COMPARATIVE GUIDE
11 September 2025

Blockchain Comparative Guide

Bagus Enrico & Partners

Contributor

Bagus Enrico & Partners logo
Explore Firm Details
Blockchain Comparative Guide for the jurisdiction of Indonesia, check out our comparative guides section to compare across multiple countries
Indonesia Technology
Alwin Widyanto Hartanto,Bagus SD Nur Buwono,Maria Bunga Narendra
+2 Authors

1 Legal and enforcement framework

1.1 What general regulatory regimes and issues should blockchain developers consider when building the governance framework for the operation of blockchain/distributed ledger technology protocols?

Blockchain developers in Indonesia must navigate:

  • financial regulations;
  • data protection laws; and
  • cybersecurity requirements.

Key considerations include:

  • anti-money laundering (AML) compliance;
  • digital asset classification; and
  • data localisation rules.

When developing blockchain protocols, developers should address the following key aspects.

Personal data protection: Indonesia's Personal Data Protection Law (27/2022) governs personal data processing, including blockchain-based processing. Developers must ensure lawful, transparent and proportional data handling, including:

  • implementing data subject rights (eg, the right to be forgotten) in immutable blockchain systems; and
  • maintaining anonymity and data privacy.

Specifically, for blockchain in financial services, digital asset trading (including cryptocurrencies) must comply with:

  • consumer consent requirements;
  • disclosure of data usage limitations; and
  • notification of changes in data usage purposes.

Financial services regulation: Under Financial Services Authority (OJK) Regulation 27/2024, crypto assets are now classified as digital financial assets rather than intangible commodities. Crypto assets include digital coins tokens and other asset representations, categorised as backed or unbacked crypto assets. Blockchain integration into the financial sector is now part of the regulated market framework.

Know-your-customer (KYC) and AML compliance: Blockchain-based transactions must comply with KYC and AML regulations. Digital financial asset traders must implement robust onboarding and transaction monitoring. The OJK mandates that crypto asset transactions involving non-individual consumers can only be conducted by licensed traders adhering to integrated know-your-transaction and travel rule principles.

Sector-specific regulations: For industry-specific applications, blockchain must comply with relevant regulations. For example, blockchain-based electronic medical record storage must adhere to Ministry of Health regulations. If blockchain supports payment systems, it must comply with Bank Indonesia's regulations on payment system.

1.2 How do the foregoing considerations differ for public and private blockchains?

Public blockchains face stricter scrutiny due to their decentralised and anonymous nature, complicating compliance. Private blockchains, typically used by enterprises, offer more governance control but must still meet security and data protection requirements.

However, if the discussion relates to the blockchain used in financial assets under OJK scrutiny (ie, digital financial instrument that can be traded in digital financial instrument market under the OJK), the blockchain technology must be based on a publicly accessible blockchain – either a permissioned or permissionless blockchain.

1.3 What general regulatory issues should users of a blockchain application consider when using a particular blockchain/distributed ledger protocol?

Users should assess legal protections, financial regulations and data security risks, especially concerning:

  • transactions;
  • identity verification; and
  • asset ownership.

Consumer protection laws and KYC/AML compliance are critical considerations.

1.4 Which administrative bodies are responsible for enforcing the applicable laws and regulations? What powers do they have?

In relation to crypto assets, Bappebti was the supervisory body overseeing crypto asset trading activities, including all regulatory, licensing, approval and supervisory functions. However, on 10 January 2025, all authority vested in Bappebti was transferred to the OJK.

Regulatory oversight varies by application, including:

  • financial services;
  • securities;
  • taxation;
  • AML;
  • system security; and
  • consumer protection.

Key regulators include the following:

  • Bank Indonesia;
  • the Ministry of Communication and Digital;
  • the OJK;
  • the Financial Transaction Reports and Analysis Centre; and
  • the National Cyber and Crypto Agency.

These regulators may work together to:

  • impose fines;
  • revoke licences; and
  • restrict non-compliant platforms.

1.5 What is the regulators' general approach to blockchain?

Regulators cautiously support blockchain innovation while ensuring compliance. The regulatory framework aligns with international best practices while considering local market conditions. Sectoral regulations address:

  • licensing;
  • compliance and governance;
  • trading mechanisms;
  • consumer protection; and
  • data privacy.

