27 Credit Card Issuers Required to Report, DJP Ensures Data Security

Jakarta (ANTARA) - The Director General of Taxes, Bimo Wijayanto, assured the confidentiality of credit card customer data at 27 banks/institutions mandated to report transactions to the Directorate General of Taxes (DJP) of the Ministry of Finance. Bimo explained to reporters at the DJP’s Central Office in Jakarta, on Thursday, that the management of tax data complies with the provisions of Article 34 of the General Tax Provisions and Procedures Law (KUP), which governs taxpayer confidentiality. ‘It is certainly in line with Article 34 relating to taxpayer confidentiality. That has indeed become our core principle and is embedded in our system,’ he said. To ensure these provisions are fulfilled, the DJP undertakes a management review of data confidentiality by several related bodies. One of them is the Ministry of Communications and Digital Affairs (Komdigi) which reviews personal data protection. In addition, the DJP coordinates with the National Cyber and Encryption Agency (BSSN) to test the sovereignty and security of data and systems, as well as with other independent bodies that have the capacity to test cybersecurity. ‘So, we guarantee sovereignty and security,’ Bimo said. Finance Minister Purbaya Yudhi Sadewa signed Financial Minister Regulation (PMK) Number 8 of 2026 which regulates updates to the types and submission of data and information related to taxation. One of the changes relates to agencies required to report tax data to the DJP. ‘Government agencies, institutions, associations, and other parties are obliged to provide data and information related to taxation to the DJP,’ reads Article 1 paragraph (1) of PMK 8 of 2026. The PMK 8 of 2026 annex sets 27 banks or card-issuing institutions as parties mandated to provide data on merchant receipts from credit card transactions, both from the issuer side and the acquirer side. The data concerned include the identity of the bank or institution, the name and identity of the merchant, the year of settlement of the transaction, the total settled transactions, and the total of cancelled transactions. Submissions will be annual, with the first report due no later than March 2027. The list of 27 banks/institutions is as follows: - PT Bank Central Asia Tbk - PT Bank Negara Indonesia (Persero) Tbk - PT Bank Mandiri (Persero) Tbk - PT Bank OCBC NISP Tbk - PT Bank Syariah Indonesia Tbk - PT Bank Rakyat Indonesia (Persero) Tbk - PT Bank Permata Tbk - PT Bank Danamon Indonesia Tbk - PT Bank Tabungan Negara (Persero) Tbk - PT Bank HSBC Indonesia - PT Bank Maybank Indonesia Tbk - PT Bank CIMB Niaga Tbk - PT Bank UOB Indonesia - PT Bank DBS Indonesia - PT Bank Mega Tbk - PT Bank Mega Syariah - PT Bank MNC International Tbk - PT Bank Panin Tbk - PT Bank KB Indonesia Tbk - PT Bank Mayapada International Tbk - PT Bank Sinarmas Tbk - PT Bank ICBC Indonesia - PT AEON Credit Services - PT Honest Financial Technologies - PT Shinhan Indo Finance - PT Bank SMBC Indonesia Tbk - PT Bank QNB Indonesia Tbk