Legal Protection for Financial Technology Peer to Peer Lending Customers in Indonesia

Research in this article was funded By Research And Community Service Directorate ( Direktorat Riset Dan Pengabdian Masyarakat ), Deputy For Research and Development Reinforcement , Ministry Of Research And Technology /National Reseacrh And Inovation Agency, Republic Of Indonesia, Fiscal Year of 2020. Abstract A financial institution that provides technology-based money lending services or financial technology peer to peer lending (fintech P2P lending) is expected to be a solution for people in Indonesia who are unable to access conventional banking services. However, in line with the developments, there are also a presence of legal problems relating to the growing number of illegal fintech P2P lending companies which are harmful to the people who use these financial institutions. This article is the result of research related to the legal protection of Fintech P2P Lending customers in Indonesia. This study applied the normative legal research method with the theory of legal protection as the analysis theory. The approaches used were the statute approach and the conceptual approach. The result of the study showed that legal protection for fintech P2P lending customers has been sufficiently regulated, but the regulation is still partial and spread out in various laws and regulations. In the future, comprehensive regulations related to the legal protection of fintech P2P lending customers are urgently needed. Keywords : legal protection, consumers protection, fintech P2P lending. DOI: 10.7176/JLPG/102-08 Publication date: October 31 st 2020


Introduction
The development of information technology in recent years has encouraged the increase of digital-based industries.The financial services industry that is massively developing is Fintech Peer to Peer Lending (fintech P2P lending).Based on statistical data from the Financial Services Authority on February 1, 2019, there were 99 companies officially registered.But on the other hand, there were also quite a lot of fintech P2P lending companies that operate illegally.FSA has made various efforts through the Investment Alert Task Force in solving this problem, one of which was stopping 803 fintech P2P lending entities from operating.However, the practice of illegal fintech P2P lending is still rampant in almost all parts of Indonesia.This is clearly very detrimental to people.Their lack of knowledge regarding fintech P2P lending put them at a disadvantage position.
There are several reports related to fintech P2P lending, including from the Indonesian Surabaya Legal Aid Institute which has reported 408 illegal fintech P2P lending companies.Most of the reported fintech P2P lending institutions are not registered in the FSA.Data from the Jakarta Legal Aid Institute has received 1,330 complaints about digital-based financial services.Of the total 89 providers reported, 25 of them are companies registered in the FSA. 1 Based on the investigation, there are 3 (three) problematic things in fintech P2P lending operated in the community.First, the amount of interest and administrative costs are determined unilaterally and high so that the victims find it difficult to pay the interest on the loan. 2 Second, there is no mediator between fintech P2P lending companies and customers, making it difficult for customers to negotiate.Third, the method of debt collecting by fintech P2P Lending companies tends to be intimidating, such as making threats even before the due time and spreading personal data that can be categorized as defamation. 3rom the description above, it can be seen that there is still weak protection for customers in the fintech P2P Lending industry.For this reason, this article will study the legal protection arrangements for fintech P2P Lending customers in Indonesia.To analyze these issues, the concept of legal protection and legal protection for fintech P2P lending customers will be studied.

Overview of the Concept of Legal Protection
Legal protection for citizens arises from basic rights in regard of freedom, the right to life, and the right to be protected.To protect the rights of every citizen, the legal protection for citizens is given through a social contract.The conception of legal protection for people in western countries is based on the concept of Rechstaat or Rule of The Law.From a criminal perspective, legal protection is all efforts to fulfill rights and provide a sense of security to witnesses and/or victims, legal protection of crime victims as part of community protection can be realized in various forms such as restitution, compensation, medical services, and legal assistance.1This definition is inseparable from the function of law, which is to protect the interests of the community from threats.
In contrast to the criminal perspective, from the perspective of state administration, Muchsin argued that legal protection protects legal subjects through applicable laws and regulations and enforces its implementation with a sanction.2Legal protection can also be interpreted as an action or effort to protect the community from arbitrary actions by a ruler to create order and tranquility so as to enable the people to enjoy their dignity as humans. 3n its development process, forms of legal protection have developed towards more specific ones, one of which is legal protection for consumers.Legal protection for consumers aims to provide protection for consumers both in the fields of private law and in the field of public law so that there is no arbitrary action in the interests of consumers.In addition, consumer protection law can also be interpreted as a whole legal regulation that regulates the rights and obligations of consumers and producers that arise in their efforts to meet their needs.They can include: information, choosing prices, or the consequences arising from the use of those needs, for example, to get compensation for losses.Meanwhile, producers have obligations relating to the production, storage, distribution and trade of products, as well as the consequences of using the product. 4ormatively, the concept of consumer legal protection is regulated in Article 1 paragraph 1 of Law Number 8 of 1999 on Consumer Protection which determines "... consumer protection is any effort that ensures legal certainty to provide protection to consumers".From the provisions of this article, it can be seen that consumer protection aims to provide legal certainty and balance between producers and consumers so as to create a healthy and dynamic economy.Besides being expected to provide legal certainty and balance between producers and consumers, consumer protection is essential because it is related to efforts to improve the welfare of society in relation to the growing development of trade transactions in modern times. 5f we explore the basic concept of legal protection, it can be seen from the point of view of Philipus M. Hadjon, who said that legal protection is the protection of dignity, as well as recognition of human rights owned by legal subjects based on legal provisions from arbitrariness or as a collection of regulations or rules that will protect one thing from another. 6From his viewpoint, Philipus M. Hadjon then divided the theory of legal protection into 2 (two) types as "... preventive legal protection aims to prevent disputes, whereas repressive legal protection aims to settle disputes."7From Philipus M. Hadjon's view, it is very clear that preventive legal protection is an acknowledgment of the human rights possessed by legal subjects that are regulated in legal provisions or statutory regulations.This means that preventive legal protection can only be carried out if it is determined in certain laws and regulations relating to legal subjects and certain objects.Meanwhile, repressive legal protection is an arrangement on dispute resolution mechanisms for certain fields.

