PBI Compliance Audit

Update: PBI No. 10/2025 and PADG No. 32/2025 take effect 31 March 2026, strengthening payment infrastructure, data governance, information security, and cyber resilience—including TIKMI performance classification (Transaction, Interconnection, Competency, Risk Management, IT Infrastructure).

PBI Regulations We Audit

Ethic Ninja provides PBI compliance audit services against the following regulations:

1. Payment System Industry (PSP)
   • PBI No. 10 of 2025 on Payment System Industry Regulation (effective 31 March 2026)
   • PADG No. 32 of 2025 on Payment System Industry Regulation (effective 31 March 2026)
2. APUPPT (Anti Money Laundering & Counter-Terrorism Financing)
   • PBI No. 10 of 2024
   • PADG No. 15 of 2025
3. KKS (Information System Security & Cyber Resilience)
   • PBI No. 2 of 2024
   • PADG No. 24 of 2024

Audit Scope

1. Security technology — confidentiality, integrity, two-factor authentication, non-repudiation, availability
2. Audit trail systems and procedures
3. Internal policies and HR procedures for information systems
4. Network and third-party security
5. Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)
6. Protection of customer data and financial transactions

Process

Kick-off & scoping → evidence collection & technical testing → gap assessment → reporting → corrective action plan support.

Deliverables

Full audit report with evidence, regulatory gap analysis, technical and procedural recommendations, and prioritized corrective action plan.