our Legal Update.
What's Changing in P2P Lending? A Look at the Latest OJK Circular Letter
In July 2025, Indonesia’s Financial Services Authority (“OJK“) issued Circular Letter No. 19/SEOJK.06/2025 on Information Technology-Based Joint Funding Services (“Circular Letter“), introducing new operational requirements for peer-to-peer (“P2P“) lending platforms. The Circular Letter replaces the 2023 version and complements OJK Regulation No. 40 of 2024, which sets out the broader P2P lending framework. All affected parties, including organisers, fund providers, and fund recipients, must comply by 1 January 2026.
The new Circular Letter introduces several key updates. It expands permissible business activities, enhances governance and transparency requirements, imposes clearer funding and benefit caps, and strengthens risk management and user protection. Organisers must now disclose key information such as their legal identity, ownership structure, and funding performance data, as well as provide clear risk warnings to users.
Funding limits have been refined: the base cap remains IDR2 billion per recipient but may increase to IDR5 billion for productive loans if certain performance criteria are met. The Circular Letter also introduces fixed economic benefit caps based on loan type, value, and tenor, replacing the previous gradual rate reduction model. These fixed caps provide greater predictability for both borrowers and platforms.
In addition, the Circular Letter allows limited outsourcing of information technology (IT) development, provided organisers retain ownership of source codes and server access. It also introduces clearer classifications for lenders (professional and non-professional) and stricter borrower eligibility standards to ensure responsible lending. Credit scoring and data usage rules have been streamlined to strengthen risk assessment. The previous “Successful Payment Rate” has been replaced with the “Funding Quality Level”, which offers a more comprehensive view of loan performance.
Overall, the Circular Letter aims to balance digital financial innovation with user protection and financial stability while providing P2P organisers with clearer and more flexible compliance standards.
For more information, click here to read our Legal Update.
New Presidential Regulation Sets Up VAT Collection System for Cross-Border Digital Transactions
To strengthen the collection of value-added tax (“VAT“) from cross-border digital transactions, the Indonesian government has issued Presidential Regulation No. 68 of 2025 (“Regulation“), effective from 5 June 2025. The Regulation introduces a new tax collection system, Sistem Pemungutan Pajak atas Transaksi Digital Luar Negeri or (“SPP-TDLN“), designed to capture VAT from foreign providers of digital services and goods supplied to Indonesian users.
The system responds to the rapid growth of cross-border digital transactions that have often escaped effective taxation due to legal and technological gaps. Through SPP-TDLN, the Government aims to modernise VAT collection, promote fairness between local and foreign digital businesses, and strengthen state revenue.
PT Jalin Pembayaran Nusantara (“PT Jalin“), a subsidiary of PT Danareksa (Persero) and PT Telekomunikasi Indonesia (Persero) Tbk, has been appointed to operate the new system. Selected for its expertise in financial technology and secure data handling, PT Jalin will manage both the technical and administrative aspects of VAT collection. It must ensure data confidentiality, maintain system reliability, and coordinate with a government team to oversee implementation. PT Jalin will receive remuneration based on the VAT successfully remitted to the state treasury.
To support its operations, PT Jalin may appoint a local or foreign partner (mitra) with the necessary technological and operational capacity. The partner must pass administrative and technical sandboxing tests covering financial capability, compliance history, cybersecurity standards, and data protection measures.
Businesses providing digital services to Indonesian users are encouraged to review their systems, compliance processes, and data reporting mechanisms in anticipation of engagement with SPP-TDLN. The Regulation represents a major step in Indonesia’s tax digitalisation efforts, signalling closer scrutiny of cross-border activities and reinforcing the government’s commitment to a fairer, technology-driven VAT collection framework.
For more information, click here to read our Legal Update.
OJK Regulation 9/2025: Transitioning to Scripless Shares and Managing Forgotten Investments
Indonesia’s Financial Services Authority (“OJK“) has issued Regulation No. 9 of 2025 on the Dematerialisation of Equity Securities and Management of Unclaimed Assets in the Capital Market (“Regulation“). Effective from 6 May 2025, the Regulation marks a key step in modernising Indonesia’s capital markets by requiring all equity securities to be converted from physical (scrip) to electronic (scripless) form by 6 May 2030. It also establishes a new system for identifying and managing unclaimed capital market assets.
Under the Regulation, shareholders must return physical share certificates to the company or its share registrar (Administrator) for verification. Administrators are required to report progress to OJK every six months and announce the dematerialisation process at least twice a year in both Indonesian and English. Once converted, shares must be stored in a custodian account and cannot be reconverted to physical form except in limited cases, such as company dissolution. After the 2030 deadline, transactions involving physical shares will be prohibited.
The Regulation also introduces procedures for handling unclaimed or dormant assets. Physical shares that remain unconverted by the deadline may still be claimed within a five-year grace period ending 6 May 2035. Afterward, they will be transferred to a custodian account managed by an OJK-appointed party. Similar rules apply to dormant electronic accounts and other inactive capital market assets. The appointed party, known as the Unclaimed Assets Manager, will administer these assets for up to 30 years, after which unclaimed assets may be transferred to a capital market development fund by court order.
Failure to comply with the Regulation may result in administrative sanctions, including warnings, fines, or licence revocation. Market participants are encouraged to begin preparing internal procedures and system upgrades to ensure compliance and facilitate a smooth transition toward a fully electronic, transparent, and efficient capital market system.
For more information, click here to read our Legal Update.
Please note that whilst the information in this Update is correct to the best of our knowledge and belief at the time of writing, it is only intended to provide a general guide to the subject matter and should not be treated as a substitute for specific professional advice