Legal Protection for Customers of the Fintech P2P Lending Industry
Legal protection for fintech users is a major issue in the development of the fintech business which is regulated and supervised by the FSA.Normatively, the regulations regarding fintech P2P lending are regulated in POJK No.The Code of Conduct for Responsible Lending was launched after it was signed by more than 43 fintech business actors who are the members of Aftech.The existence of a code of conduct regarding fintech P2P lending at time confirms the commitment of business actors in implementing standard business practices that are responsible for protecting customers. 2The code of conduct contains principles and processes that are mutually and voluntarily agreed upon by Aftech member companies in providing information technology-based lending and borrowing services to consumers in Indonesia.. 3 In the fintech P2P lending code of ethics there are four aspects of consumer protection that must be considered, which include: completeness of information and transparency of products or services, models for complaints handling and disputes settlement, fraud prevention and service system reliability, and also protection of personal data (cybersecurity). 4

Completeness of information and transparency of products or services
Fintech P2P Lending organizers are required to provide complete, up-to-date, and transparent information related to products or services offered to consumers.The information includes transparent and detailed loan interest rates shown to prospective borrowers before agreeing to sign a loan agreement.This is to avoid misunderstanding regarding the terms, conditions of the product, benefits, costs, and risks, and overdue fine after the agreement signed.
The organizers must ensure that the information provided is transparent for the consumers to give them a chance to choose products well and avoid the harmful risks, such as misleading advertisements and fraud.The aspects of completeness and transparency of information on fintech in Indonesia must include: 1. fees and obligations that will be imposed on consumers; 2. transparent terms and conditions of products/services use; 3. notifying the consumers of changes in costs, terms and conditions, or product information. 5his method is able to prompt consumers to accept debt responsibly and to minimize the risk of fraud and unethical practices.Transparency also means an information disclosure by the organizers, therefore, the business actors are also required to include their address, email, and telephone number for customer complaints. 6

Handling complaints and resolving consumer disputes
Disputes and complaints from consumers are the ones of the many problems that fintech actors will definitely face, so the aspects of handling complaints and resolving disputes are a necessity.For this reason, service providers must have mechanisms for receiving complaints and resolving disputes.A fintech service provider should at least: 1. Providing a line or channel for complaints that is easily accessed by consumers, such as telephone, e-mail, instant messaging, and mail; 2. Has a unit and standard procedure in handling consumer complaints.The procedure must take into account the consumer protection arrangements that set in the relevant FSA regulation and must be shared to consumers; 3. Provide and inform consumers if there is an alternative dispute settlement mechanism that can be used if the internal settlement does not result in an agreement. 7urrently, FSA still does not require all registered fintech P2P Lending actors to integrate and connect the complaint system.With this integrated system, it will be easier for FSA to monitor public complaints regarding fintech automatically thus also monitor the performance of the registered companies.So far, the complains handling is forwarded directly to the FSA fintech lending supervisor.As for complaints on illegal fintech, they have been forwarded directly to the Investment Alert Task Force before passed on to Kominfo to block the application. 8he complaints handling in fintech is currently not as good as the complaints handling in the established institutions such as banking, insurance, and also financial institutions.However, FSA is currently preparing the establishment of an Alternative Dispute Resolution Agency (LAPS) specifically made for fintech.This agency will later function as the existing LAPS for other financial service industries, such as banking, insurance, and financial institutions.1 2.2.3.Fraud prevention and service system reliability Prevention of fraud in fintech is an important action that regulators must pay attention to especially in the growing diversity of fintech products/servicees offered.Fraud attempts at fintech can take the form of misuse of service sites (phishing), security systems hacking, and deceptive marketing of products/services.With so many fintech services using media such as networking sites and applications in promoting and marketing their products/services, the vulnerability to fraud will also increase.2There are at least two fraudulent practices that become priorities and often occur, shadow banking and Ponzi schemes. 3Shadow banking is a non-bank financial institution that acts as a bank, that is, it receives funds from the public and distributes it to the public, but does not have a banking license such as insurance companies with mutual fund products, finance companies that carry out refinancing and private equity with fund management contracts. 4he existence of a shadow banking institution in managing and channeling funds to the public like in conventional banking is not illegal.However, this can trigger a negative gap in shadow banking, for example, the fintech institution can borrow money from the banks and then lend it to borrowers at very high-interest rates.Meanwhile, a Ponzi Scheme is a fake investment mode that pays out profits to investors from their own money or money paid by the next investor.Ponzi schemes usually entice new investors with much higher returns than other investments in the short term.5