1.6 Are any industry or trade associations influential in the blockchain space?

The most relevant associations in the blockchain space are:

  • the Indonesian Chamber of Commerce;
  • the Indonesian Crypto Asset Traders Association;
  • the Indonesian Blockchain Association
  • the Personal Data Association; and
  • the Indonesian Fintech Association.

2 Blockchain market

2.1 Which blockchain applications and protocols have become most embedded in your jurisdiction?

Indonesia primarily uses blockchain for:

  • cryptocurrency trading;
  • financial services;
  • payment systems;
  • digital identity verification; and
  • supply chain management.

2.2 What potential new applications/protocols are most actively being explored?

New applications include:

  • tokenisation of real-world assets – startups actively testing blockchain-based asset tokenisation – and even a state-owned bank doing so;
  • financial services;
  • payment systems;
  • digital identity verification;
  • supply chain management; and
  • central bank digital currencies (CBDCs).

2.3 Which industries within your jurisdiction are making material investments within the blockchain space?

Crypto trading. However, financial services, payment systems and supply chain management are approaching the use of blockchain technology.

2.4 Are any initiatives or governmental programmes in place to incentivise blockchain development in your jurisdiction?

Yes, Bank Indonesia has initiated the development of CBDCs and the utilisation of blockchain as the backbone for payment systems, as outlined in the Indonesian Payment System Blueprint 2030.

From a financial services perspective, the Financial Services Authority has issued its latest roadmap on the development and strengthening of financial sector technology innovation, including the implementation of digital financial assets and crypto assets for 2024–2028. These initiatives are expected to enhance the blockchain ecosystem

3 Cryptocurrencies

3.1 How are cryptocurrencies and/or virtual currencies defined and regulated in your jurisdiction?

Under current regulations, Bank Indonesia explicitly prohibits the use of virtual cryptocurrencies or virtual currencies as a legal means of payment (other than the Indonesian rupiah). On the other hand, while cryptocurrencies cannot be used for payments in Indonesia, they are legally recognised as digital financial assets (DFAs) and can be traded under the Financial Services Authority's (OJK) supervision.

3.2 What anti-money laundering provisions apply to cryptocurrencies?

The following regulations outline provisions pertaining to anti-money laundering (AML) for cryptocurrencies and other DFAs:

  • Law 8/2010 on the Prevention and Eradication of Money Laundering Crime;
  • Bank Indonesia Regulation 10/2024 on the Implementation of Anti-money Laundering, Prevention of Terrorism Financing and Prevention of Funding for the Proliferation of Weapons of Mass Destruction for Parties Regulated and Supervised by Bank Indonesia;
  • OJK Regulation 8/2023 on the Application of Anti-money Laundering and Prevention of Terrorism and Proliferation of Weapons of Mass Destruction Financing Programmes within the Financial Services Sector; and
  • OJK Regulation 27/2024 on the Organisation of Trading of Digital Financial Assets, Including Crypto Assets.

In essence, these regulations require crypto asset platforms to implement AML programmes, including:

  • carefully processing and monitoring transactions; and
  • reporting suspicious activities.

3.3 What consumer protection provisions apply to cryptocurrencies?

Essentially, the main priority is to ensure transparency and provide clear explanations to consumers that cryptocurrency is not a payment instrument but a digital financial asset. Further, in the context of crypto assets as digital financial assets, only crypto assets registered on an OJK-licensed exchange are allowed to be traded. This further entails that DFA operators must also ensure that data integrity, confidentiality and security from collection to destruction. Third-party data sharing requires consumer consent and must comply with data protection laws. Further, DFA operators must also provide clear, accurate, and non-misleading information on products, risks and issuer details. Marketing must be transparent and avoid false promises of high returns or encouraging debt for digital asset purchases. Additionally, there is a general obligation to establish a written consumer protection policy, which generally includes:

  • equal access for all consumers;
  • special services for consumers with disabilities and the elderly;
  • consumer asset protection;
  • protection of consumer data and/or information;
  • mechanisms for handling and resolving consumer complaints; and
  • mechanisms for the use and deletion of consumer data and/or information.

