Asia Pacific | Financial services

OJK Circular 21 of 2017 (SEOJK 21)

The Otoritas Jasa Keuangan ("OJK") is responsible for the inspection and supervision of activities in the banking, capital markets and financial services sectors in Indonesia. The OJK seeks to protect the interests of consumers, and promote prosperity and competition in the financial services industry.

OJK Circular No. 21 of 2017, The Application of Risk Management in the Use of Information Technology by Commercial Banks ("SEOJK 21"), supplements the requirements in POJK 38 and provides guidance on how commercial banks can implement risk management effectively when outsourcing their information technology activities. SEOJK 21 provides specific guidance on the contents of the outsourcing agreement, due diligence, risk mitigation and the use of services outside of Indonesia.

Google Cloud's contracts for financial institutions in Indonesia address the requirements in SEOJK 21. We have also created mappings to the guidelines for both GCP and Google Workspace to assist you with understanding how we can support you with meeting the requirements and assess us as an outsourced service provider. Google Cloud is committed to addressing these requirements regardless of how financial institutions choose to use our services.

ISO/IEC 27001

Learn more

ISO/IEC 27017

Learn more


Learn more