Protection of personal data (cybersecurity)
Protecting personal data is one of the important aspects that fintech P2P lending companies must pay attention to.Given the misuse of personal data (consumers) can have negative impacts like identity theft, the uses and abuses of customer profiling, product offers to consumers whose data is stolen.These can result in greater risks and losses such as public distrust to fintech services. 6ecurity and maintenance of consumer personal data must be carried out properly because the digital data is relatively easy to be stolen.However, it should also be noted that personal data can be misused by internal parties.For that, related to the protection of personal data, it can be done with a focus on the following matters: 1. Fintech service actors are required to encrypt (secure) consumer data; 2. Fintech service actors are required to maintain the security of consumer data; 3. Fintech actors are required to perform data access management; 4. Consumers have the right to ask for explanations from the fintech service actors regarding the use of information and data they have provided. 7he definition of personal data protection is regulated in Article 1 number 1 Permenkominfo Number 20 of 2016 on Protection of Personal Data in Electronic Systems ("Permenkominfo No. 20/2016").Personal data is defined as "certain personal data that is stored, maintained and kept accurate and is protected on its confidentiality".From this definition, it can be explained that personal data is certain individual data in the form of identity, code, symbols, letters, or numbers that identifies a person's personal identity which is guarded and confidential. 8f the fintech organizers violate and disseminate consumer personal data, they will receive administrative sanctions as regulated in Article 36 Paragraph 1 which states that "any person who unlawfully obtains, collects, processes, analyse, deposits, displays, announces, transmits, and/or disseminates personal data is subject to administrative sanctions in the form of: to 4 (four) years or a maximum fine of IDR 750,000,000.00.Furthermore, in Article 45 Paragraph 4 it is stipulated that "anyone who intentionally and without right distributes electronic information or electronic documents with intention of extortion or threats will be subject to criminal sanctions with imprisonment of up to 6 (six) years or a maximum fine of Rp1.000,000,000.00(one billion rupiah)".

Conclusion
Basically, legal protection is a form of protection of dignity, as well as recognition of human rights of legal subjects based on legal provisions.Theoretically, legal protection can be divided into two, preventive legal protection that aims to prevent disputes, and repressive legal protection that aims to settle disputes.So far, preventive and repressive legal protections for fintech P2P lending customers in Indonesia have been sufficiently regulated, however, the regulations are still partial and spread out in various laws and regulations.In the future, comprehensive regulations related to the legal protection of fintech P2P lending customers are needed.The regulation can refer to the Code of Conduct for Responsible Lending which includes standards for completeness of information and transparency of products or services, models for complaints handling and disputes settlement, fraud prevention and service system reliability, and also protection of personal data (cybersecurity).
77/POJK.01/2016 on Information Technology-Based Lending and Borrowing Services (POJK No. 77/POJK.01/2016).However, POJK No. 77/POJK.01/2016,still have not regulated in detail the legal protection for customers of fintech P2P lending, such as the regulating interest setting and collection methods for fintech P2P lending customers.The provisions on customer protection are regulated in relatively general terms, which is in the financial services sector as stipulated in POJK No.1/POJK.07/2013on Consumer Protection in the Financial Services Sector.But POJK No.1/POJK.07/2013does not specifically regulate interest setting and collection methods for fintech P2P lending customers.Although the Financial Services Authority as the authority that manages the financial services sector including the fintech P2P lending industry has not yet established regulations regarding legal protection for fintech P2P lending customers, the Indonesian Fintech Association (Aftech) has officially launched the Information Technology-Based Lending and Borrowing Service (Layanan Pinjam Meminjam Uang Berbasis Teknologi Informasi/LPMUBTI) Code of Conduct that oversees Code of Conduct for Responsible Lending in order to protect consumers.The regulations regarding this matter have been agreed upon and regulated by the members of Aftech and have officially registered in the FSA. 1 a. verbal warning; b. verbal warning; c. temporary suspension of activities; and/or d. announcement of its name on sites within the network (websites)."Unlike the provisions in Permenkominfo No. 20 of 2016 which implements administrative sanctions.any acts of a person who intentionally and without right distributes electronic information and commit defamation are categorized as a crime in Law Number 19 of 2016 as the Amendments to Law Number 11 of 2018 on Electronic Information and Transactions.Article 45 Paragraph 3 has regulated criminal sanctions for anyone who intentionally and without right distributes electronic information or commit defamation with imprisonment of up