3.4 How are cryptocurrencies treated from a tax perspective?

Notable provisions govern the taxation of crypto transactions under Ministry of Finance Regulation 81/2024, covering both value-added tax (VAT) and income tax. These rules apply to various parties involved in crypto transactions, including:

  • buyers;
  • sellers;
  • trading platforms; and
  • miners.

VAT is imposed on the sale of crypto assets as they are classified as intangible taxable goods. It also applies to services provided by electronic trading platforms that facilitate crypto transactions, including exchanges and mining services. Transactions subject to VAT include:

  • purchases using fiat currency;
  • crypto-to-crypto swaps; and
  • payments for goods or services made with crypto assets.

The VAT rate depends on the registration status of the trading platform, with registered platforms collecting VAT at 1% of the 11% standard rate, while unregistered platforms are subject to 2% of the 11% standard rate. For transactions involving foreign currencies or crypto swaps, the taxable value is converted into rupiah using the official exchange rates set by the government or a valuation method consistently applied by the platform.

In addition to VAT, income tax is imposed on earnings derived from crypto transactions. This tax applies to:

  • crypto sellers;
  • trading platform operators; and
  • miners.

A final income tax of 0.1% is imposed on the transaction value, excluding VAT, but increases to 0.2% if the transaction is conducted through an unregistered platform. The taxable amount varies depending on the payment method. For transactions settled in fiat currency, the tax is calculated based on the amount paid by the buyer. In the case of crypto-to-crypto swaps, the taxable amount is determined by converting the exchanged assets into rupiah using a consistent valuation method, from either a licensed futures exchange or the trading platform itself. If a transaction involves a foreign currency, its value is converted into rupiah based on the government's official exchange rate at the time of payment.

3.5 What regulatory requirements apply to a cryptocurrency trader/exchange?

Please see questions 3.1–3.4.

3.6 How are initial coin offerings and securities token offerings defined and regulated in your jurisdiction?

Indonesia has not yet established a clear regulatory framework specifically for initial coin offerings (ICOs) or security token offerings (STOs). Even with the recent enactment of OJK Regulation 27/2024, which governs digital financial assets, including crypto assets, there are no explicit provisions defining or regulating ICOs and STOs.

However, the draft version of this regulation did discuss ICOs and STOs. It indicated that if a digital financial asset qualifies as a financial instrument within an existing financial sector, its issuance must comply with the regulations applicable to that sector. This implies that ICOs and STOs are not outright prohibited but must be evaluated on a case-by-case basis to determine the relevant legal framework. For example, if a digital financial asset, including crypto assets, exhibits characteristics of a security, it will fall under the jurisdiction of Indonesia's Capital Markets Law. In such cases, its issuance and offering must adhere to capital market regulations, which may impose requirements related to licensing, disclosure and investor protection – similar to those governing traditional securities.

However, since the discussion on ICOs has been removed from the official regulation enacted in OJK Regulation 27/2024, there is currently no dedicated regulation specifically governing ICOs and STOs. Therefore, issuers should closely monitor changes in the legal landscape to ensure compliance.

4 Smart contracts

4.1 Can a smart contract satisfy the legal requirements of a legal contract under the laws of your jurisdiction? What will be considered when making this determination?

For a contract to be valid and binding, it must meet the following requirements:

  • mutual agreement by all parties;
  • legal capacity of the parties;
  • definite subject matter; and
  • lawful purpose.

Smart contracts can be legally binding if they satisfy these elements. However, legal drafting and coding differ fundamentally – traditional contracts allow interpretation, while smart contracts execute automatically. This rigidity poses challenges for:

  • discretion;
  • negotiation; and
  • dispute resolution.

In Indonesia, smart contracts may work best in regulated, digital-first industries such as:

  • finance;
  • supply chain; and
  • tokenised assets.

Banks and fintech companies might find smart contracts useful for automating tasks. As more sectors digitise, smart contracts will likely become more common, even if only for routine tasks, while humans handle complex matters. The challenge is to develop frameworks that recognise smart contracts as legal while providing safeguards against their limitations. Indonesia's legal system may need to consider adding mechanisms to modify or override smart contracts to balance efficiency with fairness.

A major concern is how Indonesian law will handle disputes from smart contracts. Unlike traditional contracts, smart contracts execute automatically, which can lead to unintended outcomes if not properly coded.

