Ethic Ninja · Cybersecurity Services

PBI Compliance Audit

ASPI-registered IT audit and security testing for payment system providers under Bank Indonesia regulations.

Consult (WhatsApp) Contact Us

Update: PBI No. 10/2025 and PADG No. 32/2025 take effect 31 March 2026, strengthening payment infrastructure, data governance, information security, and cyber resilience—including TIKMI performance classification (Transaction, Interconnection, Competency, Risk Management, IT Infrastructure).

Regulations We Audit

  • PBI No. 10/2025 — IT implementation by banks (effective Mar 2026)
  • PADG No. 32/2025 — payment system operations (effective Mar 2026)
  • PBI 23/6/PBI/2021 — payment service providers
  • PBI 22/23/PBI/2020 — payment systems
  • PADG 24/7/PADG/2022 — PSP and infrastructure operators

Audit Scope

  1. Security technology — confidentiality, integrity, two-factor authentication, non-repudiation, availability
  2. Audit trail systems and procedures
  3. Internal policies and HR procedures for information systems
  4. Network and third-party security
  5. Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)
  6. Protection of customer data and financial transactions

Process

Kick-off & scoping → evidence collection & technical testing → gap assessment → reporting → corrective action plan support.

Deliverables

Full audit report with evidence, regulatory gap analysis, technical and procedural recommendations, and prioritized corrective action plan.

Get in Touch

Email info@ethic.ninja · WhatsApp +62 821-3000-1337 · Contact page