Financial institutions have been urged to gear up to anticipate future digital hazards as a recent technical glitch shakes the industry.

Over the weekend, an error in state-owned lender Bank Mandiri’s system puzzled customers as they found out the balance of their bank accounts had shrunk or mysteriously multiplied. The bank later apologized and explained that data relocation during system maintenance at the time had caused the data glitch.

However, a recent Mandiri report showed that at least 2,560 transactions were made through mobile and internet banking every minute as of June, meaning that any momentary slipup could affect thousands of customers.

The Financial Services Authority (OJK) has demanded that Bank Mandiri immediately report to the authority and outline what really happened in its system as well as its efforts to mitigate the problem to ensure that such an incident would never happen again.

“Banks have to have and apply good operational standards if there is a system problem, by prioritizing the protection of customer rights,” said the OJK in a press statement on Sunday.

It also called on the banking industry to continuously review its IT systems to ensure that banks are prudent when taking management risks. “The banking Industry should pay attention to what happened [in Bank Mandiri] as it is important,” the OJK added.

Communication and Information System Security Research Center (CISSReC) chairman Pratama Persada explained that it was critical for an institution to pretest its system maintenance updates before publicly implementing the changes to avoid losing consumer trust.

“This is because repeated [system failures] would not only cause distrust toward one bank, but also endanger [the credibility] of the whole banking industry,” Pratama said in the case of Mandiri.

However, the challenges faced by the financial industry are more than just technical glitches.

State-owned lender Bank Rakyat Indonesia (BRI) had its fair share of digital attacks last year, as dozens of customers in its branch in Kediri, East Java, lost their money due to skimming practices. Both private lender Bank Central Indonesia (BCA) and state-owned Bank Negara Indonesia (BNI) had also experienced similar fraud at their branches in the past.

BNI information technology and operations director Dadang Setiabudi told The Jakarta Post that his team had striven to strengthen its data centers and develop robust cybersecurity systems to prevent fraudsters from accessing its data.

BCA director Santoso Liem previously told Kontan the bank had devoted a team to “constantly” evaluating recent developments in bank fraud.

Initiatives to brace for digital hazards have been stipulated in a 2018 OJK regulation on digital banking services, which requires institutions to have a risk management plan, alongside other requirements, in order to have the agency’s approval for providing e-facilities.

The OJK previously cited that the increase in the number of digital banking services had pushed the agency to regulate such practices. In August last year, OJK data indicated that at least 80 out of 114 banks in Indonesia had provided an e-channel for their customers.

Apart from the OJK’s regulation for banks, Indonesian Financial Technology Association (Aftech) public policy director Ajisatria Suleiman explained that numerous international standards that other financial institutions can follow are in place, including the Communications and Information Ministry’s various ISO standards on payment systems and their implementation.

“Technology will never be perfect. What’s important is for [financial institutions] to be held accountable for their mistakes and have a clear liability system afterward,” Ajisatria said.

Popular

Gerindra politician says bigger cabinet would benefit Indonesia

Asia shares rise on rate cut bets; RBA seen turning hawkish

PDI-P considering Anies, Ahok as Jakarta gubernatorial candidates