4.2 Are there any regulatory or governmental guidelines or policies within your jurisdiction which provide guidance on regulating/defining smart contracts?

Indonesia does not yet have specific regulations governing smart contracts. Instead, they fall under general contract law as outlined in:

  • the Civil Code; and
  • electronic transaction regulations under the Law on Electronic Information and Transactions (Law 11/2008), as most recently amended by Law 1/2024.

However, one regulation that may serve as a pivotal reference for smart contract governance is National Cyber and Crypto Agency Regulation 11/2024 on the Implementation of Indonesian Cryptographic Algorithms and Security Assessment of Cryptographic Modules.

Despite the absence of a dedicated regulatory framework, discussions on blockchain technology and its applications – including smart contracts – are ongoing among key regulatory bodies, including the Indonesian government.

4.3 What parts of traditional contract might smart contracts be able to replace?

Smart contracts can:

  • automate transactions;
  • enforce compliance; and
  • execute agreements without intermediaries.

For example, in conditional sale and purchase agreements that require the fulfilment of conditions precedent (CPs), smart contracts can replace traditional contracts in verifying CP completion. And once all CPs are met, the smart contract can automatically trigger the payment transfer, ensuring immediate execution without manual intervention.

4.4 What parts of traditional contracts might smart contracts be unable to replace?

Smart contracts may not fully replace agreements that require:

  • legal interpretation;
  • discretion; or
  • subjective judgement.

This includes obligations that cannot be quantified or converted into a standardised value, such as 'good-faith performance'.

4.5 What issues might present themselves in your jurisdiction with regard to judicial enforcement of smart contracts?

Since smart contracts are self-executing, disputes may arise when the automated outcome differs from the intended agreement, particularly due to technical glitches or bugs in the code. In such cases, resolving disputes through conventional legal mechanisms could be challenging, as the contract's execution may be irreversible without pre-programmed intervention measures.

4.6 What are some practical considerations that parties should consider when drafting a smart contract?

Drafting a smart contract in Indonesia requires balancing legal enforceability with technical execution. One key consideration is whether the contract should include an emergency override or kill switch to halt execution under specific conditions. Unlike traditional agreements, smart contracts operate automatically and may not allow for human intervention unless explicitly programmed. Given Indonesia's evolving legal landscape for blockchain and digital assets, incorporating a mechanism to pause or terminate a contract in the event of disputes, regulatory changes or unforeseen failures can be essential.

Another major concern is technical risk. Blockchain networks may experience congestion, bugs or hard forks, all of which could disrupt a smart contract's operation. Unlike traditional agreements, where parties can renegotiate terms if needed, an improperly coded smart contract may continue executing even if market conditions or legal requirements change. To mitigate these risks, developers should conduct extensive testing, security audits and simulations before deploying a smart contract.

4.7 How will the foregoing considerations differ when smart contracts are running on a private versus public blockchain?

Unlike public blockchains, private blockchains offer more flexibility, allowing businesses to:

  • modify smart contracts;
  • pause operations; or
  • adapt to regulatory changes.

This reduces the risks associated with immutability and the absence of kill switches. For enterprises operating in Indonesia's developing legal environment, private blockchains may be the more strategic choice, as they allow greater control over compliance and dispute resolution mechanisms.

5 Data and privacy

5.1 What specific challenges or concerns does blockchain present from a data protection/privacy perspective?

Indonesia's Personal Data Protection (PDP) Law (27/2022) presents specific compliance challenges for blockchain technology, particularly concerning:

  • data governance;
  • erasure rights; and
  • adherence to core privacy principles.

One fundamental issue is the decentralised nature of blockchain, which complicates the assignment of legal responsibility. Traditional data protection laws are built around a clear data controller that ensures compliance and upholds individuals' rights. However, blockchain distributes data across multiple nodes without a singular authority, making it difficult to determine who holds accountability for data processing and regulatory obligations.

Another significant concern is the right to be forgotten, which allows individuals to request the deletion of their personal data. Blockchain's immutability conflicts with this requirement, particularly in public blockchains where data cannot be altered once recorded. While Indonesia's PDP Law does not explicitly define what constitutes 'erasure', potential solutions such as anonymisation, cryptographic hashing or delisting may offer alternatives. Similar approaches have been considered in other legal frameworks and future regulatory developments in Indonesia may provide clearer guidance on how blockchain-based systems can achieve compliance. The same challenge applies to the right to rectification: modifying stored data within an immutable ledger requires innovative solutions that reconcile legal mandates with blockchain's technical constraints.

