Tax Chief Ensures Public Data Is Protected, After Purbaya Orders 23 Banks to Report Credit Card Transactions to the DJP

JAKARTA — The Directorate General of Taxes (DJP) has assured that taxpayers’ data remain secure even as it receives a range of financial transaction data, including credit card transactions.

Director General of Taxes Bimo Wijayanto said the data management system has undergone testing by several state bodies. Data protection is a core principle of the tax administration.

‘We have completed a review of personal data protection with Komdigi, and likewise with BSSN to assess data sovereignty and the security of our data and systems,’ Bimo said at a media briefing at his office on Thursday, 5 March 2026.

Bimo emphasised that the principle is embedded in DJP’s technology development. The system has also undergone security testing or penetration testing by independent bodies.

Several agencies were involved in the testing, including Badan Siber dan Sandi Negara (BSSN), Badan Intelijen Negara (BIN), and the Strategic Intelligence Agency.

The statements came after the issuance of Ministry of Finance Regulation Number 8 of 2026. The regulation, signed by Finance Minister Purbaya Yudhi Sadewa, obliges government agencies, institutions, associations, and other parties to submit tax data to the DJP.

‘Government agencies, institutes, associations, and other parties must provide data and information related to taxation to the Directorate General of Taxes,’ reads Article 1 of PMK 8/2026 quoted on Wednesday (4 March 2026).

As many as 23 banks are required to submit reports. The list includes PT Bank Central Asia Tbk, PT Bank Negara Indonesia Persero Tbk, PT Bank Mandiri Persero Tbk, PT Bank OCBC NISP Tbk, PT Bank Syariah Indonesia Tbk, and PT Bank Rakyat Indonesia Persero Tbk.