Data minimisation and purpose limitation principles also pose difficulties. The PDP Law requires that personal data be processed strictly for its intended purpose and retained only for as long as necessary. Blockchain, however, permanently records transactions, raising concerns about how organisations can ensure compliance, particularly in sectors handling sensitive data such as:

  • finance;
  • healthcare; and
  • identity management.

Cross-border data flows further complicate matters. Many blockchain networks operate across jurisdictions, yet Indonesia's PDP Law restricts international data transfers unless the recipient country ensures an adequate level of protection or regulatory approval is granted. This poses a challenge for blockchain projects with foreign validators or nodes, as they must assess whether their data-sharing mechanisms align with these legal requirements.

5.2 What potential advantages can blockchain offer in the data protection/privacy context?

In essence, blockchain's technology, while posing compliance challenges under Indonesia's PDP Law, also offers distinct advantages in data protection:

  • Its cryptographic security and decentralised design significantly reduce risks of unauthorised access and data breaches, particularly in sectors such as finance and healthcare.
  • Unlike centralised systems prone to single points of failure, blockchain distributes data across multiple nodes, enhancing resilience against cyber threats.
  • Its immutable and time-stamped ledger ensures transparent, verifiable audit trails without compromising personal data integrity. This aligns with regulatory accountability requirements, allowing businesses to demonstrate compliance while maintaining robust security standards.

6 Cybersecurity

6.1 What specific challenges or concerns does blockchain present from a cybersecurity perspective?

The implementation of blockchain technology in Indonesia faces significant cybersecurity risks, particularly with the increasing adoption of crypto exchanges and decentralised platforms. One notable case is the alleged security incident involving one of the largest crypto exchange in Indonesia. While specific details of the incident remain debated, it has raised concerns regarding the security of user assets. Similar to global trends, these attacks often target hot wallets, which store private keys online and serve as key weak points between blockchain networks and real-world applications. Once compromised, hackers can siphon funds, leaving users with little recourse.

Beyond exchange security incidents, smart contract vulnerabilities also pose a critical risk. Poorly coded smart contracts have been exploited globally and Indonesia is not immune. With the rise of local blockchain-based applications, developers must recognise that a single overlooked flaw can be catastrophic, allowing attackers to steal funds or manipulate transaction outcomes. The lack of standardised security audits for smart contracts in Indonesia exacerbates this issue, emphasising the need for developers to implement rigorous testing and verification before deployment.

Scalability and energy consumption remain significant concerns. Blockchain networks require substantial computational resources to maintain security, which may not be feasible for smaller-scale applications in Indonesia. This is particularly relevant for financial services and government-led blockchain initiatives, where ensuring both security and operational efficiency is crucial.

6.2 What potential advantages can blockchain offer in the cybersecurity context?

Blockchain enhances cybersecurity in several ways, but it is not a catch-all solution for every risk. Its decentralised structure eliminates single points of failure, making it harder for attackers to compromise a system. Cryptographic hashing ensures data integrity, while consensus mechanisms prevent unauthorised modifications. These features make blockchain particularly useful in:

  • securing transactions;
  • protecting digital identities; and
  • reducing fraud.

However, while it strengthens security in many areas, businesses must still implement broader cybersecurity measures – blockchain alone is not a silver bullet.

6.3 What tools and measures could be implemented to mitigate cybersecurity risk?

Mitigating cybersecurity risks in blockchain demands a proactive and multi-faceted strategy:

  • Building secure code from the ground up: Many vulnerabilities stem from flaws in smart contract development and weak consensus mechanisms. Developers must adopt best practices such as modular programming, thorough code audits and formal verification before deployment. Regular security assessments and contract upgradability can also help reduce exposure to emerging threats.
  • Strengthening user awareness (humanware): Even the most secure system can be compromised if users fall victim to phishing or mismanage their keys. Many breaches are due not to flaws in blockchain itself but rather poor security practices. Educating users on safe key storage, enabling two-factor authentication and recognising social engineering attacks are just as critical as implementing technical defences. In Indonesia, where blockchain adoption is growing, promoting cybersecurity awareness should be a shared responsibility across the industry.
  • Securing private keys and wallets: Private keys remain a primary attack vector, particularly in cases involving compromised hot wallets. Crypto exchanges and custodial services must adopt stringent security measures, including:
    • multi-signature authentication;
    • hardware security modules; and
    • withdrawal allowlists.
  • For added protection, significant asset holdings should be stored in offline cold wallets to minimise exposure to online threats.

7 Intellectual property

7.1 What specific challenges or concerns does blockchain present from an IP perspective?

Determining IP ownership in blockchain applications can be complex, especially when multiple parties contribute to the development. In Indonesia, copyright protection applies to blockchain software, specifically its source code, as software is classified as a literary work. Many public blockchain platforms, such as Bitcoin and Ethereum, operate under open-source licences, allowing broad use and modification. This creates challenges when asserting IP rights, as developers leveraging open-source blockchain technology may face restrictions or obligations based on the specific licensing terms.

In other cases, such as non-fungible tokens (NFTs), misconceptions about ownership rights are common – holding an NFT does not automatically grant copyright over the underlying asset unless explicitly stated in the licensing terms. Additionally, developers must consider that blockchain projects often require open access to source code for network compatibility, making proprietary protections more difficult to enforce. As the industry evolves, businesses adopting blockchain in Indonesia must:

  • carefully structure licensing agreements; and
  • ensure clear delineation of IP rights to mitigate disputes.

7.2 What type of IP protection can blockchain developers obtain?

Blockchain developers can seek different types of IP protection depending on what they create.

Copyright applies to the source code of blockchain software, as it is considered a literary work under Indonesian IP law. If a developer writes original code for a blockchain protocol or smart contract, it automatically holds copyright over it, though formal registration can strengthen enforcement.

On the other hand, patents may be available for blockchain-based innovations that demonstrate a novel and non-obvious technical process – although obtaining one is challenging due to the technology's decentralised and open-source nature.

7.3 What are the best open-source platforms that could be used to protect developers' innovations?

We believe that there is no universally recognised open-source platform specifically designed to protect developers' innovations. The most suitable option depends on:

  • the type of protection sought; and
  • the nature of the innovation itself.

7.4 What potential advantages can blockchain offer in the IP context?

Within the realm of intellectual property, blockchain technology presents a significant advantage through the establishment of robust, verifiable and immutable records. Conventional IP protection methodologies, which often depend on centralised registration systems and manual enforcement procedures, are susceptible to inefficiencies and contested claims. In contrast, blockchain provides a decentralised architecture that improves both transparency and security in the administration of IP rights.

Specifically, blockchain fortifies IP protection by:

  • generating unalterable ownership records; and
  • facilitating transparent licensing frameworks.

The technology permits the creation of timestamped proof of authorship, thereby aiding developers in establishing precedence in copyright disputes. Furthermore, smart contracts can automate licensing protocols, ensuring the equitable distribution of royalties without the need for intermediaries. In the context of trademarks:

  • blockchain offers a mechanism for tracking authenticity and identifying counterfeit goods; and
  • NFTs introduce novel approaches to tokenise and monetise digital assets.

8 Trends and predictions

8.1 How do you think the regulatory landscape in your jurisdiction will evolve in the blockchain space over the next two years? Are any pending changes currently being considered?

Indonesia's regulatory landscape for blockchain is expected to evolve with clearer legal frameworks and stricter enforcement, particularly in financial services and digital assets. The transition of oversight for crypto assets from Bappebti, where they were previously classified as commodities, to the Financial Services Authority (OJK), now reclassifies them as digital financial assets. This change heralds forthcoming regulations designed to align crypto-related businesses with the established standards and practices of traditional financial institutions.

Anti-money laundering and know-your-customer requirements are also expected to become more stringent. Under OJK oversight, they may face stricter compliance measures – including enhanced customer verification, transaction monitoring and reporting obligations – to prevent illicit activities.

Additionally, Bank Indonesia's planned rollout of a central bank digital currency (CBDC), the digital rupiah, will likely drive regulatory improvements in payment systems and digital asset integration. The introduction of a CBDC could lead to clearer guidelines on:

  • stablecoins;
  • cross-border transactions; and
  • interoperability between blockchain-based financial services and traditional banking.

Stronger cybersecurity measures and consumer protections are also expected as digital payments become more blockchain-integrated.

One major area that remains unregulated is initial coin offerings (ICOs) and security token offerings (STOs). Currently, there is no clear framework addressing these fundraising mechanisms, creating legal uncertainty for businesses and investors. In the next two years, Indonesia will likely introduce specific regulations for ICOs and STOs – potentially treating STOs as securities under the OJK's supervision. This would provide greater investor protection and align Indonesia's approach with global regulatory trends.

Beyond crypto, blockchain applications in supply chain management, digital identity and smart contracts may see regulatory sandbox initiatives rather than immediate restrictive measures. However, Indonesia's PDP Law raises concerns over blockchain's handling of personal data, particularly its immutability and cross-border data transfers. Regulators may issue sector-specific guidelines to ensure compliance while balancing innovation.

Overall, businesses should stay ahead by anticipating Indonesia's regulatory shift toward global standards:

  • ensuring compliance;
  • boosting investor confidence; and
  • securing long-term growth in the evolving blockchain landscape.

8.2 What regulatory changes would you like your jurisdiction to implement to further advance the blockchain industry?

Greater regulatory clarity, as it is essential for accelerating blockchain adoption in Indonesia. Clear guidelines on how blockchain is regulated would give businesses a structured framework within which to operate while ensuring strong protections for both consumers and investors.

From our perspective, it would be highly beneficial to see clearer regulations on:

  • ICOs;
  • STOs; and
  • the tokenisation of real-world assets.

Thus, a harmonised regulatory approach across different agencies would help to create a more cohesive and supportive environment for blockchain innovation.

8.3 What is the largest impediment within your jurisdiction to the adoption of blockchain technology?

Like many emerging markets, Indonesia faces certain challenges in its blockchain adoption journey. One of the primary areas is the need for greater regulatory clarity. As blockchain technology evolves rapidly, particularly with innovations such as decentralised finance, the existing legal framework is still catching up. This presents a degree of uncertainty for businesses looking to invest in and implement blockchain solutions.

Beyond regulation, digital literacy and the availability of skilled blockchain talent are also areas that require attention. Building a robust blockchain ecosystem requires a workforce with the necessary expertise. This is where we see significant opportunities for collaboration between the private and public sectors, through training programmes and educational initiatives. Infrastructure development also plays a crucial role and Indonesia is making steady progress in expanding internet connectivity across the country.

Security and trust are paramount. As with any new technology, there are concerns about cybersecurity and potential scams. However, these challenges provide an opportunity to implement global best practices and develop robust security solutions tailored to the Indonesian market.

Overall, Indonesia is a dynamic market with strong potential for blockchain adoption. While regulatory gaps and other challenges exist, the government and private sector are committed to addressing them.

9 Tips and traps

9.1 What are your top tips for effective use of blockchain technologies in your jurisdiction and what potential sticking points would you highlight?

Successful blockchain adoption in Indonesia depends on:

  • strategic execution;
  • regulatory awareness; and
  • a clear value proposition.

With the right approach – staying ahead of regulations, critically assessing blockchain's real benefits and learning from past industry missteps – businesses can unlock blockchain's full potential. As Indonesia's regulatory framework evolves, those that navigate it wisely will be well positioned to capitalise on emerging opportunities in this dynamic market.

In addition, starting small is key: rather than overhauling entire systems, businesses should first test blockchain solutions in controlled environments to measure efficiency and scalability. Equally important is ensuring blockchain is the right fit: not every problem requires decentralisation and businesses should adopt the technology only where it provides clear advantages over traditional systems. Those that take a measured, strategic approach will not only mitigate risks but also gain a competitive edge in Indonesia's growing digital economy.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Alwin Widyanto Hartanto
Alwin Widyanto Hartanto
Photo of Bagus SD Nur Buwono
Bagus SD Nur Buwono
Photo of Jeany Tabita
Jeany Tabita
Photo of Maria Bunga Narendra
Maria Bunga Narendra
Photo of Tri Prasetyo Dharma Yoga
Tri Prasetyo Dharma Yoga
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More